./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor503109811 <...> 5] +++ exited with 0 +++ [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5819] <... open resumed>) = 5 [pid 5819] ftruncate(5, 33587195 [pid 5065] close(4 [pid 5820] ioctl(4, LOOP_SET_FD, 3 [pid 5819] <... ftruncate resumed>) = 0 [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5815, si_uid=0, si_status=0, si_utime=0, si_stime=22 /* 0.22 s */} --- [pid 5065] <... close resumed>) = 0 [pid 5820] <... ioctl resumed>) = 0 [pid 5819] sendfile(4, 5, NULL, 281474978811909 [pid 5067] umount2("./61", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] rmdir("./60/file0" [pid 5820] close(3) = 0 [pid 5820] mkdir("./file0", 0777 [pid 5065] <... rmdir resumed>) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] getdents64(3, [pid 5067] openat(AT_FDCWD, "./61", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] <... openat resumed>) = 3 [pid 5065] close(3 [pid 5067] fstat(3, [pid 5065] <... close resumed>) = 0 [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] rmdir("./60" [pid 5067] getdents64(3, [pid 5065] <... rmdir resumed>) = 0 [pid 5820] <... mkdir resumed>) = 0 [pid 5067] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] mkdir("./61", 0777 [pid 5067] umount2("./61/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5820] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... mkdir resumed>) = 0 [pid 5821] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5067] lstat("./61/binderfs", [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5067] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] <... openat resumed>) = 3 [pid 5067] unlink("./61/binderfs") = 0 [pid 5065] ioctl(3, LOOP_CLR_FD [pid 5067] umount2("./61/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... ioctl resumed>) = -1 ENXIO (No such device or address) [ 193.186554][ T5820] loop2: detected capacity change from 0 to 4096 [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 5823 ./strace-static-x86_64: Process 5823 attached [pid 5823] chdir("./61") = 0 [pid 5823] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5823] setpgid(0, 0) = 0 [ 193.262148][ T5820] NILFS (loop2): invalid segment: Checksum error in segment payload [pid 5823] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5823] write(3, "1000", 4) = 4 [pid 5823] close(3) = 0 [pid 5823] symlink("/dev/binderfs", "./binderfs" [pid 5821] <... write resumed>) = 2097152 [pid 5823] <... symlink resumed>) = 0 [pid 5821] munmap(0x7fc0314e0000, 2097152 [pid 5823] memfd_create("syzkaller", 0) = 3 [pid 5821] <... munmap resumed>) = 0 [pid 5823] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5821] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5823] <... mmap resumed>) = 0x7fc0314e0000 [ 193.308600][ T5820] NILFS (loop2): trying rollback from an earlier position [pid 5821] <... openat resumed>) = 4 [pid 5821] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5821] close(3) = 0 [pid 5821] mkdir("./file0", 0777) = 0 [ 193.350848][ T5820] NILFS (loop2): recovery complete [ 193.368396][ T5821] loop5: detected capacity change from 0 to 4096 [pid 5821] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5823] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5820] <... mount resumed>) = 0 [pid 5820] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5820] chdir("./file0") = 0 [ 193.408589][ T5824] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5820] ioctl(4, LOOP_CLR_FD) = 0 [pid 5820] close(4) = 0 [pid 5067] <... umount2 resumed>) = 0 [pid 5067] umount2("./61/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5820] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5820] <... open resumed>) = 4 [pid 5820] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5820] ftruncate(5, 33587195 [pid 5067] lstat("./61/file0", [pid 5820] <... ftruncate resumed>) = 0 [pid 5820] sendfile(4, 5, NULL, 281474978811909 [pid 5067] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] umount2("./61/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./61/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./61/file0") = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./61") = 0 [pid 5067] mkdir("./62", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] close(3) = 0 [ 193.449388][ T5821] NILFS (loop5): invalid segment: Checksum error in segment payload [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 5825 ./strace-static-x86_64: Process 5825 attached [pid 5825] chdir("./62") = 0 [pid 5825] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5823] <... write resumed>) = 2097152 [pid 5825] setpgid(0, 0) = 0 [pid 5825] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5825] write(3, "1000", 4) = 4 [pid 5825] close(3) = 0 [pid 5825] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5823] munmap(0x7fc0314e0000, 2097152 [pid 5825] memfd_create("syzkaller", 0) = 3 [pid 5823] <... munmap resumed>) = 0 [pid 5825] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5823] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5825] <... mmap resumed>) = 0x7fc0314e0000 [ 193.514815][ T5821] NILFS (loop5): trying rollback from an earlier position [pid 5823] <... openat resumed>) = 4 [pid 5823] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5825] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5823] close(3) = 0 [pid 5823] mkdir("./file0", 0777) = 0 [ 193.590431][ T5823] loop1: detected capacity change from 0 to 4096 [ 193.610276][ T5821] NILFS (loop5): recovery complete [pid 5823] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5821] <... mount resumed>) = 0 [pid 5821] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5825] <... write resumed>) = 2097152 [pid 5821] <... openat resumed>) = 3 [pid 5825] munmap(0x7fc0314e0000, 2097152 [pid 5821] chdir("./file0") = 0 [pid 5821] ioctl(4, LOOP_CLR_FD) = 0 [pid 5821] close(4) = 0 [pid 5821] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5821] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5825] <... munmap resumed>) = 0 [pid 5821] <... open resumed>) = 5 [pid 5821] ftruncate(5, 33587195) = 0 [pid 5821] sendfile(4, 5, NULL, 281474978811909 [pid 5825] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [ 193.638839][ T5826] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 193.667552][ T5823] NILFS (loop1): invalid segment: Checksum error in segment payload [ 193.676483][ T5823] NILFS (loop1): trying rollback from an earlier position [pid 5825] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5816] <... sendfile resumed>) = 1048576 [pid 5816] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5825] close(3 [pid 5816] <... open resumed>) = -1 EFAULT (Bad address) [pid 5825] <... close resumed>) = 0 [pid 5816] exit_group(0) = ? [pid 5825] mkdir("./file0", 0777 [pid 5816] +++ exited with 0 +++ [pid 5825] <... mkdir resumed>) = 0 [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5816, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 5825] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [ 193.698363][ T5825] loop3: detected capacity change from 0 to 4096 [ 193.728234][ T5823] NILFS (loop1): recovery complete [pid 5068] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5823] <... mount resumed>) = 0 [pid 5068] umount2("./61", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5823] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5068] openat(AT_FDCWD, "./61", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] umount2("./61/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./61/binderfs", [pid 5823] <... openat resumed>) = 3 [pid 5068] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5823] chdir("./file0" [pid 5068] unlink("./61/binderfs" [pid 5823] <... chdir resumed>) = 0 [pid 5068] <... unlink resumed>) = 0 [pid 5823] ioctl(4, LOOP_CLR_FD [pid 5068] umount2("./61/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5823] <... ioctl resumed>) = 0 [pid 5823] close(4) = 0 [ 193.752707][ T5827] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 193.766241][ T5825] NILFS (loop3): invalid segment: Checksum error in segment payload [ 193.775764][ T5825] NILFS (loop3): trying rollback from an earlier position [pid 5823] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5823] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5823] ftruncate(5, 33587195) = 0 [ 193.827973][ T5825] NILFS (loop3): recovery complete [pid 5825] <... mount resumed>) = 0 [pid 5823] sendfile(4, 5, NULL, 281474978811909 [pid 5825] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5825] chdir("./file0") = 0 [pid 5825] ioctl(4, LOOP_CLR_FD) = 0 [pid 5825] close(4) = 0 [pid 5825] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [ 193.855821][ T5828] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5825] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5825] ftruncate(5, 33587195) = 0 [pid 5825] sendfile(4, 5, NULL, 281474978811909 [pid 5068] <... umount2 resumed>) = 0 [pid 5068] umount2("./61/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./61/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] umount2("./61/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./61/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5068] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5068] rmdir("./61/file0") = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5068] rmdir("./61") = 0 [pid 5068] mkdir("./62", 0777) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5068] close(3) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 5829 ./strace-static-x86_64: Process 5829 attached [pid 5829] chdir("./62") = 0 [pid 5829] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5829] setpgid(0, 0) = 0 [pid 5829] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5829] write(3, "1000", 4) = 4 [pid 5829] close(3) = 0 [pid 5829] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5829] memfd_create("syzkaller", 0) = 3 [pid 5829] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5829] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152 [pid 5829] munmap(0x7fc0314e0000, 2097152) = 0 [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5829] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5829] close(3) = 0 [pid 5829] mkdir("./file0", 0777) = 0 [ 194.247712][ T5829] loop4: detected capacity change from 0 to 4096 [pid 5829] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5819] <... sendfile resumed>) = 1048576 [pid 5819] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5819] exit_group(0) = ? [pid 5819] +++ exited with 0 +++ [ 194.335021][ T5829] NILFS (loop4): invalid segment: Checksum error in segment payload [ 194.369810][ T5829] NILFS (loop4): trying rollback from an earlier position [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5819, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=26 /* 0.26 s */} --- [ 194.385824][ T5829] NILFS (loop4): recovery complete [pid 5829] <... mount resumed>) = 0 [pid 5829] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5064] umount2("./61", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5829] chdir("./file0") = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] ioctl(4, LOOP_CLR_FD) = 0 [pid 5064] openat(AT_FDCWD, "./61", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] close(4 [pid 5064] <... openat resumed>) = 3 [pid 5829] <... close resumed>) = 0 [pid 5829] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5064] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5829] <... open resumed>) = 4 [pid 5064] getdents64(3, [pid 5829] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5064] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5829] <... open resumed>) = 5 [pid 5829] ftruncate(5, 33587195 [pid 5064] umount2("./61/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5829] <... ftruncate resumed>) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] sendfile(4, 5, NULL, 281474978811909 [pid 5064] lstat("./61/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [ 194.423832][ T5830] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5064] unlink("./61/binderfs") = 0 [pid 5064] umount2("./61/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5820] <... sendfile resumed>) = 1048576 [pid 5820] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5820] exit_group(0) = ? [pid 5820] +++ exited with 0 +++ [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5820, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=24 /* 0.24 s */} --- [pid 5066] umount2("./61", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./61", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5066] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] umount2("./61/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./61/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] unlink("./61/binderfs") = 0 [pid 5066] umount2("./61/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... umount2 resumed>) = 0 [pid 5064] umount2("./61/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./61/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] umount2("./61/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./61/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5064] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] close(4) = 0 [pid 5064] rmdir("./61/file0") = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] close(3) = 0 [pid 5064] rmdir("./61") = 0 [pid 5064] mkdir("./62", 0777) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5064] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5064] close(3) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5821] <... sendfile resumed>) = 1048576 [pid 5821] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5821] exit_group(0) = ? [pid 5821] +++ exited with 0 +++ [pid 5064] <... clone resumed>, child_tidptr=0x555556c965d0) = 5831 [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5821, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 5069] umount2("./62", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./62", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 ./strace-static-x86_64: Process 5831 attached [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5831] chdir("./62" [pid 5069] umount2("./62/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5831] <... chdir resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5831] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5069] lstat("./62/binderfs", [pid 5831] <... prctl resumed>) = 0 [pid 5069] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5831] setpgid(0, 0 [pid 5069] unlink("./62/binderfs" [pid 5831] <... setpgid resumed>) = 0 [pid 5069] <... unlink resumed>) = 0 [pid 5831] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5069] umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5831] <... openat resumed>) = 3 [pid 5831] write(3, "1000", 4) = 4 [pid 5831] close(3) = 0 [pid 5831] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5831] memfd_create("syzkaller", 0) = 3 [pid 5831] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5066] <... umount2 resumed>) = 0 [pid 5066] umount2("./61/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./61/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] umount2("./61/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5831] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5066] openat(AT_FDCWD, "./61/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 5066] rmdir("./61/file0") = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./61") = 0 [pid 5066] mkdir("./62", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5831] <... write resumed>) = 2097152 [pid 5066] <... openat resumed>) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5066] close(3) = 0 [pid 5831] munmap(0x7fc0314e0000, 2097152) = 0 [pid 5831] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5831] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5823] <... sendfile resumed>) = 1048576 [pid 5066] <... clone resumed>, child_tidptr=0x555556c965d0) = 5832 [pid 5823] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5831] close(3) = 0 [pid 5831] mkdir("./file0", 0777 [pid 5823] exit_group(0./strace-static-x86_64: Process 5832 attached [pid 5831] <... mkdir resumed>) = 0 [pid 5823] <... exit_group resumed>) = ? [pid 5069] <... umount2 resumed>) = 0 [pid 5832] chdir("./62" [pid 5825] <... sendfile resumed>) = 1048576 [pid 5823] +++ exited with 0 +++ [pid 5832] <... chdir resumed>) = 0 [pid 5831] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5825] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5832] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5825] <... open resumed>) = -1 EFAULT (Bad address) [pid 5832] <... prctl resumed>) = 0 [pid 5069] umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5825] exit_group(0 [pid 5832] setpgid(0, 0 [pid 5825] <... exit_group resumed>) = ? [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5823, si_uid=0, si_status=0, si_utime=0, si_stime=24 /* 0.24 s */} --- [pid 5832] <... setpgid resumed>) = 0 [pid 5069] lstat("./62/file0", [pid 5832] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5825] +++ exited with 0 +++ [pid 5069] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./61", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5832] write(3, "1000", 4 [pid 5069] umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5832] <... write resumed>) = 4 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5825, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} --- [pid 5065] openat(AT_FDCWD, "./61", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5832] close(3 [pid 5069] openat(AT_FDCWD, "./62/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5067] umount2("./62", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5832] <... close resumed>) = 0 [pid 5069] <... openat resumed>) = 4 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... openat resumed>) = 3 [pid 5832] symlink("/dev/binderfs", "./binderfs" [pid 5069] fstat(4, [pid 5067] openat(AT_FDCWD, "./62", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5832] <... symlink resumed>) = 0 [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] <... openat resumed>) = 3 [pid 5065] fstat(3, [pid 5832] memfd_create("syzkaller", 0 [pid 5069] getdents64(4, [pid 5067] fstat(3, [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5832] <... memfd_create resumed>) = 3 [ 195.040968][ T5831] loop0: detected capacity change from 0 to 4096 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, [pid 5832] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5069] getdents64(4, [pid 5067] getdents64(3, [pid 5832] <... mmap resumed>) = 0x7fc0314e0000 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] close(4 [pid 5067] umount2("./62/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] umount2("./61/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... close resumed>) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] rmdir("./62/file0" [pid 5067] lstat("./62/binderfs", [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... rmdir resumed>) = 0 [pid 5067] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] lstat("./61/binderfs", [pid 5069] getdents64(3, [pid 5067] unlink("./62/binderfs" [pid 5069] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] <... unlink resumed>) = 0 [pid 5065] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] close(3 [pid 5067] umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... close resumed>) = 0 [pid 5069] rmdir("./62") = 0 [pid 5069] mkdir("./63", 0777) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5069] close(3) = 0 [pid 5065] unlink("./61/binderfs" [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5065] <... unlink resumed>) = 0 [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 5833 [pid 5065] umount2("./61/file0", MNT_DETACH|UMOUNT_NOFOLLOW [ 195.127753][ T5831] NILFS (loop0): invalid segment: Checksum error in segment payload [ 195.144133][ T5831] NILFS (loop0): trying rollback from an earlier position [pid 5832] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152./strace-static-x86_64: Process 5833 attached [pid 5833] chdir("./63") = 0 [pid 5833] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5833] setpgid(0, 0) = 0 [pid 5833] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5833] write(3, "1000", 4) = 4 [pid 5833] close(3) = 0 [ 195.216538][ T5831] NILFS (loop0): recovery complete [pid 5833] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5833] memfd_create("syzkaller", 0 [pid 5831] <... mount resumed>) = 0 [pid 5833] <... memfd_create resumed>) = 3 [pid 5833] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5831] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5833] <... mmap resumed>) = 0x7fc0314e0000 [pid 5831] <... openat resumed>) = 3 [pid 5831] chdir("./file0") = 0 [pid 5831] ioctl(4, LOOP_CLR_FD) = 0 [pid 5831] close(4) = 0 [pid 5832] <... write resumed>) = 2097152 [pid 5831] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5831] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5833] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5831] <... open resumed>) = 5 [ 195.237352][ T5834] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5831] ftruncate(5, 33587195) = 0 [pid 5831] sendfile(4, 5, NULL, 281474978811909 [pid 5832] munmap(0x7fc0314e0000, 2097152) = 0 [pid 5067] <... umount2 resumed>) = 0 [pid 5832] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5067] umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5832] <... openat resumed>) = 4 [pid 5832] ioctl(4, LOOP_SET_FD, 3 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5832] <... ioctl resumed>) = 0 [pid 5067] lstat("./62/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./62/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./62/file0") = 0 [pid 5832] close(3) = 0 [pid 5832] mkdir("./file0", 0777) = 0 [pid 5832] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5833] <... write resumed>) = 2097152 [pid 5067] close(3 [ 195.347342][ T5832] loop2: detected capacity change from 0 to 4096 [pid 5833] munmap(0x7fc0314e0000, 2097152 [pid 5829] <... sendfile resumed>) = 1048576 [pid 5065] <... umount2 resumed>) = 0 [pid 5067] <... close resumed>) = 0 [pid 5833] <... munmap resumed>) = 0 [pid 5829] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5833] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5829] <... open resumed>) = -1 EFAULT (Bad address) [pid 5067] rmdir("./62" [pid 5833] <... openat resumed>) = 4 [pid 5829] exit_group(0 [pid 5833] ioctl(4, LOOP_SET_FD, 3 [pid 5829] <... exit_group resumed>) = ? [pid 5067] <... rmdir resumed>) = 0 [pid 5065] umount2("./61/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] +++ exited with 0 +++ [pid 5067] mkdir("./63", 0777 [pid 5833] <... ioctl resumed>) = 0 [pid 5065] lstat("./61/file0", [pid 5833] close(3 [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5829, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=24 /* 0.24 s */} --- [pid 5067] <... mkdir resumed>) = 0 [pid 5833] <... close resumed>) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5065] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5833] mkdir("./file0", 0777 [pid 5067] <... openat resumed>) = 3 [pid 5833] <... mkdir resumed>) = 0 [pid 5067] ioctl(3, LOOP_CLR_FD [ 195.393407][ T5832] NILFS (loop2): invalid segment: Checksum error in segment payload [ 195.410264][ T5832] NILFS (loop2): trying rollback from an earlier position [ 195.424427][ T5833] loop5: detected capacity change from 0 to 4096 [pid 5833] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5067] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5068] restart_syscall(<... resuming interrupted clone ...> [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 5835 ./strace-static-x86_64: Process 5835 attached [pid 5835] chdir("./63") = 0 [pid 5068] <... restart_syscall resumed>) = 0 [pid 5835] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5835] setpgid(0, 0) = 0 [pid 5835] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5835] write(3, "1000", 4) = 4 [pid 5835] close(3) = 0 [pid 5835] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5068] umount2("./62", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5835] memfd_create("syzkaller", 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./62", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(3, [pid 5835] <... memfd_create resumed>) = 3 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5835] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5068] umount2("./62/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5835] <... mmap resumed>) = 0x7fc0314e0000 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 195.441870][ T5832] NILFS (loop2): recovery complete [pid 5065] umount2("./61/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] lstat("./62/binderfs", [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] openat(AT_FDCWD, "./61/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] unlink("./62/binderfs" [pid 5065] <... openat resumed>) = 4 [pid 5068] <... unlink resumed>) = 0 [pid 5068] umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] fstat(4, [pid 5832] <... mount resumed>) = 0 [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5832] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5065] getdents64(4, [pid 5832] <... openat resumed>) = 3 [pid 5832] chdir("./file0" [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5832] <... chdir resumed>) = 0 [pid 5065] getdents64(4, [pid 5832] ioctl(4, LOOP_CLR_FD [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [ 195.480140][ T5833] NILFS (loop5): invalid segment: Checksum error in segment payload [ 195.490766][ T5833] NILFS (loop5): trying rollback from an earlier position [ 195.503674][ T5836] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5832] <... ioctl resumed>) = 0 [pid 5065] close(4 [pid 5832] close(4 [pid 5065] <... close resumed>) = 0 [pid 5832] <... close resumed>) = 0 [pid 5832] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5065] rmdir("./61/file0") = 0 [pid 5832] <... open resumed>) = 4 [pid 5065] getdents64(3, [pid 5835] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5833] <... mount resumed>) = 0 [pid 5832] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5065] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5833] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5832] <... open resumed>) = 5 [pid 5065] close(3 [pid 5833] <... openat resumed>) = 3 [pid 5832] ftruncate(5, 33587195 [pid 5833] chdir("./file0" [pid 5832] <... ftruncate resumed>) = 0 [pid 5065] <... close resumed>) = 0 [pid 5833] <... chdir resumed>) = 0 [pid 5832] sendfile(4, 5, NULL, 281474978811909 [pid 5065] rmdir("./61" [pid 5833] ioctl(4, LOOP_CLR_FD) = 0 [pid 5833] close(4 [pid 5065] <... rmdir resumed>) = 0 [pid 5833] <... close resumed>) = 0 [pid 5065] mkdir("./62", 0777 [pid 5833] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5065] <... mkdir resumed>) = 0 [ 195.527940][ T5833] NILFS (loop5): recovery complete [ 195.549864][ T5837] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5833] <... open resumed>) = 4 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5833] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5065] <... openat resumed>) = 3 [pid 5833] <... open resumed>) = 5 [pid 5065] ioctl(3, LOOP_CLR_FD [pid 5833] ftruncate(5, 33587195 [pid 5065] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5833] <... ftruncate resumed>) = 0 [pid 5065] close(3 [pid 5833] sendfile(4, 5, NULL, 281474978811909 [pid 5065] <... close resumed>) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5835] <... write resumed>) = 2097152 [pid 5835] munmap(0x7fc0314e0000, 2097152 [pid 5065] <... clone resumed>, child_tidptr=0x555556c965d0) = 5838 [pid 5835] <... munmap resumed>) = 0 [pid 5068] <... umount2 resumed>) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop3", O_RDWR./strace-static-x86_64: Process 5838 attached ) = 4 [pid 5838] chdir("./62" [pid 5835] ioctl(4, LOOP_SET_FD, 3 [pid 5838] <... chdir resumed>) = 0 [pid 5838] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5835] <... ioctl resumed>) = 0 [pid 5838] <... prctl resumed>) = 0 [pid 5838] setpgid(0, 0) = 0 [pid 5838] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5838] write(3, "1000", 4 [pid 5068] umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5838] <... write resumed>) = 4 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5838] close(3 [pid 5068] lstat("./62/file0", [pid 5838] <... close resumed>) = 0 [pid 5068] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5838] symlink("/dev/binderfs", "./binderfs" [pid 5068] umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5838] <... symlink resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5838] memfd_create("syzkaller", 0 [pid 5068] openat(AT_FDCWD, "./62/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5838] <... memfd_create resumed>) = 3 [pid 5835] close(3 [pid 5068] <... openat resumed>) = 4 [pid 5838] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5835] <... close resumed>) = 0 [pid 5068] fstat(4, [pid 5838] <... mmap resumed>) = 0x7fc0314e0000 [pid 5835] mkdir("./file0", 0777 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5835] <... mkdir resumed>) = 0 [pid 5068] getdents64(4, [pid 5835] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [ 195.716234][ T5835] loop3: detected capacity change from 0 to 4096 [pid 5838] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5068] rmdir("./62/file0") = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5068] rmdir("./62") = 0 [pid 5068] mkdir("./63", 0777) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5068] close(3) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 5839 ./strace-static-x86_64: Process 5839 attached [pid 5839] chdir("./63") = 0 [pid 5839] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5839] setpgid(0, 0) = 0 [pid 5839] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5839] write(3, "1000", 4) = 4 [pid 5839] close(3) = 0 [pid 5839] symlink("/dev/binderfs", "./binderfs") = 0 [ 195.798981][ T5835] NILFS (loop3): invalid segment: Checksum error in segment payload [pid 5839] memfd_create("syzkaller", 0) = 3 [pid 5839] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5839] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5838] <... write resumed>) = 2097152 [ 195.853997][ T5835] NILFS (loop3): trying rollback from an earlier position [pid 5838] munmap(0x7fc0314e0000, 2097152) = 0 [pid 5838] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5838] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5838] close(3) = 0 [pid 5838] mkdir("./file0", 0777) = 0 [pid 5838] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5835] <... mount resumed>) = 0 [pid 5835] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5835] chdir("./file0") = 0 [pid 5835] ioctl(4, LOOP_CLR_FD) = 0 [pid 5835] close(4) = 0 [pid 5835] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5839] <... write resumed>) = 2097152 [pid 5835] <... open resumed>) = 4 [pid 5835] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5835] ftruncate(5, 33587195) = 0 [ 195.942937][ T5838] loop1: detected capacity change from 0 to 4096 [ 195.955083][ T5835] NILFS (loop3): recovery complete [ 195.974035][ T5840] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5835] sendfile(4, 5, NULL, 281474978811909 [pid 5839] munmap(0x7fc0314e0000, 2097152) = 0 [pid 5839] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5839] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5839] close(3) = 0 [pid 5839] mkdir("./file0", 0777) = 0 [ 196.031459][ T5838] NILFS (loop1): invalid segment: Checksum error in segment payload [ 196.059054][ T5839] loop4: detected capacity change from 0 to 4096 [ 196.072095][ T5838] NILFS (loop1): trying rollback from an earlier position [ 196.114573][ T5839] NILFS (loop4): invalid segment: Checksum error in segment payload [pid 5839] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5838] <... mount resumed>) = 0 [pid 5838] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5838] chdir("./file0") = 0 [pid 5838] ioctl(4, LOOP_CLR_FD) = 0 [ 196.164765][ T5838] NILFS (loop1): recovery complete [ 196.169899][ T5839] NILFS (loop4): trying rollback from an earlier position [pid 5838] close(4) = 0 [pid 5838] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5838] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5838] ftruncate(5, 33587195) = 0 [ 196.228048][ T5841] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 196.295859][ T5839] NILFS (loop4): recovery complete [pid 5838] sendfile(4, 5, NULL, 281474978811909 [pid 5839] <... mount resumed>) = 0 [pid 5839] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5839] chdir("./file0") = 0 [pid 5839] ioctl(4, LOOP_CLR_FD) = 0 [pid 5839] close(4) = 0 [pid 5839] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5839] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5831] <... sendfile resumed>) = 1048576 [pid 5839] ftruncate(5, 33587195 [ 196.337988][ T5842] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5831] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5839] <... ftruncate resumed>) = 0 [pid 5839] sendfile(4, 5, NULL, 281474978811909 [pid 5831] <... open resumed>) = -1 EFAULT (Bad address) [pid 5831] exit_group(0) = ? [pid 5831] +++ exited with 0 +++ [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5831, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 5064] umount2("./62", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./62", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5064] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] umount2("./62/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./62/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] unlink("./62/binderfs") = 0 [pid 5064] umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5832] <... sendfile resumed>) = 1048576 [pid 5832] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5832] exit_group(0) = ? [pid 5832] +++ exited with 0 +++ [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5832, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 5066] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5066] umount2("./62", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./62", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5066] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] umount2("./62/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./62/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] unlink("./62/binderfs") = 0 [pid 5066] umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5833] <... sendfile resumed>) = 1048576 [pid 5833] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5833] exit_group(0) = ? [pid 5833] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5833, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 5069] umount2("./63", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./63", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./63/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./63/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./63/binderfs") = 0 [pid 5069] umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... umount2 resumed>) = 0 [pid 5064] umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./62/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./62/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5064] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] close(4) = 0 [pid 5064] rmdir("./62/file0" [pid 5066] <... umount2 resumed>) = 0 [pid 5064] <... rmdir resumed>) = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] close(3) = 0 [pid 5064] rmdir("./62") = 0 [pid 5064] mkdir("./63", 0777) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5064] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5064] close(3) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5066] umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] <... clone resumed>, child_tidptr=0x555556c965d0) = 5843 [pid 5066] lstat("./62/file0", ./strace-static-x86_64: Process 5843 attached {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5843] chdir("./63") = 0 [pid 5066] umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5843] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5843] <... prctl resumed>) = 0 [pid 5066] openat(AT_FDCWD, "./62/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5843] setpgid(0, 0) = 0 [pid 5843] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5066] <... openat resumed>) = 4 [pid 5843] write(3, "1000", 4 [pid 5066] fstat(4, [pid 5843] <... write resumed>) = 4 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5843] close(3 [pid 5066] getdents64(4, [pid 5843] <... close resumed>) = 0 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5843] symlink("/dev/binderfs", "./binderfs" [pid 5066] getdents64(4, [pid 5843] <... symlink resumed>) = 0 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5843] memfd_create("syzkaller", 0 [pid 5066] close(4 [pid 5843] <... memfd_create resumed>) = 3 [pid 5843] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5069] <... umount2 resumed>) = 0 [pid 5066] <... close resumed>) = 0 [pid 5843] <... mmap resumed>) = 0x7fc0314e0000 [pid 5069] umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] rmdir("./62/file0" [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... rmdir resumed>) = 0 [pid 5069] lstat("./63/file0", [pid 5066] getdents64(3, [pid 5069] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./63/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] close(3 [pid 5069] <... openat resumed>) = 4 [pid 5066] <... close resumed>) = 0 [pid 5069] fstat(4, [pid 5066] rmdir("./62" [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5843] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5069] getdents64(4, [pid 5066] <... rmdir resumed>) = 0 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] mkdir("./63", 0777 [pid 5069] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] <... mkdir resumed>) = 0 [pid 5069] close(4 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5069] <... close resumed>) = 0 [pid 5066] <... openat resumed>) = 3 [pid 5069] rmdir("./63/file0" [pid 5066] ioctl(3, LOOP_CLR_FD [pid 5069] <... rmdir resumed>) = 0 [pid 5069] getdents64(3, [pid 5066] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5069] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] close(3 [pid 5069] close(3) = 0 [pid 5066] <... close resumed>) = 0 [pid 5069] rmdir("./63" [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5069] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 5844 attached [pid 5069] mkdir("./64", 0777 [pid 5844] chdir("./63" [pid 5069] <... mkdir resumed>) = 0 [pid 5066] <... clone resumed>, child_tidptr=0x555556c965d0) = 5844 [pid 5844] <... chdir resumed>) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5844] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5069] <... openat resumed>) = 3 [pid 5844] <... prctl resumed>) = 0 [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5844] setpgid(0, 0 [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5844] <... setpgid resumed>) = 0 [pid 5844] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5069] close(3 [pid 5844] <... openat resumed>) = 3 [pid 5844] write(3, "1000", 4) = 4 [pid 5844] close(3) = 0 [pid 5069] <... close resumed>) = 0 [pid 5844] symlink("/dev/binderfs", "./binderfs" [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5844] <... symlink resumed>) = 0 [pid 5844] memfd_create("syzkaller", 0 [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 5845 [pid 5844] <... memfd_create resumed>) = 3 [pid 5844] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 ./strace-static-x86_64: Process 5845 attached [pid 5845] chdir("./64") = 0 [pid 5843] <... write resumed>) = 2097152 [pid 5835] <... sendfile resumed>) = 1048576 [pid 5845] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5835] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5845] <... prctl resumed>) = 0 [pid 5835] <... open resumed>) = -1 EFAULT (Bad address) [pid 5845] setpgid(0, 0 [pid 5835] exit_group(0 [pid 5845] <... setpgid resumed>) = 0 [pid 5835] <... exit_group resumed>) = ? [pid 5845] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5843] munmap(0x7fc0314e0000, 2097152 [pid 5845] <... openat resumed>) = 3 [pid 5844] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5835] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5835, si_uid=0, si_status=0, si_utime=0, si_stime=28 /* 0.28 s */} --- [pid 5845] write(3, "1000", 4) = 4 [pid 5067] umount2("./63", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5845] close(3 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./63", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5845] <... close resumed>) = 0 [pid 5067] <... openat resumed>) = 3 [pid 5845] symlink("/dev/binderfs", "./binderfs" [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5845] <... symlink resumed>) = 0 [pid 5843] <... munmap resumed>) = 0 [pid 5067] umount2("./63/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5845] memfd_create("syzkaller", 0 [pid 5843] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5845] <... memfd_create resumed>) = 3 [pid 5843] <... openat resumed>) = 4 [pid 5067] lstat("./63/binderfs", [pid 5845] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5843] ioctl(4, LOOP_SET_FD, 3 [pid 5845] <... mmap resumed>) = 0x7fc0314e0000 [pid 5067] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5844] <... write resumed>) = 2097152 [pid 5067] unlink("./63/binderfs" [pid 5844] munmap(0x7fc0314e0000, 2097152 [pid 5067] <... unlink resumed>) = 0 [pid 5844] <... munmap resumed>) = 0 [pid 5844] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5067] umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5844] <... openat resumed>) = 4 [pid 5843] <... ioctl resumed>) = 0 [pid 5843] close(3 [pid 5844] ioctl(4, LOOP_SET_FD, 3 [pid 5843] <... close resumed>) = 0 [pid 5843] mkdir("./file0", 0777 [pid 5845] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5844] <... ioctl resumed>) = 0 [pid 5843] <... mkdir resumed>) = 0 [pid 5844] close(3) = 0 [pid 5843] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5844] mkdir("./file0", 0777) = 0 [ 197.169113][ T5843] loop0: detected capacity change from 0 to 4096 [ 197.205900][ T5844] loop2: detected capacity change from 0 to 4096 [pid 5844] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5845] <... write resumed>) = 2097152 [pid 5838] <... sendfile resumed>) = 1048576 [ 197.242758][ T5843] NILFS (loop0): invalid segment: Checksum error in segment payload [ 197.276753][ T5843] NILFS (loop0): trying rollback from an earlier position [pid 5845] munmap(0x7fc0314e0000, 2097152 [pid 5838] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5838] exit_group(0) = ? [pid 5838] +++ exited with 0 +++ [pid 5845] <... munmap resumed>) = 0 [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5838, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 5845] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5065] restart_syscall(<... resuming interrupted clone ...> [pid 5845] <... openat resumed>) = 4 [pid 5065] <... restart_syscall resumed>) = 0 [pid 5845] ioctl(4, LOOP_SET_FD, 3) = 0 [ 197.288107][ T5844] NILFS (loop2): invalid segment: Checksum error in segment payload [ 197.298362][ T5844] NILFS (loop2): trying rollback from an earlier position [ 197.332815][ T5845] loop5: detected capacity change from 0 to 4096 [pid 5065] umount2("./62", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5845] close(3 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5845] <... close resumed>) = 0 [pid 5065] openat(AT_FDCWD, "./62", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5845] mkdir("./file0", 0777 [pid 5065] <... openat resumed>) = 3 [pid 5845] <... mkdir resumed>) = 0 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5845] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5844] <... mount resumed>) = 0 [pid 5065] getdents64(3, [pid 5844] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5065] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5844] <... openat resumed>) = 3 [pid 5844] chdir("./file0" [pid 5065] umount2("./62/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5844] <... chdir resumed>) = 0 [pid 5843] <... mount resumed>) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 197.338049][ T5844] NILFS (loop2): recovery complete [ 197.348501][ T5843] NILFS (loop0): recovery complete [ 197.359522][ T5846] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5844] ioctl(4, LOOP_CLR_FD [pid 5843] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5844] <... ioctl resumed>) = 0 [pid 5065] lstat("./62/binderfs", [pid 5844] close(4 [pid 5843] <... openat resumed>) = 3 [pid 5065] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5844] <... close resumed>) = 0 [pid 5843] chdir("./file0" [pid 5065] unlink("./62/binderfs" [pid 5844] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5843] <... chdir resumed>) = 0 [pid 5843] ioctl(4, LOOP_CLR_FD [pid 5065] <... unlink resumed>) = 0 [pid 5844] <... open resumed>) = 4 [pid 5843] <... ioctl resumed>) = 0 [pid 5065] umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5844] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5843] close(4) = 0 [pid 5843] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5844] <... open resumed>) = 5 [pid 5844] ftruncate(5, 33587195 [pid 5843] <... open resumed>) = 4 [pid 5845] <... mount resumed>) = 0 [pid 5845] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5844] <... ftruncate resumed>) = 0 [ 197.385634][ T5847] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 197.395427][ T5845] NILFS (loop5): invalid segment: Checksum error in segment payload [ 197.406197][ T5845] NILFS (loop5): trying rollback from an earlier position [ 197.428469][ T5845] NILFS (loop5): recovery complete [pid 5843] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5845] <... openat resumed>) = 3 [pid 5845] chdir("./file0" [pid 5844] sendfile(4, 5, NULL, 281474978811909 [pid 5843] <... open resumed>) = 5 [pid 5839] <... sendfile resumed>) = 1048576 [pid 5845] <... chdir resumed>) = 0 [pid 5845] ioctl(4, LOOP_CLR_FD [pid 5843] ftruncate(5, 33587195 [pid 5839] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5845] <... ioctl resumed>) = 0 [pid 5843] <... ftruncate resumed>) = 0 [pid 5839] <... open resumed>) = -1 EFAULT (Bad address) [pid 5845] close(4 [pid 5843] sendfile(4, 5, NULL, 281474978811909 [pid 5839] exit_group(0 [pid 5845] <... close resumed>) = 0 [pid 5845] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5839] <... exit_group resumed>) = ? [pid 5839] +++ exited with 0 +++ [pid 5845] <... open resumed>) = 4 [pid 5067] <... umount2 resumed>) = 0 [pid 5845] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5839, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=30 /* 0.30 s */} --- [ 197.444447][ T5848] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5845] <... open resumed>) = 5 [pid 5068] umount2("./63", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5845] ftruncate(5, 33587195 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5845] <... ftruncate resumed>) = 0 [pid 5068] openat(AT_FDCWD, "./63", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5845] sendfile(4, 5, NULL, 281474978811909 [pid 5068] <... openat resumed>) = 3 [pid 5068] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] umount2("./63/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./63/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] unlink("./63/binderfs") = 0 [pid 5068] umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./63/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./63/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./63/file0") = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./63") = 0 [pid 5067] mkdir("./64", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 5849 ./strace-static-x86_64: Process 5849 attached [pid 5849] chdir("./64") = 0 [pid 5849] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5849] setpgid(0, 0) = 0 [pid 5849] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5849] write(3, "1000", 4) = 4 [pid 5849] close(3) = 0 [pid 5849] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5849] memfd_create("syzkaller", 0) = 3 [pid 5849] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5065] <... umount2 resumed>) = 0 [pid 5065] umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./62/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5849] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./62/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [pid 5068] <... umount2 resumed>) = 0 [pid 5065] rmdir("./62/file0") = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 5065] rmdir("./62" [pid 5068] umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] <... rmdir resumed>) = 0 [pid 5068] lstat("./63/file0", [pid 5065] mkdir("./63", 0777 [pid 5068] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... mkdir resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5068] openat(AT_FDCWD, "./63/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] <... openat resumed>) = 3 [pid 5068] <... openat resumed>) = 4 [pid 5065] ioctl(3, LOOP_CLR_FD [pid 5068] fstat(4, [pid 5065] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] close(3 [pid 5068] getdents64(4, [pid 5065] <... close resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4 [pid 5065] <... clone resumed>, child_tidptr=0x555556c965d0) = 5850 [pid 5068] <... close resumed>) = 0 [pid 5068] rmdir("./63/file0") = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5068] rmdir("./63") = 0 ./strace-static-x86_64: Process 5850 attached [pid 5068] mkdir("./64", 0777) = 0 [pid 5850] chdir("./63" [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5850] <... chdir resumed>) = 0 [pid 5068] <... openat resumed>) = 3 [pid 5850] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5850] <... prctl resumed>) = 0 [pid 5849] <... write resumed>) = 2097152 [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5850] setpgid(0, 0 [pid 5849] munmap(0x7fc0314e0000, 2097152 [pid 5068] close(3 [pid 5850] <... setpgid resumed>) = 0 [pid 5849] <... munmap resumed>) = 0 [pid 5068] <... close resumed>) = 0 [pid 5850] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5849] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5850] <... openat resumed>) = 3 [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 5851 [pid 5850] write(3, "1000", 4 [pid 5849] <... openat resumed>) = 4 [pid 5850] <... write resumed>) = 4 [pid 5849] ioctl(4, LOOP_SET_FD, 3 [pid 5850] close(3) = 0 [pid 5850] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5850] memfd_create("syzkaller", 0) = 3 [pid 5849] <... ioctl resumed>) = 0 [pid 5850] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5849] close(3./strace-static-x86_64: Process 5851 attached [pid 5850] <... mmap resumed>) = 0x7fc0314e0000 [pid 5849] <... close resumed>) = 0 [pid 5851] chdir("./64" [pid 5849] mkdir("./file0", 0777 [pid 5851] <... chdir resumed>) = 0 [pid 5851] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5849] <... mkdir resumed>) = 0 [pid 5851] <... prctl resumed>) = 0 [pid 5849] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5851] setpgid(0, 0) = 0 [pid 5851] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5851] write(3, "1000", 4) = 4 [pid 5851] close(3) = 0 [pid 5850] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5851] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5851] memfd_create("syzkaller", 0) = 3 [ 197.905033][ T5849] loop3: detected capacity change from 0 to 4096 [pid 5851] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5850] <... write resumed>) = 2097152 [pid 5850] munmap(0x7fc0314e0000, 2097152 [pid 5851] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5850] <... munmap resumed>) = 0 [ 197.992239][ T5849] NILFS (loop3): invalid segment: Checksum error in segment payload [ 198.025600][ T5849] NILFS (loop3): trying rollback from an earlier position [pid 5850] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5850] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5850] close(3) = 0 [pid 5850] mkdir("./file0", 0777) = 0 [ 198.050087][ T5849] NILFS (loop3): recovery complete [ 198.063249][ T5850] loop1: detected capacity change from 0 to 4096 [pid 5850] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5851] <... write resumed>) = 2097152 [pid 5849] <... mount resumed>) = 0 [pid 5851] munmap(0x7fc0314e0000, 2097152 [pid 5849] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5851] <... munmap resumed>) = 0 [pid 5849] <... openat resumed>) = 3 [pid 5851] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5849] chdir("./file0" [pid 5851] <... openat resumed>) = 4 [pid 5849] <... chdir resumed>) = 0 [pid 5851] ioctl(4, LOOP_SET_FD, 3 [pid 5849] ioctl(4, LOOP_CLR_FD) = 0 [pid 5849] close(4) = 0 [pid 5851] <... ioctl resumed>) = 0 [pid 5849] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5851] close(3) = 0 [pid 5851] mkdir("./file0", 0777) = 0 [pid 5851] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5849] <... open resumed>) = 4 [ 198.098809][ T5852] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 198.119605][ T5851] loop4: detected capacity change from 0 to 4096 [ 198.132937][ T5850] NILFS (loop1): invalid segment: Checksum error in segment payload [pid 5849] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5849] ftruncate(5, 33587195) = 0 [ 198.148134][ T5850] NILFS (loop1): trying rollback from an earlier position [ 198.164189][ T5851] NILFS (loop4): invalid segment: Checksum error in segment payload [ 198.210898][ T5851] NILFS (loop4): trying rollback from an earlier position [ 198.243882][ T5850] NILFS (loop1): recovery complete [pid 5849] sendfile(4, 5, NULL, 281474978811909 [pid 5850] <... mount resumed>) = 0 [pid 5850] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5850] chdir("./file0") = 0 [pid 5850] ioctl(4, LOOP_CLR_FD) = 0 [pid 5850] close(4) = 0 [ 198.282365][ T5853] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5850] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5850] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5850] ftruncate(5, 33587195) = 0 [ 198.326225][ T5851] NILFS (loop4): recovery complete [pid 5850] sendfile(4, 5, NULL, 281474978811909 [pid 5851] <... mount resumed>) = 0 [pid 5851] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5851] chdir("./file0") = 0 [pid 5851] ioctl(4, LOOP_CLR_FD) = 0 [pid 5851] close(4) = 0 [pid 5851] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5851] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5851] ftruncate(5, 33587195) = 0 [ 198.351674][ T5854] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5851] sendfile(4, 5, NULL, 281474978811909 [pid 5844] <... sendfile resumed>) = 1048576 [pid 5844] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5844] exit_group(0) = ? [pid 5844] +++ exited with 0 +++ [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5844, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5066] umount2("./63", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./63", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5845] <... sendfile resumed>) = 1048576 [pid 5066] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5845] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5066] umount2("./63/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./63/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5845] <... open resumed>) = -1 EFAULT (Bad address) [pid 5066] unlink("./63/binderfs" [pid 5845] exit_group(0) = ? [pid 5843] <... sendfile resumed>) = 1048576 [pid 5066] <... unlink resumed>) = 0 [pid 5843] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5843] exit_group(0) = ? [pid 5843] +++ exited with 0 +++ [pid 5066] umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5845] +++ exited with 0 +++ [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5843, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5845, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5064] umount2("./63", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] restart_syscall(<... resuming interrupted clone ...> [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... restart_syscall resumed>) = 0 [pid 5064] openat(AT_FDCWD, "./63", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5064] fstat(3, [pid 5069] umount2("./64", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(3, [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./64", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] <... openat resumed>) = 3 [pid 5064] umount2("./63/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./63/binderfs", [pid 5069] getdents64(3, [pid 5064] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] unlink("./63/binderfs") = 0 [pid 5069] umount2("./64/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./64/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./64/binderfs") = 0 [pid 5069] umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... umount2 resumed>) = 0 [pid 5066] umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./63/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./63/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 5066] rmdir("./63/file0") = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./63") = 0 [pid 5064] <... umount2 resumed>) = 0 [pid 5066] mkdir("./64", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5066] close(3) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 5855 [pid 5069] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 5855 attached [pid 5069] umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./64/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./64/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 5069] rmdir("./64/file0") = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./64") = 0 [pid 5855] chdir("./64" [pid 5069] mkdir("./65", 0777 [pid 5064] umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5855] <... chdir resumed>) = 0 [pid 5855] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5069] <... mkdir resumed>) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5855] <... prctl resumed>) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5064] lstat("./63/file0", [pid 5855] setpgid(0, 0 [pid 5069] <... openat resumed>) = 3 [pid 5855] <... setpgid resumed>) = 0 [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5855] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5069] close(3 [pid 5064] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5855] <... openat resumed>) = 3 [pid 5064] umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5855] write(3, "1000", 4 [pid 5069] <... close resumed>) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5855] <... write resumed>) = 4 [pid 5064] openat(AT_FDCWD, "./63/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5855] close(3 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5064] <... openat resumed>) = 4 [pid 5855] <... close resumed>) = 0 [pid 5064] fstat(4, [pid 5855] symlink("/dev/binderfs", "./binderfs" [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5855] <... symlink resumed>) = 0 [pid 5064] getdents64(4, [pid 5855] memfd_create("syzkaller", 0 [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5855] <... memfd_create resumed>) = 3 [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 5856 [pid 5064] getdents64(4, ./strace-static-x86_64: Process 5856 attached [pid 5855] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5856] chdir("./65" [pid 5855] <... mmap resumed>) = 0x7fc0314e0000 [pid 5064] close(4 [pid 5856] <... chdir resumed>) = 0 [pid 5064] <... close resumed>) = 0 [pid 5856] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5064] rmdir("./63/file0" [pid 5856] <... prctl resumed>) = 0 [pid 5064] <... rmdir resumed>) = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] close(3) = 0 [pid 5856] setpgid(0, 0 [pid 5064] rmdir("./63" [pid 5856] <... setpgid resumed>) = 0 [pid 5064] <... rmdir resumed>) = 0 [pid 5856] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5064] mkdir("./64", 0777 [pid 5856] <... openat resumed>) = 3 [pid 5064] <... mkdir resumed>) = 0 [pid 5856] write(3, "1000", 4 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5856] <... write resumed>) = 4 [pid 5064] <... openat resumed>) = 3 [pid 5856] close(3 [pid 5064] ioctl(3, LOOP_CLR_FD [pid 5856] <... close resumed>) = 0 [pid 5064] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5856] symlink("/dev/binderfs", "./binderfs" [pid 5064] close(3 [pid 5856] <... symlink resumed>) = 0 [pid 5064] <... close resumed>) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 5857 [pid 5856] memfd_create("syzkaller", 0) = 3 [pid 5856] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 ./strace-static-x86_64: Process 5857 attached [pid 5857] chdir("./64") = 0 [pid 5857] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5857] setpgid(0, 0) = 0 [pid 5857] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5857] write(3, "1000", 4) = 4 [pid 5857] close(3) = 0 [pid 5857] symlink("/dev/binderfs", "./binderfs" [pid 5855] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5857] <... symlink resumed>) = 0 [pid 5857] memfd_create("syzkaller", 0) = 3 [pid 5857] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5856] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5857] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5855] <... write resumed>) = 2097152 [pid 5849] <... sendfile resumed>) = 1048576 [pid 5849] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5855] munmap(0x7fc0314e0000, 2097152 [pid 5849] <... open resumed>) = -1 EFAULT (Bad address) [pid 5855] <... munmap resumed>) = 0 [pid 5849] exit_group(0 [pid 5855] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5849] <... exit_group resumed>) = ? [pid 5855] <... openat resumed>) = 4 [pid 5849] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5849, si_uid=0, si_status=0, si_utime=0, si_stime=30 /* 0.30 s */} --- [pid 5067] restart_syscall(<... resuming interrupted clone ...> [pid 5855] ioctl(4, LOOP_SET_FD, 3 [pid 5067] <... restart_syscall resumed>) = 0 [pid 5067] umount2("./64", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5857] <... write resumed>) = 2097152 [pid 5067] openat(AT_FDCWD, "./64", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] fstat(3, [pid 5857] munmap(0x7fc0314e0000, 2097152 [pid 5856] <... write resumed>) = 2097152 [pid 5855] <... ioctl resumed>) = 0 [pid 5850] <... sendfile resumed>) = 1048576 [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5857] <... munmap resumed>) = 0 [pid 5856] munmap(0x7fc0314e0000, 2097152 [pid 5855] close(3 [pid 5850] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5857] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5856] <... munmap resumed>) = 0 [pid 5855] <... close resumed>) = 0 [pid 5850] <... open resumed>) = -1 EFAULT (Bad address) [pid 5067] getdents64(3, [pid 5857] <... openat resumed>) = 4 [pid 5856] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5855] mkdir("./file0", 0777 [pid 5850] exit_group(0 [pid 5857] ioctl(4, LOOP_SET_FD, 3 [pid 5856] <... openat resumed>) = 4 [pid 5855] <... mkdir resumed>) = 0 [pid 5850] <... exit_group resumed>) = ? [pid 5067] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5856] ioctl(4, LOOP_SET_FD, 3 [pid 5855] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5850] +++ exited with 0 +++ [pid 5856] <... ioctl resumed>) = 0 [pid 5067] umount2("./64/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5850, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} --- [pid 5856] close(3) = 0 [pid 5856] mkdir("./file0", 0777 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5856] <... mkdir resumed>) = 0 [pid 5067] lstat("./64/binderfs", [pid 5856] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5857] <... ioctl resumed>) = 0 [pid 5857] close(3) = 0 [pid 5857] mkdir("./file0", 0777) = 0 [pid 5857] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5067] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./64/binderfs" [pid 5065] umount2("./63", MNT_DETACH|UMOUNT_NOFOLLOW [ 199.292980][ T5855] loop2: detected capacity change from 0 to 4096 [ 199.316714][ T5857] loop0: detected capacity change from 0 to 4096 [ 199.326083][ T5856] loop5: detected capacity change from 0 to 4096 [pid 5067] <... unlink resumed>) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./63", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5067] umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... openat resumed>) = 3 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./63/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./63/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] unlink("./63/binderfs") = 0 [ 199.345020][ T5855] NILFS (loop2): invalid segment: Checksum error in segment payload [ 199.358738][ T5855] NILFS (loop2): trying rollback from an earlier position [ 199.376893][ T5856] NILFS (loop5): invalid segment: Checksum error in segment payload [pid 5851] <... sendfile resumed>) = 1048576 [pid 5065] umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5851] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5851] exit_group(0) = ? [pid 5851] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5851, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=20 /* 0.20 s */} --- [pid 5068] umount2("./64", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./64", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] umount2("./64/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./64/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] unlink("./64/binderfs") = 0 [ 199.387825][ T5857] NILFS (loop0): invalid segment: Checksum error in segment payload [ 199.405641][ T5856] NILFS (loop5): trying rollback from an earlier position [ 199.411390][ T5855] NILFS (loop2): recovery complete [ 199.416781][ T5857] NILFS (loop0): trying rollback from an earlier position [pid 5068] umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5855] <... mount resumed>) = 0 [pid 5855] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5855] chdir("./file0") = 0 [pid 5855] ioctl(4, LOOP_CLR_FD) = 0 [pid 5855] close(4) = 0 [pid 5855] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5855] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5855] ftruncate(5, 33587195) = 0 [ 199.445140][ T5858] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 199.496124][ T5857] NILFS (loop0): recovery complete [ 199.503443][ T5856] NILFS (loop5): recovery complete [ 199.534200][ T5859] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5855] sendfile(4, 5, NULL, 281474978811909 [pid 5856] <... mount resumed>) = 0 [pid 5857] <... mount resumed>) = 0 [pid 5856] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5857] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5856] <... openat resumed>) = 3 [pid 5857] chdir("./file0" [pid 5856] chdir("./file0" [pid 5857] <... chdir resumed>) = 0 [pid 5857] ioctl(4, LOOP_CLR_FD [pid 5856] <... chdir resumed>) = 0 [pid 5857] <... ioctl resumed>) = 0 [pid 5856] ioctl(4, LOOP_CLR_FD [pid 5857] close(4) = 0 [pid 5856] <... ioctl resumed>) = 0 [pid 5857] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5856] close(4 [pid 5857] <... open resumed>) = 4 [pid 5856] <... close resumed>) = 0 [pid 5857] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5856] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5857] <... open resumed>) = 5 [pid 5857] ftruncate(5, 33587195 [pid 5856] <... open resumed>) = 4 [pid 5857] <... ftruncate resumed>) = 0 [pid 5857] sendfile(4, 5, NULL, 281474978811909 [pid 5856] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [ 199.534560][ T5860] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5856] ftruncate(5, 33587195) = 0 [pid 5856] sendfile(4, 5, NULL, 281474978811909 [pid 5067] <... umount2 resumed>) = 0 [pid 5067] umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./64/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./64/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./64/file0") = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./64") = 0 [pid 5067] mkdir("./65", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 5861 ./strace-static-x86_64: Process 5861 attached [pid 5065] <... umount2 resumed>) = 0 [pid 5065] umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5861] chdir("./65") = 0 [pid 5861] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5861] setpgid(0, 0) = 0 [pid 5861] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5861] write(3, "1000", 4) = 4 [pid 5861] close(3 [pid 5065] lstat("./63/file0", [pid 5861] <... close resumed>) = 0 [pid 5861] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5065] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5861] memfd_create("syzkaller", 0) = 3 [pid 5861] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5065] umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./63/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(4, [pid 5068] <... umount2 resumed>) = 0 [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] getdents64(4, [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] lstat("./64/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] close(4 [pid 5068] umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... close resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./64/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] rmdir("./63/file0" [pid 5068] <... openat resumed>) = 4 [pid 5068] fstat(4, [pid 5065] <... rmdir resumed>) = 0 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, [pid 5068] getdents64(4, [pid 5065] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] close(3 [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] <... close resumed>) = 0 [pid 5068] close(4 [pid 5065] rmdir("./63" [pid 5068] <... close resumed>) = 0 [pid 5068] rmdir("./64/file0" [pid 5065] <... rmdir resumed>) = 0 [pid 5068] <... rmdir resumed>) = 0 [pid 5068] getdents64(3, [pid 5065] mkdir("./64", 0777 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] <... mkdir resumed>) = 0 [pid 5068] close(3) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5068] rmdir("./64" [pid 5065] <... openat resumed>) = 3 [pid 5861] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5068] <... rmdir resumed>) = 0 [pid 5068] mkdir("./65", 0777 [pid 5065] ioctl(3, LOOP_CLR_FD [pid 5068] <... mkdir resumed>) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5065] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5068] <... openat resumed>) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5065] close(3 [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5068] close(3 [pid 5065] <... close resumed>) = 0 [pid 5068] <... close resumed>) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5065] <... clone resumed>, child_tidptr=0x555556c965d0) = 5862 [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 5863 ./strace-static-x86_64: Process 5863 attached ./strace-static-x86_64: Process 5862 attached [pid 5863] chdir("./65" [pid 5862] chdir("./64" [pid 5863] <... chdir resumed>) = 0 [pid 5863] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5862] <... chdir resumed>) = 0 [pid 5863] <... prctl resumed>) = 0 [pid 5862] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5863] setpgid(0, 0 [pid 5862] <... prctl resumed>) = 0 [pid 5863] <... setpgid resumed>) = 0 [pid 5862] setpgid(0, 0 [pid 5863] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5862] <... setpgid resumed>) = 0 [pid 5863] <... openat resumed>) = 3 [pid 5862] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5861] <... write resumed>) = 2097152 [pid 5863] write(3, "1000", 4 [pid 5862] <... openat resumed>) = 3 [pid 5863] <... write resumed>) = 4 [pid 5862] write(3, "1000", 4 [pid 5863] close(3) = 0 [pid 5863] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5862] <... write resumed>) = 4 [pid 5863] memfd_create("syzkaller", 0 [pid 5862] close(3 [pid 5863] <... memfd_create resumed>) = 3 [pid 5862] <... close resumed>) = 0 [pid 5863] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5862] symlink("/dev/binderfs", "./binderfs" [pid 5863] <... mmap resumed>) = 0x7fc0314e0000 [pid 5862] <... symlink resumed>) = 0 [pid 5862] memfd_create("syzkaller", 0) = 3 [pid 5862] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5861] munmap(0x7fc0314e0000, 2097152) = 0 [pid 5861] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5861] ioctl(4, LOOP_SET_FD, 3 [pid 5862] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5863] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5861] <... ioctl resumed>) = 0 [pid 5861] close(3) = 0 [pid 5861] mkdir("./file0", 0777) = 0 [ 199.943039][ T5861] loop3: detected capacity change from 0 to 4096 [pid 5861] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5862] <... write resumed>) = 2097152 [pid 5862] munmap(0x7fc0314e0000, 2097152) = 0 [pid 5862] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5862] ioctl(4, LOOP_SET_FD, 3 [pid 5863] <... write resumed>) = 2097152 [pid 5863] munmap(0x7fc0314e0000, 2097152 [pid 5862] <... ioctl resumed>) = 0 [pid 5862] close(3) = 0 [pid 5862] mkdir("./file0", 0777) = 0 [pid 5862] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5863] <... munmap resumed>) = 0 [pid 5863] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 200.029592][ T5861] NILFS (loop3): invalid segment: Checksum error in segment payload [ 200.056163][ T5862] loop1: detected capacity change from 0 to 4096 [pid 5863] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5863] close(3) = 0 [pid 5863] mkdir("./file0", 0777) = 0 [ 200.093633][ T5861] NILFS (loop3): trying rollback from an earlier position [ 200.102337][ T5863] loop4: detected capacity change from 0 to 4096 [ 200.109796][ T5862] NILFS (loop1): invalid segment: Checksum error in segment payload [ 200.148788][ T5862] NILFS (loop1): trying rollback from an earlier position [ 200.165323][ T5863] NILFS (loop4): invalid segment: Checksum error in segment payload [ 200.188215][ T5861] NILFS (loop3): recovery complete [pid 5863] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5861] <... mount resumed>) = 0 [pid 5861] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5861] chdir("./file0") = 0 [pid 5861] ioctl(4, LOOP_CLR_FD) = 0 [pid 5861] close(4 [pid 5862] <... mount resumed>) = 0 [pid 5861] <... close resumed>) = 0 [pid 5862] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5862] chdir("./file0") = 0 [pid 5862] ioctl(4, LOOP_CLR_FD) = 0 [pid 5862] close(4) = 0 [pid 5862] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5862] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5862] ftruncate(5, 33587195) = 0 [ 200.217260][ T5864] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 200.223315][ T5863] NILFS (loop4): trying rollback from an earlier position [ 200.232800][ T5862] NILFS (loop1): recovery complete [ 200.256083][ T5865] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5862] sendfile(4, 5, NULL, 281474978811909 [pid 5861] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5861] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5861] ftruncate(5, 33587195) = 0 [ 200.297081][ T5863] NILFS (loop4): recovery complete [pid 5861] sendfile(4, 5, NULL, 281474978811909 [pid 5863] <... mount resumed>) = 0 [pid 5863] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5863] chdir("./file0") = 0 [pid 5863] ioctl(4, LOOP_CLR_FD) = 0 [pid 5863] close(4) = 0 [pid 5863] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5863] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [ 200.338001][ T5866] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5863] ftruncate(5, 33587195) = 0 [pid 5863] sendfile(4, 5, NULL, 281474978811909 [pid 5856] <... sendfile resumed>) = 1048576 [pid 5856] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5856] exit_group(0) = ? [pid 5856] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5856, si_uid=0, si_status=0, si_utime=0, si_stime=22 /* 0.22 s */} --- [pid 5069] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5069] umount2("./65", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./65", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./65/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./65/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./65/binderfs") = 0 [pid 5069] umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5855] <... sendfile resumed>) = 1048576 [pid 5855] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5855] exit_group(0) = ? [pid 5855] +++ exited with 0 +++ [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5855, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=30 /* 0.30 s */} --- [pid 5066] umount2("./64", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./64", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5066] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] umount2("./64/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./64/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] unlink("./64/binderfs") = 0 [pid 5066] umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... umount2 resumed>) = 0 [pid 5069] umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5857] <... sendfile resumed>) = 1048576 [pid 5066] <... umount2 resumed>) = 0 [pid 5857] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5069] lstat("./65/file0", [pid 5857] <... open resumed>) = -1 EFAULT (Bad address) [pid 5069] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5857] exit_group(0 [pid 5069] umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5857] <... exit_group resumed>) = ? [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5857] +++ exited with 0 +++ [pid 5069] openat(AT_FDCWD, "./65/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] fstat(4, [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5857, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(4, [pid 5066] lstat("./64/file0", [pid 5064] umount2("./64", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] getdents64(4, [pid 5066] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] openat(AT_FDCWD, "./64", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] close(4 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... close resumed>) = 0 [pid 5066] openat(AT_FDCWD, "./64/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] <... openat resumed>) = 3 [pid 5069] rmdir("./65/file0" [pid 5066] <... openat resumed>) = 4 [pid 5069] <... rmdir resumed>) = 0 [pid 5066] fstat(4, [pid 5064] fstat(3, [pid 5069] getdents64(3, [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] getdents64(4, [pid 5069] close(3 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] getdents64(3, [pid 5069] <... close resumed>) = 0 [pid 5066] getdents64(4, [pid 5069] rmdir("./65" [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] <... rmdir resumed>) = 0 [pid 5066] close(4 [pid 5064] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] mkdir("./66", 0777 [pid 5066] <... close resumed>) = 0 [pid 5064] umount2("./64/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... mkdir resumed>) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./64/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5066] rmdir("./64/file0" [pid 5064] unlink("./64/binderfs" [pid 5069] <... openat resumed>) = 3 [pid 5066] <... rmdir resumed>) = 0 [pid 5064] <... unlink resumed>) = 0 [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5066] getdents64(3, [pid 5064] umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5066] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] close(3 [pid 5069] close(3 [pid 5066] <... close resumed>) = 0 [pid 5069] <... close resumed>) = 0 [pid 5066] rmdir("./64") = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5066] mkdir("./65", 0777) = 0 [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 5867 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5066] close(3) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 5868 ./strace-static-x86_64: Process 5867 attached ./strace-static-x86_64: Process 5868 attached [pid 5867] chdir("./66" [pid 5868] chdir("./65" [pid 5867] <... chdir resumed>) = 0 [pid 5868] <... chdir resumed>) = 0 [pid 5867] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5868] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5867] <... prctl resumed>) = 0 [pid 5868] <... prctl resumed>) = 0 [pid 5867] setpgid(0, 0 [pid 5868] setpgid(0, 0 [pid 5867] <... setpgid resumed>) = 0 [pid 5868] <... setpgid resumed>) = 0 [pid 5867] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5868] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5867] <... openat resumed>) = 3 [pid 5868] <... openat resumed>) = 3 [pid 5867] write(3, "1000", 4 [pid 5868] write(3, "1000", 4 [pid 5867] <... write resumed>) = 4 [pid 5868] <... write resumed>) = 4 [pid 5867] close(3 [pid 5868] close(3 [pid 5867] <... close resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 5867] symlink("/dev/binderfs", "./binderfs" [pid 5868] symlink("/dev/binderfs", "./binderfs" [pid 5867] <... symlink resumed>) = 0 [pid 5868] <... symlink resumed>) = 0 [pid 5867] memfd_create("syzkaller", 0 [pid 5868] memfd_create("syzkaller", 0 [pid 5867] <... memfd_create resumed>) = 3 [pid 5868] <... memfd_create resumed>) = 3 [pid 5867] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5868] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5867] <... mmap resumed>) = 0x7fc0314e0000 [pid 5868] <... mmap resumed>) = 0x7fc0314e0000 [pid 5064] <... umount2 resumed>) = 0 [pid 5064] umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./64/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./64/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5064] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5868] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5064] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5867] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5064] close(4) = 0 [pid 5064] rmdir("./64/file0") = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] close(3) = 0 [pid 5064] rmdir("./64") = 0 [pid 5064] mkdir("./65", 0777) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5868] <... write resumed>) = 2097152 [pid 5064] <... openat resumed>) = 3 [pid 5064] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5064] close(3) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 5869 [pid 5868] munmap(0x7fc0314e0000, 2097152) = 0 ./strace-static-x86_64: Process 5869 attached [pid 5869] chdir("./65") = 0 [pid 5869] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5867] <... write resumed>) = 2097152 [pid 5869] <... prctl resumed>) = 0 [pid 5869] setpgid(0, 0 [pid 5868] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5869] <... setpgid resumed>) = 0 [pid 5867] munmap(0x7fc0314e0000, 2097152 [pid 5869] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5868] <... openat resumed>) = 4 [pid 5867] <... munmap resumed>) = 0 [pid 5869] <... openat resumed>) = 3 [pid 5868] ioctl(4, LOOP_SET_FD, 3 [pid 5867] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5869] write(3, "1000", 4 [pid 5867] <... openat resumed>) = 4 [pid 5869] <... write resumed>) = 4 [pid 5867] ioctl(4, LOOP_SET_FD, 3 [pid 5869] close(3 [pid 5868] <... ioctl resumed>) = 0 [pid 5867] <... ioctl resumed>) = 0 [pid 5868] close(3 [pid 5867] close(3 [pid 5868] <... close resumed>) = 0 [pid 5868] mkdir("./file0", 0777 [pid 5867] <... close resumed>) = 0 [pid 5868] <... mkdir resumed>) = 0 [pid 5868] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5867] mkdir("./file0", 0777) = 0 [pid 5867] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5869] <... close resumed>) = 0 [pid 5869] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5869] memfd_create("syzkaller", 0) = 3 [pid 5869] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 201.243634][ T5868] loop2: detected capacity change from 0 to 4096 [ 201.245025][ T5867] loop5: detected capacity change from 0 to 4096 [ 201.301563][ T5868] NILFS (loop2): invalid segment: Checksum error in segment payload [ 201.322397][ T5867] NILFS (loop5): invalid segment: Checksum error in segment payload [ 201.336043][ T5868] NILFS (loop2): trying rollback from an earlier position [pid 5869] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5862] <... sendfile resumed>) = 1048576 [pid 5862] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5862] exit_group(0) = ? [pid 5862] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5862, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=26 /* 0.26 s */} --- [pid 5065] umount2("./64", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./64", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 201.347024][ T5867] NILFS (loop5): trying rollback from an earlier position [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./64/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./64/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] unlink("./64/binderfs") = 0 [ 201.409311][ T5868] NILFS (loop2): recovery complete [pid 5065] umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5868] <... mount resumed>) = 0 [pid 5868] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5868] chdir("./file0") = 0 [pid 5868] ioctl(4, LOOP_CLR_FD) = 0 [pid 5868] close(4) = 0 [pid 5869] <... write resumed>) = 2097152 [pid 5869] munmap(0x7fc0314e0000, 2097152) = 0 [pid 5869] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5869] ioctl(4, LOOP_SET_FD, 3 [pid 5868] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5868] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5861] <... sendfile resumed>) = 1048576 [pid 5868] <... open resumed>) = 5 [pid 5868] ftruncate(5, 33587195) = 0 [pid 5861] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5868] sendfile(4, 5, NULL, 281474978811909 [pid 5861] <... open resumed>) = -1 EFAULT (Bad address) [pid 5861] exit_group(0) = ? [pid 5861] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5861, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=30 /* 0.30 s */} --- [pid 5067] umount2("./65", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./65", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5863] <... sendfile resumed>) = 1048576 [ 201.440704][ T5870] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 201.443404][ T5867] NILFS (loop5): recovery complete [ 201.475106][ T5869] loop0: detected capacity change from 0 to 4096 [pid 5863] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5067] umount2("./65/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5867] <... mount resumed>) = 0 [pid 5863] <... open resumed>) = -1 EFAULT (Bad address) [pid 5869] <... ioctl resumed>) = 0 [pid 5867] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5863] exit_group(0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5869] close(3 [pid 5867] <... openat resumed>) = 3 [pid 5863] <... exit_group resumed>) = ? [pid 5869] <... close resumed>) = 0 [pid 5867] chdir("./file0" [pid 5863] +++ exited with 0 +++ [pid 5067] lstat("./65/binderfs", [pid 5869] mkdir("./file0", 0777 [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5863, si_uid=0, si_status=0, si_utime=0, si_stime=20 /* 0.20 s */} --- [pid 5067] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5867] <... chdir resumed>) = 0 [pid 5869] <... mkdir resumed>) = 0 [pid 5869] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5867] ioctl(4, LOOP_CLR_FD [pid 5067] unlink("./65/binderfs" [pid 5867] <... ioctl resumed>) = 0 [pid 5067] <... unlink resumed>) = 0 [pid 5867] close(4 [pid 5067] umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5867] <... close resumed>) = 0 [pid 5068] umount2("./65", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5867] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./65", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] umount2("./65/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5867] <... open resumed>) = 4 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] lstat("./65/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5867] <... open resumed>) = 5 [pid 5068] unlink("./65/binderfs" [pid 5867] ftruncate(5, 33587195 [pid 5068] <... unlink resumed>) = 0 [ 201.526445][ T5871] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5068] umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5867] <... ftruncate resumed>) = 0 [pid 5867] sendfile(4, 5, NULL, 281474978811909 [pid 5065] <... umount2 resumed>) = 0 [pid 5065] umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./64/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./64/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 201.576804][ T5869] NILFS (loop0): invalid segment: Checksum error in segment payload [ 201.585105][ T5869] NILFS (loop0): trying rollback from an earlier position [pid 5065] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [pid 5065] rmdir("./64/file0") = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 5065] rmdir("./64") = 0 [pid 5065] mkdir("./65", 0777) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 5872 [ 201.675617][ T5869] NILFS (loop0): recovery complete [pid 5869] <... mount resumed>) = 0 ./strace-static-x86_64: Process 5872 attached [pid 5872] chdir("./65") = 0 [pid 5872] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5872] setpgid(0, 0) = 0 [pid 5872] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5872] write(3, "1000", 4) = 4 [pid 5872] close(3) = 0 [pid 5872] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5869] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5869] chdir("./file0" [pid 5872] memfd_create("syzkaller", 0 [pid 5869] <... chdir resumed>) = 0 [pid 5872] <... memfd_create resumed>) = 3 [pid 5872] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5869] ioctl(4, LOOP_CLR_FD [pid 5872] <... mmap resumed>) = 0x7fc0314e0000 [pid 5869] <... ioctl resumed>) = 0 [pid 5869] close(4 [pid 5068] <... umount2 resumed>) = 0 [pid 5869] <... close resumed>) = 0 [pid 5067] <... umount2 resumed>) = 0 [pid 5869] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5869] <... open resumed>) = 4 [pid 5869] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] lstat("./65/file0", [pid 5869] <... open resumed>) = 5 [pid 5869] ftruncate(5, 33587195) = 0 [pid 5067] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 201.721412][ T5873] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5869] sendfile(4, 5, NULL, 281474978811909 [pid 5067] umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./65/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, [pid 5068] umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] close(4) = 0 [pid 5872] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5068] lstat("./65/file0", [pid 5067] rmdir("./65/file0") = 0 [pid 5068] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, [pid 5068] umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] close(3) = 0 [pid 5068] openat(AT_FDCWD, "./65/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5067] rmdir("./65" [pid 5068] <... openat resumed>) = 4 [pid 5067] <... rmdir resumed>) = 0 [pid 5068] fstat(4, [pid 5067] mkdir("./66", 0777 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] <... mkdir resumed>) = 0 [pid 5068] getdents64(4, [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] <... openat resumed>) = 3 [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] ioctl(3, LOOP_CLR_FD [pid 5068] close(4 [pid 5067] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5068] <... close resumed>) = 0 [pid 5067] close(3 [pid 5068] rmdir("./65/file0" [pid 5067] <... close resumed>) = 0 [pid 5068] <... rmdir resumed>) = 0 [pid 5068] getdents64(3, [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] close(3 [pid 5067] <... clone resumed>, child_tidptr=0x555556c965d0) = 5874 [pid 5068] <... close resumed>) = 0 [pid 5068] rmdir("./65") = 0 [pid 5068] mkdir("./66", 0777) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR./strace-static-x86_64: Process 5874 attached ) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5874] chdir("./66" [pid 5068] close(3 [pid 5874] <... chdir resumed>) = 0 [pid 5874] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5068] <... close resumed>) = 0 [pid 5874] <... prctl resumed>) = 0 [pid 5874] setpgid(0, 0) = 0 [pid 5874] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5874] write(3, "1000", 4) = 4 [pid 5874] close(3) = 0 [pid 5874] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5874] memfd_create("syzkaller", 0) = 3 ./strace-static-x86_64: Process 5875 attached [pid 5874] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 5875 [pid 5875] chdir("./66" [pid 5874] <... mmap resumed>) = 0x7fc0314e0000 [pid 5875] <... chdir resumed>) = 0 [pid 5872] <... write resumed>) = 2097152 [pid 5875] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5875] setpgid(0, 0) = 0 [pid 5872] munmap(0x7fc0314e0000, 2097152 [pid 5875] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5872] <... munmap resumed>) = 0 [pid 5872] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5875] <... openat resumed>) = 3 [pid 5875] write(3, "1000", 4) = 4 [pid 5875] close(3 [pid 5872] <... openat resumed>) = 4 [pid 5875] <... close resumed>) = 0 [pid 5875] symlink("/dev/binderfs", "./binderfs" [pid 5872] ioctl(4, LOOP_SET_FD, 3 [pid 5875] <... symlink resumed>) = 0 [pid 5872] <... ioctl resumed>) = 0 [pid 5875] memfd_create("syzkaller", 0 [pid 5874] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5875] <... memfd_create resumed>) = 3 [pid 5875] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5872] close(3) = 0 [pid 5872] mkdir("./file0", 0777 [pid 5875] <... mmap resumed>) = 0x7fc0314e0000 [pid 5872] <... mkdir resumed>) = 0 [ 202.008350][ T5872] loop1: detected capacity change from 0 to 4096 [pid 5872] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5875] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5874] <... write resumed>) = 2097152 [pid 5874] munmap(0x7fc0314e0000, 2097152) = 0 [pid 5874] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5874] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5874] close(3) = 0 [pid 5874] mkdir("./file0", 0777) = 0 [ 202.078985][ T5872] NILFS (loop1): invalid segment: Checksum error in segment payload [ 202.108634][ T5872] NILFS (loop1): trying rollback from an earlier position [ 202.121658][ T5874] loop3: detected capacity change from 0 to 4096 [pid 5874] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5875] <... write resumed>) = 2097152 [pid 5872] <... mount resumed>) = 0 [pid 5872] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5872] chdir("./file0" [pid 5875] munmap(0x7fc0314e0000, 2097152) = 0 [pid 5872] <... chdir resumed>) = 0 [pid 5875] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5872] ioctl(4, LOOP_CLR_FD) = 0 [pid 5872] close(4 [pid 5875] ioctl(4, LOOP_SET_FD, 3 [pid 5872] <... close resumed>) = 0 [pid 5872] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5872] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [ 202.172426][ T5874] NILFS (loop3): invalid segment: Checksum error in segment payload [ 202.182685][ T5872] NILFS (loop1): recovery complete [pid 5872] ftruncate(5, 33587195) = 0 [pid 5872] sendfile(4, 5, NULL, 281474978811909 [pid 5875] <... ioctl resumed>) = 0 [ 202.218872][ T5876] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 202.221845][ T5875] loop4: detected capacity change from 0 to 4096 [pid 5875] close(3) = 0 [pid 5875] mkdir("./file0", 0777) = 0 [ 202.287757][ T5874] NILFS (loop3): trying rollback from an earlier position [pid 5875] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5874] <... mount resumed>) = 0 [pid 5874] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5874] chdir("./file0") = 0 [pid 5874] ioctl(4, LOOP_CLR_FD) = 0 [pid 5874] close(4) = 0 [pid 5874] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5874] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [ 202.347548][ T5874] NILFS (loop3): recovery complete [ 202.353487][ T5875] NILFS (loop4): invalid segment: Checksum error in segment payload [ 202.380069][ T5877] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5874] ftruncate(5, 33587195) = 0 [ 202.405630][ T5875] NILFS (loop4): trying rollback from an earlier position [ 202.451099][ T5875] NILFS (loop4): recovery complete [pid 5874] sendfile(4, 5, NULL, 281474978811909 [pid 5875] <... mount resumed>) = 0 [pid 5875] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5875] chdir("./file0") = 0 [pid 5875] ioctl(4, LOOP_CLR_FD) = 0 [pid 5875] close(4) = 0 [pid 5875] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5875] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5875] ftruncate(5, 33587195 [pid 5867] <... sendfile resumed>) = 1048576 [pid 5875] <... ftruncate resumed>) = 0 [pid 5875] sendfile(4, 5, NULL, 281474978811909 [pid 5867] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [ 202.545387][ T5878] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5867] exit_group(0) = ? [pid 5867] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5867, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=28 /* 0.28 s */} --- [pid 5868] <... sendfile resumed>) = 1048576 [pid 5069] umount2("./66", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5868] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./66", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5868] exit_group(0) = ? [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5868] +++ exited with 0 +++ [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5868, si_uid=0, si_status=0, si_utime=0, si_stime=28 /* 0.28 s */} --- [pid 5069] getdents64(3, [pid 5066] restart_syscall(<... resuming interrupted clone ...> [pid 5069] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./66/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... restart_syscall resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] umount2("./65", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] lstat("./66/binderfs", [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] openat(AT_FDCWD, "./65", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] unlink("./66/binderfs" [pid 5066] fstat(3, [pid 5069] <... unlink resumed>) = 0 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] umount2("./65/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./65/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] unlink("./65/binderfs") = 0 [pid 5066] umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5869] <... sendfile resumed>) = 1048576 [pid 5869] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5869] exit_group(0) = ? [pid 5869] +++ exited with 0 +++ [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5869, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} --- [pid 5064] umount2("./65", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./65", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5064] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] umount2("./65/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./65/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] unlink("./65/binderfs") = 0 [pid 5064] umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... umount2 resumed>) = 0 [pid 5066] umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./65/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./65/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] <... umount2 resumed>) = 0 [pid 5069] umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./66/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./66/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] <... openat resumed>) = 4 [pid 5069] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(4, [pid 5069] getdents64(4, [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] close(4 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] <... close resumed>) = 0 [pid 5069] getdents64(4, [pid 5066] rmdir("./65/file0" [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 5066] <... rmdir resumed>) = 0 [pid 5069] rmdir("./66/file0") = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] close(3 [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./66" [pid 5066] <... close resumed>) = 0 [pid 5069] <... rmdir resumed>) = 0 [pid 5066] rmdir("./65" [pid 5069] mkdir("./67", 0777) = 0 [pid 5066] <... rmdir resumed>) = 0 [pid 5066] mkdir("./66", 0777 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5066] <... mkdir resumed>) = 0 [pid 5069] close(3 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5069] <... close resumed>) = 0 [pid 5066] <... openat resumed>) = 3 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 5879 [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5066] close(3./strace-static-x86_64: Process 5879 attached ) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5879] chdir("./67") = 0 [pid 5066] <... clone resumed>, child_tidptr=0x555556c965d0) = 5880 [pid 5879] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5879] setpgid(0, 0) = 0 [pid 5879] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5879] write(3, "1000", 4) = 4 ./strace-static-x86_64: Process 5880 attached [pid 5879] close(3) = 0 [pid 5879] symlink("/dev/binderfs", "./binderfs" [pid 5880] chdir("./66" [pid 5879] <... symlink resumed>) = 0 [pid 5880] <... chdir resumed>) = 0 [pid 5879] memfd_create("syzkaller", 0) = 3 [pid 5879] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5880] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5879] <... mmap resumed>) = 0x7fc0314e0000 [pid 5880] <... prctl resumed>) = 0 [pid 5880] setpgid(0, 0) = 0 [pid 5880] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5880] write(3, "1000", 4) = 4 [pid 5880] close(3) = 0 [pid 5880] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5880] memfd_create("syzkaller", 0) = 3 [pid 5880] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5879] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5064] <... umount2 resumed>) = 0 [pid 5880] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5064] umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./65/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./65/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5064] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] close(4 [pid 5880] <... write resumed>) = 2097152 [pid 5064] <... close resumed>) = 0 [pid 5064] rmdir("./65/file0") = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] close(3) = 0 [pid 5064] rmdir("./65") = 0 [pid 5064] mkdir("./66", 0777) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5880] munmap(0x7fc0314e0000, 2097152 [pid 5064] <... openat resumed>) = 3 [pid 5064] ioctl(3, LOOP_CLR_FD [pid 5880] <... munmap resumed>) = 0 [pid 5879] <... write resumed>) = 2097152 [pid 5064] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5064] close(3 [pid 5880] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5879] munmap(0x7fc0314e0000, 2097152 [pid 5064] <... close resumed>) = 0 [pid 5880] <... openat resumed>) = 4 [pid 5879] <... munmap resumed>) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5880] ioctl(4, LOOP_SET_FD, 3 [pid 5879] openat(AT_FDCWD, "/dev/loop5", O_RDWR./strace-static-x86_64: Process 5881 attached ) = 4 [pid 5064] <... clone resumed>, child_tidptr=0x555556c965d0) = 5881 [pid 5879] ioctl(4, LOOP_SET_FD, 3 [pid 5881] chdir("./66" [pid 5879] <... ioctl resumed>) = 0 [pid 5881] <... chdir resumed>) = 0 [pid 5881] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5881] setpgid(0, 0) = 0 [pid 5880] <... ioctl resumed>) = 0 [pid 5880] close(3 [pid 5879] close(3 [pid 5881] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5880] <... close resumed>) = 0 [pid 5879] <... close resumed>) = 0 [pid 5881] <... openat resumed>) = 3 [pid 5880] mkdir("./file0", 0777 [pid 5879] mkdir("./file0", 0777 [pid 5881] write(3, "1000", 4 [pid 5880] <... mkdir resumed>) = 0 [pid 5879] <... mkdir resumed>) = 0 [pid 5881] <... write resumed>) = 4 [pid 5880] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [ 203.223657][ T5880] loop2: detected capacity change from 0 to 4096 [ 203.238432][ T5879] loop5: detected capacity change from 0 to 4096 [pid 5879] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5881] close(3) = 0 [pid 5881] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5881] memfd_create("syzkaller", 0) = 3 [pid 5881] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 203.281795][ T5880] NILFS (loop2): invalid segment: Checksum error in segment payload [ 203.308665][ T5879] NILFS (loop5): invalid segment: Checksum error in segment payload [ 203.318433][ T5880] NILFS (loop2): trying rollback from an earlier position [ 203.328496][ T5879] NILFS (loop5): trying rollback from an earlier position [pid 5881] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5872] <... sendfile resumed>) = 1048576 [pid 5872] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5872] exit_group(0) = ? [pid 5872] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5872, si_uid=0, si_status=0, si_utime=0, si_stime=29 /* 0.29 s */} --- [pid 5065] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5065] umount2("./65", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./65", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [ 203.398454][ T5879] NILFS (loop5): recovery complete [ 203.405009][ T5880] NILFS (loop2): recovery complete [pid 5881] <... write resumed>) = 2097152 [pid 5880] <... mount resumed>) = 0 [pid 5879] <... mount resumed>) = 0 [pid 5065] umount2("./65/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5880] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5879] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5880] <... openat resumed>) = 3 [pid 5879] <... openat resumed>) = 3 [pid 5065] lstat("./65/binderfs", [pid 5880] chdir("./file0" [pid 5879] chdir("./file0" [pid 5065] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5881] munmap(0x7fc0314e0000, 2097152 [pid 5880] <... chdir resumed>) = 0 [pid 5879] <... chdir resumed>) = 0 [pid 5065] unlink("./65/binderfs" [pid 5881] <... munmap resumed>) = 0 [pid 5880] ioctl(4, LOOP_CLR_FD [pid 5879] ioctl(4, LOOP_CLR_FD [pid 5065] <... unlink resumed>) = 0 [pid 5881] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5880] <... ioctl resumed>) = 0 [pid 5879] <... ioctl resumed>) = 0 [pid 5065] umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5881] <... openat resumed>) = 4 [pid 5880] close(4 [pid 5879] close(4 [pid 5880] <... close resumed>) = 0 [pid 5879] <... close resumed>) = 0 [pid 5880] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5879] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5880] <... open resumed>) = 4 [pid 5879] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5880] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5879] <... open resumed>) = 5 [pid 5881] ioctl(4, LOOP_SET_FD, 3 [pid 5880] <... open resumed>) = 5 [ 203.441942][ T5883] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 203.453253][ T5882] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5879] ftruncate(5, 33587195 [pid 5880] ftruncate(5, 33587195 [pid 5881] <... ioctl resumed>) = 0 [pid 5879] <... ftruncate resumed>) = 0 [pid 5881] close(3 [pid 5879] sendfile(4, 5, NULL, 281474978811909 [pid 5881] <... close resumed>) = 0 [pid 5881] mkdir("./file0", 0777) = 0 [pid 5881] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5880] <... ftruncate resumed>) = 0 [ 203.507209][ T5881] loop0: detected capacity change from 0 to 4096 [pid 5880] sendfile(4, 5, NULL, 281474978811909 [pid 5875] <... sendfile resumed>) = 1048576 [pid 5874] <... sendfile resumed>) = 1048576 [pid 5875] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5874] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5875] <... open resumed>) = -1 EFAULT (Bad address) [pid 5874] <... open resumed>) = -1 EFAULT (Bad address) [pid 5875] exit_group(0 [pid 5874] exit_group(0 [pid 5875] <... exit_group resumed>) = ? [pid 5874] <... exit_group resumed>) = ? [pid 5875] +++ exited with 0 +++ [pid 5874] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5875, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=34 /* 0.34 s */} --- [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5874, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=25 /* 0.25 s */} --- [pid 5068] umount2("./66", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] umount2("./66", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./66", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5067] openat(AT_FDCWD, "./66", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] <... openat resumed>) = 3 [pid 5067] <... openat resumed>) = 3 [pid 5068] fstat(3, [pid 5067] fstat(3, [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(3, [pid 5067] getdents64(3, [pid 5068] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [ 203.578668][ T5881] NILFS (loop0): invalid segment: Checksum error in segment payload [ 203.602582][ T5881] NILFS (loop0): trying rollback from an earlier position [pid 5068] umount2("./66/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] umount2("./66/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./66/binderfs", [pid 5067] lstat("./66/binderfs", [pid 5068] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] unlink("./66/binderfs" [pid 5067] unlink("./66/binderfs" [pid 5068] <... unlink resumed>) = 0 [pid 5067] <... unlink resumed>) = 0 [pid 5068] umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... umount2 resumed>) = 0 [ 203.683342][ T5881] NILFS (loop0): recovery complete [pid 5065] umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5881] <... mount resumed>) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5881] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5065] lstat("./65/file0", [pid 5881] <... openat resumed>) = 3 [pid 5065] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5881] chdir("./file0" [pid 5065] umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5881] <... chdir resumed>) = 0 [pid 5881] ioctl(4, LOOP_CLR_FD [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5881] <... ioctl resumed>) = 0 [pid 5065] openat(AT_FDCWD, "./65/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5881] close(4 [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5881] <... close resumed>) = 0 [ 203.726207][ T5884] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5065] getdents64(4, [pid 5881] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] <... umount2 resumed>) = 0 [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] close(4 [pid 5881] <... open resumed>) = 4 [pid 5065] <... close resumed>) = 0 [pid 5065] rmdir("./65/file0" [pid 5881] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5065] <... rmdir resumed>) = 0 [pid 5881] ftruncate(5, 33587195 [pid 5065] getdents64(3, [pid 5881] <... ftruncate resumed>) = 0 [pid 5065] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5881] sendfile(4, 5, NULL, 281474978811909 [pid 5065] close(3 [pid 5068] umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... close resumed>) = 0 [pid 5065] rmdir("./65") = 0 [pid 5065] mkdir("./66", 0777) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5065] close(3) = 0 [pid 5068] lstat("./66/file0", [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] <... umount2 resumed>) = 0 [pid 5068] umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... clone resumed>, child_tidptr=0x555556c965d0) = 5885 ./strace-static-x86_64: Process 5885 attached [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5885] chdir("./66" [pid 5068] openat(AT_FDCWD, "./66/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5885] <... chdir resumed>) = 0 [pid 5068] fstat(4, [pid 5067] umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./66/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5885] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5068] getdents64(4, [pid 5885] <... prctl resumed>) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] openat(AT_FDCWD, "./66/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5885] setpgid(0, 0 [pid 5068] getdents64(4, [pid 5885] <... setpgid resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5885] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5068] close(4 [pid 5885] <... openat resumed>) = 3 [pid 5885] write(3, "1000", 4 [pid 5068] <... close resumed>) = 0 [pid 5068] rmdir("./66/file0" [pid 5885] <... write resumed>) = 4 [pid 5067] <... openat resumed>) = 4 [pid 5068] <... rmdir resumed>) = 0 [pid 5885] close(3) = 0 [pid 5068] getdents64(3, [pid 5885] symlink("/dev/binderfs", "./binderfs" [pid 5068] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5885] <... symlink resumed>) = 0 [pid 5068] close(3 [pid 5067] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, [pid 5885] memfd_create("syzkaller", 0 [pid 5068] <... close resumed>) = 0 [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] rmdir("./66" [pid 5067] close(4 [pid 5068] <... rmdir resumed>) = 0 [pid 5067] <... close resumed>) = 0 [pid 5885] <... memfd_create resumed>) = 3 [pid 5068] mkdir("./67", 0777 [pid 5067] rmdir("./66/file0" [pid 5885] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5068] <... mkdir resumed>) = 0 [pid 5067] <... rmdir resumed>) = 0 [pid 5885] <... mmap resumed>) = 0x7fc0314e0000 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3 [pid 5068] <... openat resumed>) = 3 [pid 5067] <... close resumed>) = 0 [pid 5067] rmdir("./66" [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5067] <... rmdir resumed>) = 0 [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5067] mkdir("./67", 0777 [pid 5068] close(3 [pid 5067] <... mkdir resumed>) = 0 [pid 5068] <... close resumed>) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5067] <... openat resumed>) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5885] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5067] <... clone resumed>, child_tidptr=0x555556c965d0) = 5886 [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 5887 ./strace-static-x86_64: Process 5887 attached ./strace-static-x86_64: Process 5886 attached [pid 5886] chdir("./67") = 0 [pid 5886] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5886] setpgid(0, 0) = 0 [pid 5886] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5887] chdir("./67" [pid 5886] write(3, "1000", 4 [pid 5887] <... chdir resumed>) = 0 [pid 5886] <... write resumed>) = 4 [pid 5886] close(3 [pid 5887] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5886] <... close resumed>) = 0 [pid 5886] symlink("/dev/binderfs", "./binderfs" [pid 5887] <... prctl resumed>) = 0 [pid 5886] <... symlink resumed>) = 0 [pid 5886] memfd_create("syzkaller", 0 [pid 5887] setpgid(0, 0 [pid 5886] <... memfd_create resumed>) = 3 [pid 5886] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5887] <... setpgid resumed>) = 0 [pid 5886] <... mmap resumed>) = 0x7fc0314e0000 [pid 5887] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5887] write(3, "1000", 4) = 4 [pid 5887] close(3) = 0 [pid 5887] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5887] memfd_create("syzkaller", 0) = 3 [pid 5885] <... write resumed>) = 2097152 [pid 5887] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5886] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5885] munmap(0x7fc0314e0000, 2097152 [pid 5887] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5885] <... munmap resumed>) = 0 [pid 5885] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5885] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5885] close(3) = 0 [pid 5885] mkdir("./file0", 0777) = 0 [pid 5885] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5887] <... write resumed>) = 2097152 [ 204.108789][ T5885] loop1: detected capacity change from 0 to 4096 [pid 5887] munmap(0x7fc0314e0000, 2097152 [pid 5886] <... write resumed>) = 2097152 [pid 5887] <... munmap resumed>) = 0 [pid 5887] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5887] ioctl(4, LOOP_SET_FD, 3 [pid 5886] munmap(0x7fc0314e0000, 2097152) = 0 [pid 5886] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5886] ioctl(4, LOOP_SET_FD, 3 [pid 5887] <... ioctl resumed>) = 0 [ 204.175400][ T5885] NILFS (loop1): invalid segment: Checksum error in segment payload [ 204.199756][ T5886] loop3: detected capacity change from 0 to 4096 [ 204.206893][ T5887] loop4: detected capacity change from 0 to 4096 [pid 5887] close(3) = 0 [pid 5886] <... ioctl resumed>) = 0 [pid 5887] mkdir("./file0", 0777 [pid 5886] close(3 [pid 5887] <... mkdir resumed>) = 0 [pid 5886] <... close resumed>) = 0 [pid 5887] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5886] mkdir("./file0", 0777) = 0 [ 204.220079][ T5885] NILFS (loop1): trying rollback from an earlier position [ 204.261193][ T5887] NILFS (loop4): invalid segment: Checksum error in segment payload [ 204.284428][ T5886] NILFS (loop3): invalid segment: Checksum error in segment payload [ 204.306873][ T5887] NILFS (loop4): trying rollback from an earlier position [ 204.317928][ T5885] NILFS (loop1): recovery complete [ 204.328255][ T5886] NILFS (loop3): trying rollback from an earlier position [pid 5886] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5885] <... mount resumed>) = 0 [pid 5885] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5885] chdir("./file0") = 0 [pid 5885] ioctl(4, LOOP_CLR_FD) = 0 [pid 5885] close(4) = 0 [pid 5885] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5885] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5885] ftruncate(5, 33587195) = 0 [ 204.353579][ T5888] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 204.377070][ T5887] NILFS (loop4): recovery complete [ 204.386254][ T5886] NILFS (loop3): recovery complete [pid 5885] sendfile(4, 5, NULL, 281474978811909 [pid 5887] <... mount resumed>) = 0 [pid 5886] <... mount resumed>) = 0 [pid 5887] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5887] chdir("./file0") = 0 [pid 5887] ioctl(4, LOOP_CLR_FD) = 0 [pid 5887] close(4) = 0 [pid 5886] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5887] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [ 204.402677][ T5889] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 204.416315][ T5890] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5886] <... openat resumed>) = 3 [pid 5887] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5886] chdir("./file0" [pid 5887] <... open resumed>) = 5 [pid 5886] <... chdir resumed>) = 0 [pid 5887] ftruncate(5, 33587195 [pid 5886] ioctl(4, LOOP_CLR_FD [pid 5887] <... ftruncate resumed>) = 0 [pid 5886] <... ioctl resumed>) = 0 [pid 5887] sendfile(4, 5, NULL, 281474978811909 [pid 5886] close(4) = 0 [pid 5886] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5886] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5886] ftruncate(5, 33587195) = 0 [pid 5886] sendfile(4, 5, NULL, 281474978811909 [pid 5879] <... sendfile resumed>) = 1048576 [pid 5879] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5879] exit_group(0) = ? [pid 5879] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5879, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=22 /* 0.22 s */} --- [pid 5069] umount2("./67", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./67", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5880] <... sendfile resumed>) = 1048576 [pid 5069] getdents64(3, [pid 5880] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5069] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5880] <... open resumed>) = -1 EFAULT (Bad address) [pid 5069] umount2("./67/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./67/binderfs", [pid 5880] exit_group(0 [pid 5069] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5880] <... exit_group resumed>) = ? [pid 5069] unlink("./67/binderfs") = 0 [pid 5880] +++ exited with 0 +++ [pid 5069] umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5880, si_uid=0, si_status=0, si_utime=0, si_stime=24 /* 0.24 s */} --- [pid 5066] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5066] umount2("./66", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./66", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5066] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] umount2("./66/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./66/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] unlink("./66/binderfs") = 0 [pid 5066] umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5881] <... sendfile resumed>) = 1048576 [pid 5881] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5881] exit_group(0) = ? [pid 5881] +++ exited with 0 +++ [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5881, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 5064] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5064] umount2("./66", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./66", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5064] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] umount2("./66/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./66/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] unlink("./66/binderfs") = 0 [pid 5064] umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... umount2 resumed>) = 0 [pid 5069] umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./67/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./67/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 5069] rmdir("./67/file0") = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./67") = 0 [pid 5069] mkdir("./68", 0777) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5069] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 5891 [pid 5066] <... umount2 resumed>) = 0 [pid 5066] umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./66/file0", ./strace-static-x86_64: Process 5891 attached {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5891] chdir("./68" [pid 5066] umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5891] <... chdir resumed>) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5891] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5066] openat(AT_FDCWD, "./66/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5891] <... prctl resumed>) = 0 [pid 5066] <... openat resumed>) = 4 [pid 5891] setpgid(0, 0 [pid 5066] fstat(4, [pid 5891] <... setpgid resumed>) = 0 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5891] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5066] getdents64(4, [pid 5891] <... openat resumed>) = 3 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5891] write(3, "1000", 4 [pid 5066] getdents64(4, [pid 5891] <... write resumed>) = 4 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5891] close(3 [pid 5066] close(4 [pid 5891] <... close resumed>) = 0 [pid 5066] <... close resumed>) = 0 [pid 5891] symlink("/dev/binderfs", "./binderfs" [pid 5066] rmdir("./66/file0" [pid 5891] <... symlink resumed>) = 0 [pid 5066] <... rmdir resumed>) = 0 [pid 5891] memfd_create("syzkaller", 0 [pid 5066] getdents64(3, [pid 5891] <... memfd_create resumed>) = 3 [pid 5066] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5891] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5066] close(3 [pid 5891] <... mmap resumed>) = 0x7fc0314e0000 [pid 5066] <... close resumed>) = 0 [pid 5066] rmdir("./66") = 0 [pid 5066] mkdir("./67", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5066] close(3) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 5892 [pid 5891] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152./strace-static-x86_64: Process 5892 attached [pid 5892] chdir("./67") = 0 [pid 5892] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5892] setpgid(0, 0) = 0 [pid 5892] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5064] <... umount2 resumed>) = 0 [pid 5892] <... openat resumed>) = 3 [pid 5064] umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5892] write(3, "1000", 4) = 4 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5892] close(3 [pid 5064] lstat("./66/file0", [pid 5892] <... close resumed>) = 0 [pid 5892] symlink("/dev/binderfs", "./binderfs" [pid 5064] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5892] <... symlink resumed>) = 0 [pid 5064] umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5892] memfd_create("syzkaller", 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5892] <... memfd_create resumed>) = 3 [pid 5892] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5064] openat(AT_FDCWD, "./66/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5892] <... mmap resumed>) = 0x7fc0314e0000 [pid 5064] <... openat resumed>) = 4 [pid 5064] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] close(4) = 0 [pid 5064] rmdir("./66/file0" [pid 5891] <... write resumed>) = 2097152 [pid 5064] <... rmdir resumed>) = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] close(3 [pid 5891] munmap(0x7fc0314e0000, 2097152 [pid 5064] <... close resumed>) = 0 [pid 5891] <... munmap resumed>) = 0 [pid 5064] rmdir("./66" [pid 5892] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5891] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5064] <... rmdir resumed>) = 0 [pid 5891] ioctl(4, LOOP_SET_FD, 3 [pid 5064] mkdir("./67", 0777) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5064] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5064] close(3) = 0 [pid 5891] <... ioctl resumed>) = 0 [pid 5891] close(3) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5891] mkdir("./file0", 0777) = 0 [pid 5891] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5064] <... clone resumed>, child_tidptr=0x555556c965d0) = 5893 ./strace-static-x86_64: Process 5893 attached [pid 5893] chdir("./67") = 0 [pid 5893] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5893] setpgid(0, 0) = 0 [pid 5893] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 205.340413][ T5891] loop5: detected capacity change from 0 to 4096 [pid 5893] write(3, "1000", 4) = 4 [pid 5893] close(3) = 0 [pid 5893] symlink("/dev/binderfs", "./binderfs" [pid 5892] <... write resumed>) = 2097152 [pid 5893] <... symlink resumed>) = 0 [pid 5892] munmap(0x7fc0314e0000, 2097152 [pid 5893] memfd_create("syzkaller", 0) = 3 [pid 5892] <... munmap resumed>) = 0 [pid 5893] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5892] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5893] <... mmap resumed>) = 0x7fc0314e0000 [pid 5892] <... openat resumed>) = 4 [ 205.439724][ T5891] NILFS (loop5): invalid segment: Checksum error in segment payload [pid 5892] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5892] close(3) = 0 [pid 5892] mkdir("./file0", 0777) = 0 [pid 5892] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [ 205.486806][ T5892] loop2: detected capacity change from 0 to 4096 [ 205.488186][ T5891] NILFS (loop5): trying rollback from an earlier position [pid 5893] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5885] <... sendfile resumed>) = 1048576 [pid 5885] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5885] exit_group(0 [pid 5893] <... write resumed>) = 2097152 [ 205.551131][ T5892] NILFS (loop2): invalid segment: Checksum error in segment payload [pid 5893] munmap(0x7fc0314e0000, 2097152 [pid 5885] <... exit_group resumed>) = ? [pid 5893] <... munmap resumed>) = 0 [pid 5893] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5885] +++ exited with 0 +++ [pid 5893] <... openat resumed>) = 4 [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5885, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=22 /* 0.22 s */} --- [pid 5893] ioctl(4, LOOP_SET_FD, 3 [pid 5887] <... sendfile resumed>) = 1048576 [pid 5065] umount2("./66", MNT_DETACH|UMOUNT_NOFOLLOW [ 205.608633][ T5892] NILFS (loop2): trying rollback from an earlier position [ 205.617815][ T5891] NILFS (loop5): recovery complete [ 205.638349][ T5893] loop0: detected capacity change from 0 to 4096 [pid 5887] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5887] <... open resumed>) = -1 EFAULT (Bad address) [pid 5065] openat(AT_FDCWD, "./66", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./66/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./66/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] unlink("./66/binderfs") = 0 [pid 5065] umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5893] <... ioctl resumed>) = 0 [pid 5893] close(3) = 0 [pid 5893] mkdir("./file0", 0777) = 0 [pid 5887] exit_group(0 [pid 5893] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5891] <... mount resumed>) = 0 [pid 5887] <... exit_group resumed>) = ? [pid 5891] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5887] +++ exited with 0 +++ [pid 5891] chdir("./file0") = 0 [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5887, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5891] ioctl(4, LOOP_CLR_FD [pid 5068] umount2("./67", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5891] <... ioctl resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 205.658016][ T5894] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 205.678500][ T5892] NILFS (loop2): recovery complete [pid 5891] close(4 [pid 5068] openat(AT_FDCWD, "./67", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5892] <... mount resumed>) = 0 [pid 5891] <... close resumed>) = 0 [pid 5068] <... openat resumed>) = 3 [pid 5892] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5891] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] fstat(3, [pid 5892] <... openat resumed>) = 3 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5892] chdir("./file0" [pid 5068] getdents64(3, [pid 5892] <... chdir resumed>) = 0 [pid 5891] <... open resumed>) = 4 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] umount2("./67/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5892] ioctl(4, LOOP_CLR_FD [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5892] <... ioctl resumed>) = 0 [pid 5891] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] lstat("./67/binderfs", [pid 5892] close(4 [pid 5068] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5891] <... open resumed>) = 5 [pid 5892] <... close resumed>) = 0 [pid 5068] unlink("./67/binderfs" [pid 5892] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5891] ftruncate(5, 33587195 [pid 5068] <... unlink resumed>) = 0 [pid 5068] umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5891] <... ftruncate resumed>) = 0 [pid 5892] <... open resumed>) = 4 [pid 5892] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5891] sendfile(4, 5, NULL, 281474978811909 [pid 5892] <... open resumed>) = 5 [ 205.706103][ T5895] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 205.737035][ T5893] NILFS (loop0): invalid segment: Checksum error in segment payload [pid 5892] ftruncate(5, 33587195) = 0 [pid 5892] sendfile(4, 5, NULL, 281474978811909 [pid 5886] <... sendfile resumed>) = 1048576 [ 205.752236][ T5893] NILFS (loop0): trying rollback from an earlier position [pid 5886] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5886] exit_group(0) = ? [pid 5886] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5886, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} --- [pid 5067] umount2("./67", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./67", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./67/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./67/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./67/binderfs") = 0 [ 205.851153][ T5893] NILFS (loop0): recovery complete [pid 5067] umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5893] <... mount resumed>) = 0 [pid 5893] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5893] chdir("./file0") = 0 [pid 5893] ioctl(4, LOOP_CLR_FD) = 0 [pid 5893] close(4) = 0 [pid 5893] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5893] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5893] ftruncate(5, 33587195) = 0 [pid 5893] sendfile(4, 5, NULL, 281474978811909 [pid 5065] <... umount2 resumed>) = 0 [pid 5065] umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./66/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./66/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [pid 5065] rmdir("./66/file0") = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [ 205.911230][ T5896] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5065] close(3) = 0 [pid 5065] rmdir("./66") = 0 [pid 5065] mkdir("./67", 0777) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 5897 ./strace-static-x86_64: Process 5897 attached [pid 5897] chdir("./67") = 0 [pid 5897] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5897] setpgid(0, 0) = 0 [pid 5897] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5897] write(3, "1000", 4) = 4 [pid 5897] close(3) = 0 [pid 5897] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5897] memfd_create("syzkaller", 0) = 3 [pid 5897] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5068] <... umount2 resumed>) = 0 [pid 5068] umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./67/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] <... umount2 resumed>) = 0 [pid 5068] umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5897] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./67/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5068] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5068] rmdir("./67/file0") = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5068] rmdir("./67") = 0 [pid 5068] mkdir("./68", 0777) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5068] close(3) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 5898 ./strace-static-x86_64: Process 5898 attached [pid 5898] chdir("./68") = 0 [pid 5898] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5898] setpgid(0, 0) = 0 [pid 5898] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5898] write(3, "1000", 4) = 4 [pid 5898] close(3) = 0 [pid 5898] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5898] memfd_create("syzkaller", 0) = 3 [pid 5898] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5067] umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./67/file0", [pid 5898] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5897] <... write resumed>) = 2097152 [pid 5067] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5897] munmap(0x7fc0314e0000, 2097152 [pid 5067] openat(AT_FDCWD, "./67/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5897] <... munmap resumed>) = 0 [pid 5067] <... openat resumed>) = 4 [pid 5067] fstat(4, [pid 5897] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, [pid 5897] ioctl(4, LOOP_SET_FD, 3 [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5897] <... ioctl resumed>) = 0 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./67/file0") = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./67") = 0 [pid 5067] mkdir("./68", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5897] close(3) = 0 [pid 5067] ioctl(3, LOOP_CLR_FD [pid 5897] mkdir("./file0", 0777 [pid 5067] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5897] <... mkdir resumed>) = 0 [ 206.298589][ T5897] loop1: detected capacity change from 0 to 4096 [pid 5897] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5898] <... write resumed>) = 2097152 [pid 5898] munmap(0x7fc0314e0000, 2097152 [pid 5067] <... clone resumed>, child_tidptr=0x555556c965d0) = 5899 [pid 5898] <... munmap resumed>) = 0 [pid 5898] openat(AT_FDCWD, "/dev/loop4", O_RDWR./strace-static-x86_64: Process 5899 attached ) = 4 [pid 5899] chdir("./68" [pid 5898] ioctl(4, LOOP_SET_FD, 3 [pid 5899] <... chdir resumed>) = 0 [pid 5899] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5899] setpgid(0, 0) = 0 [pid 5899] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5899] write(3, "1000", 4) = 4 [pid 5899] close(3) = 0 [pid 5899] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5899] memfd_create("syzkaller", 0 [pid 5898] <... ioctl resumed>) = 0 [pid 5899] <... memfd_create resumed>) = 3 [pid 5899] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 206.387640][ T5897] NILFS (loop1): invalid segment: Checksum error in segment payload [ 206.427392][ T5898] loop4: detected capacity change from 0 to 4096 [pid 5898] close(3) = 0 [pid 5898] mkdir("./file0", 0777) = 0 [pid 5898] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [ 206.447596][ T5897] NILFS (loop1): trying rollback from an earlier position [ 206.495227][ T5898] NILFS (loop4): invalid segment: Checksum error in segment payload [pid 5899] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152 [ 206.540799][ T5898] NILFS (loop4): trying rollback from an earlier position [ 206.555582][ T5897] NILFS (loop1): recovery complete [pid 5897] <... mount resumed>) = 0 [pid 5897] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5897] chdir("./file0") = 0 [pid 5897] ioctl(4, LOOP_CLR_FD) = 0 [pid 5897] close(4) = 0 [pid 5897] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5897] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5897] ftruncate(5, 33587195) = 0 [pid 5897] sendfile(4, 5, NULL, 281474978811909 [pid 5899] munmap(0x7fc0314e0000, 2097152) = 0 [pid 5899] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [ 206.595610][ T5900] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5899] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5899] close(3) = 0 [ 206.639888][ T5898] NILFS (loop4): recovery complete [ 206.646483][ T5899] loop3: detected capacity change from 0 to 4096 [pid 5899] mkdir("./file0", 0777) = 0 [pid 5898] <... mount resumed>) = 0 [pid 5899] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5898] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5898] chdir("./file0") = 0 [pid 5898] ioctl(4, LOOP_CLR_FD) = 0 [pid 5898] close(4) = 0 [pid 5898] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5898] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5898] ftruncate(5, 33587195) = 0 [ 206.702239][ T5901] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 206.724655][ T5899] NILFS (loop3): invalid segment: Checksum error in segment payload [ 206.781130][ T5899] NILFS (loop3): trying rollback from an earlier position [ 206.915728][ T5899] NILFS (loop3): recovery complete [pid 5898] sendfile(4, 5, NULL, 281474978811909 [pid 5899] <... mount resumed>) = 0 [pid 5899] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5899] chdir("./file0") = 0 [pid 5899] ioctl(4, LOOP_CLR_FD) = 0 [pid 5899] close(4) = 0 [pid 5892] <... sendfile resumed>) = 1048576 [pid 5891] <... sendfile resumed>) = 1048576 [ 206.963792][ T5902] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5899] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5892] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5891] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5899] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5892] <... open resumed>) = -1 EFAULT (Bad address) [pid 5891] <... open resumed>) = -1 EFAULT (Bad address) [pid 5899] ftruncate(5, 33587195 [pid 5892] exit_group(0 [pid 5891] exit_group(0 [pid 5899] <... ftruncate resumed>) = 0 [pid 5899] sendfile(4, 5, NULL, 281474978811909 [pid 5892] <... exit_group resumed>) = ? [pid 5891] <... exit_group resumed>) = ? [pid 5892] +++ exited with 0 +++ [pid 5891] +++ exited with 0 +++ [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5892, si_uid=0, si_status=0, si_utime=0, si_stime=29 /* 0.29 s */} --- [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5891, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=27 /* 0.27 s */} --- [pid 5066] restart_syscall(<... resuming interrupted clone ...> [pid 5069] umount2("./68", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... restart_syscall resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./68", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5066] umount2("./67", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] fstat(3, [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] openat(AT_FDCWD, "./67", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] getdents64(3, [pid 5066] <... openat resumed>) = 3 [pid 5069] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] fstat(3, [pid 5069] umount2("./68/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] getdents64(3, [pid 5069] lstat("./68/binderfs", [pid 5066] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] umount2("./67/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] unlink("./68/binderfs" [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... unlink resumed>) = 0 [pid 5066] lstat("./67/binderfs", [pid 5069] umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] unlink("./67/binderfs") = 0 [pid 5066] umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5893] <... sendfile resumed>) = 1048576 [pid 5893] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5893] exit_group(0) = ? [pid 5893] +++ exited with 0 +++ [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5893, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=33 /* 0.33 s */} --- [pid 5064] umount2("./67", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./67", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5064] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] umount2("./67/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./67/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] unlink("./67/binderfs") = 0 [pid 5064] umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... umount2 resumed>) = 0 [pid 5069] umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./68/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... umount2 resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./68/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... openat resumed>) = 4 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] fstat(4, [pid 5066] lstat("./67/file0", [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(4, [pid 5066] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] getdents64(4, [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] openat(AT_FDCWD, "./67/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] close(4 [pid 5066] <... openat resumed>) = 4 [pid 5069] <... close resumed>) = 0 [pid 5066] fstat(4, [pid 5069] rmdir("./68/file0" [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] <... rmdir resumed>) = 0 [pid 5066] getdents64(4, [pid 5069] getdents64(3, [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] getdents64(4, [pid 5069] close(3 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] <... close resumed>) = 0 [pid 5069] rmdir("./68" [pid 5066] close(4 [pid 5069] <... rmdir resumed>) = 0 [pid 5066] <... close resumed>) = 0 [pid 5069] mkdir("./69", 0777 [pid 5066] rmdir("./67/file0" [pid 5069] <... mkdir resumed>) = 0 [pid 5066] <... rmdir resumed>) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5066] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5069] <... openat resumed>) = 3 [pid 5066] rmdir("./67" [pid 5064] <... umount2 resumed>) = 0 [pid 5064] umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5066] <... rmdir resumed>) = 0 [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5066] mkdir("./68", 0777 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] close(3 [pid 5064] lstat("./67/file0", [pid 5066] <... mkdir resumed>) = 0 [pid 5064] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] <... close resumed>) = 0 [pid 5064] umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./67/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5064] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 5903 [pid 5066] <... openat resumed>) = 3 [pid 5064] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] getdents64(4, [pid 5066] ioctl(3, LOOP_CLR_FD [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5064] close(4 [pid 5066] close(3 [pid 5064] <... close resumed>) = 0 ./strace-static-x86_64: Process 5903 attached [pid 5066] <... close resumed>) = 0 [pid 5064] rmdir("./67/file0" [pid 5903] chdir("./69" [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5064] <... rmdir resumed>) = 0 [pid 5903] <... chdir resumed>) = 0 [pid 5064] getdents64(3, [pid 5903] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5064] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5903] <... prctl resumed>) = 0 [pid 5064] close(3 [pid 5903] setpgid(0, 0 [pid 5066] <... clone resumed>, child_tidptr=0x555556c965d0) = 5904 [pid 5064] <... close resumed>) = 0 [pid 5903] <... setpgid resumed>) = 0 [pid 5064] rmdir("./67"./strace-static-x86_64: Process 5904 attached [pid 5903] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5064] <... rmdir resumed>) = 0 [pid 5904] chdir("./68" [pid 5903] <... openat resumed>) = 3 [pid 5064] mkdir("./68", 0777 [pid 5904] <... chdir resumed>) = 0 [pid 5903] write(3, "1000", 4 [pid 5064] <... mkdir resumed>) = 0 [pid 5904] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5903] <... write resumed>) = 4 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5904] <... prctl resumed>) = 0 [pid 5903] close(3 [pid 5064] <... openat resumed>) = 3 [pid 5904] setpgid(0, 0 [pid 5903] <... close resumed>) = 0 [pid 5064] ioctl(3, LOOP_CLR_FD [pid 5904] <... setpgid resumed>) = 0 [pid 5903] symlink("/dev/binderfs", "./binderfs" [pid 5064] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5904] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5903] <... symlink resumed>) = 0 [pid 5064] close(3 [pid 5904] <... openat resumed>) = 3 [pid 5903] memfd_create("syzkaller", 0 [pid 5064] <... close resumed>) = 0 [pid 5904] write(3, "1000", 4 [pid 5903] <... memfd_create resumed>) = 3 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5904] <... write resumed>) = 4 [pid 5903] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5904] close(3 [pid 5903] <... mmap resumed>) = 0x7fc0314e0000 [pid 5064] <... clone resumed>, child_tidptr=0x555556c965d0) = 5905 [pid 5904] <... close resumed>) = 0 [pid 5904] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5904] memfd_create("syzkaller", 0) = 3 [pid 5904] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 ./strace-static-x86_64: Process 5905 attached [pid 5905] chdir("./68") = 0 [pid 5905] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5905] setpgid(0, 0) = 0 [pid 5905] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5905] write(3, "1000", 4) = 4 [pid 5905] close(3) = 0 [pid 5905] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5905] memfd_create("syzkaller", 0) = 3 [pid 5903] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5905] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5905] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5904] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5903] <... write resumed>) = 2097152 [pid 5903] munmap(0x7fc0314e0000, 2097152) = 0 [pid 5903] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5903] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5903] close(3) = 0 [pid 5903] mkdir("./file0", 0777) = 0 [pid 5903] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5905] <... write resumed>) = 2097152 [ 207.665759][ T5903] loop5: detected capacity change from 0 to 4096 [pid 5904] <... write resumed>) = 2097152 [pid 5904] munmap(0x7fc0314e0000, 2097152 [pid 5905] munmap(0x7fc0314e0000, 2097152 [pid 5904] <... munmap resumed>) = 0 [pid 5904] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5905] <... munmap resumed>) = 0 [pid 5905] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5905] ioctl(4, LOOP_SET_FD, 3 [pid 5904] <... openat resumed>) = 4 [pid 5905] <... ioctl resumed>) = 0 [pid 5904] ioctl(4, LOOP_SET_FD, 3 [pid 5905] close(3) = 0 [pid 5905] mkdir("./file0", 0777) = 0 [pid 5904] <... ioctl resumed>) = 0 [pid 5905] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5904] close(3) = 0 [pid 5904] mkdir("./file0", 0777) = 0 [ 207.746551][ T5903] NILFS (loop5): invalid segment: Checksum error in segment payload [ 207.756978][ T5905] loop0: detected capacity change from 0 to 4096 [ 207.764338][ T5904] loop2: detected capacity change from 0 to 4096 [ 207.778622][ T5903] NILFS (loop5): trying rollback from an earlier position [pid 5904] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5903] <... mount resumed>) = 0 [pid 5898] <... sendfile resumed>) = 1048576 [pid 5898] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5903] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5898] exit_group(0 [pid 5903] <... openat resumed>) = 3 [pid 5898] <... exit_group resumed>) = ? [pid 5903] chdir("./file0" [pid 5898] +++ exited with 0 +++ [pid 5903] <... chdir resumed>) = 0 [pid 5903] ioctl(4, LOOP_CLR_FD [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5898, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 5903] <... ioctl resumed>) = 0 [pid 5068] umount2("./68", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5903] close(4 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./68", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5903] <... close resumed>) = 0 [pid 5068] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] umount2("./68/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5903] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5897] <... sendfile resumed>) = 1048576 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5897] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5068] lstat("./68/binderfs", [pid 5903] <... open resumed>) = 4 [pid 5897] <... open resumed>) = -1 EFAULT (Bad address) [pid 5068] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5903] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5897] exit_group(0 [pid 5068] unlink("./68/binderfs" [pid 5903] <... open resumed>) = 5 [pid 5897] <... exit_group resumed>) = ? [pid 5068] <... unlink resumed>) = 0 [pid 5903] ftruncate(5, 33587195 [pid 5897] +++ exited with 0 +++ [pid 5068] umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5903] <... ftruncate resumed>) = 0 [pid 5903] sendfile(4, 5, NULL, 281474978811909 [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5897, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=28 /* 0.28 s */} --- [pid 5065] umount2("./67", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 207.809179][ T5903] NILFS (loop5): recovery complete [ 207.824645][ T5906] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 207.831065][ T5904] NILFS (loop2): invalid segment: Checksum error in segment payload [ 207.838374][ T5905] NILFS (loop0): invalid segment: Checksum error in segment payload [ 207.851407][ T5905] NILFS (loop0): trying rollback from an earlier position [pid 5065] openat(AT_FDCWD, "./67", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./67/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./67/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] unlink("./67/binderfs") = 0 [ 207.899297][ T5904] NILFS (loop2): trying rollback from an earlier position [ 207.938819][ T5905] NILFS (loop0): recovery complete [pid 5065] umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5905] <... mount resumed>) = 0 [pid 5905] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5905] chdir("./file0") = 0 [pid 5905] ioctl(4, LOOP_CLR_FD) = 0 [pid 5905] close(4) = 0 [pid 5905] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5905] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5905] ftruncate(5, 33587195) = 0 [ 207.959888][ T5907] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 207.996644][ T5904] NILFS (loop2): recovery complete [pid 5905] sendfile(4, 5, NULL, 281474978811909 [pid 5904] <... mount resumed>) = 0 [pid 5904] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5904] chdir("./file0") = 0 [pid 5904] ioctl(4, LOOP_CLR_FD) = 0 [pid 5904] close(4) = 0 [pid 5904] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [ 208.060673][ T5908] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5904] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5904] ftruncate(5, 33587195) = 0 [pid 5904] sendfile(4, 5, NULL, 281474978811909 [pid 5065] <... umount2 resumed>) = 0 [pid 5065] umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./67/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... umount2 resumed>) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./67/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, [pid 5068] umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] close(4) = 0 [pid 5068] lstat("./68/file0", [pid 5065] rmdir("./67/file0" [pid 5068] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] <... rmdir resumed>) = 0 [pid 5068] umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 5065] rmdir("./67" [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... rmdir resumed>) = 0 [pid 5068] openat(AT_FDCWD, "./68/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5068] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] mkdir("./68", 0777 [pid 5068] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] <... mkdir resumed>) = 0 [pid 5068] getdents64(4, [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4 [pid 5065] <... openat resumed>) = 3 [pid 5068] <... close resumed>) = 0 [pid 5065] ioctl(3, LOOP_CLR_FD [pid 5068] rmdir("./68/file0") = 0 [pid 5065] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5068] getdents64(3, [pid 5065] close(3 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] close(3 [pid 5065] <... close resumed>) = 0 [pid 5068] <... close resumed>) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] rmdir("./68") = 0 [pid 5068] mkdir("./69", 0777 [pid 5065] <... clone resumed>, child_tidptr=0x555556c965d0) = 5909 [pid 5068] <... mkdir resumed>) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR./strace-static-x86_64: Process 5909 attached ) = 3 [pid 5909] chdir("./68" [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5909] <... chdir resumed>) = 0 [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5909] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5068] close(3 [pid 5909] <... prctl resumed>) = 0 [pid 5068] <... close resumed>) = 0 [pid 5909] setpgid(0, 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5909] <... setpgid resumed>) = 0 [pid 5909] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 5910 [pid 5909] <... openat resumed>) = 3 [pid 5909] write(3, "1000", 4 [pid 5899] <... sendfile resumed>) = 1048576 [pid 5909] <... write resumed>) = 4 [pid 5899] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5909] close(3 [pid 5899] <... open resumed>) = -1 EFAULT (Bad address) ./strace-static-x86_64: Process 5910 attached [pid 5909] <... close resumed>) = 0 [pid 5899] exit_group(0 [pid 5909] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5899] <... exit_group resumed>) = ? [pid 5909] memfd_create("syzkaller", 0) = 3 [pid 5909] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5899] +++ exited with 0 +++ [pid 5910] chdir("./69" [pid 5909] <... mmap resumed>) = 0x7fc0314e0000 [pid 5910] <... chdir resumed>) = 0 [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5899, si_uid=0, si_status=0, si_utime=0, si_stime=31 /* 0.31 s */} --- [pid 5910] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5067] umount2("./68", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5910] <... prctl resumed>) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5910] setpgid(0, 0) = 0 [pid 5067] openat(AT_FDCWD, "./68", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5910] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5067] <... openat resumed>) = 3 [pid 5910] <... openat resumed>) = 3 [pid 5067] fstat(3, [pid 5910] write(3, "1000", 4 [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5910] <... write resumed>) = 4 [pid 5067] getdents64(3, [pid 5910] close(3 [pid 5067] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5910] <... close resumed>) = 0 [pid 5067] umount2("./68/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5910] symlink("/dev/binderfs", "./binderfs" [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5910] <... symlink resumed>) = 0 [pid 5067] lstat("./68/binderfs", [pid 5910] memfd_create("syzkaller", 0) = 3 [pid 5067] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5910] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5067] unlink("./68/binderfs" [pid 5910] <... mmap resumed>) = 0x7fc0314e0000 [pid 5067] <... unlink resumed>) = 0 [pid 5909] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5067] umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5909] <... write resumed>) = 2097152 [pid 5910] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5909] munmap(0x7fc0314e0000, 2097152) = 0 [pid 5909] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5909] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5909] close(3) = 0 [pid 5909] mkdir("./file0", 0777 [pid 5910] <... write resumed>) = 2097152 [pid 5909] <... mkdir resumed>) = 0 [ 208.500227][ T5909] loop1: detected capacity change from 0 to 4096 [pid 5909] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5910] munmap(0x7fc0314e0000, 2097152) = 0 [pid 5910] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5910] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5910] close(3) = 0 [pid 5910] mkdir("./file0", 0777) = 0 [ 208.562489][ T5909] NILFS (loop1): invalid segment: Checksum error in segment payload [ 208.589475][ T5910] loop4: detected capacity change from 0 to 4096 [pid 5067] <... umount2 resumed>) = 0 [pid 5910] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5067] umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./68/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./68/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [ 208.636884][ T5909] NILFS (loop1): trying rollback from an earlier position [pid 5067] close(4) = 0 [pid 5067] rmdir("./68/file0") = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./68") = 0 [pid 5067] mkdir("./69", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 208.690718][ T5910] NILFS (loop4): invalid segment: Checksum error in segment payload [ 208.727902][ T5909] NILFS (loop1): recovery complete [pid 5067] close(3 [pid 5909] <... mount resumed>) = 0 [pid 5067] <... close resumed>) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 5912 [pid 5909] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5909] chdir("./file0"./strace-static-x86_64: Process 5912 attached ) = 0 [pid 5912] chdir("./69") = 0 [pid 5909] ioctl(4, LOOP_CLR_FD [pid 5912] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5909] <... ioctl resumed>) = 0 [pid 5912] <... prctl resumed>) = 0 [pid 5912] setpgid(0, 0) = 0 [pid 5909] close(4 [pid 5912] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5909] <... close resumed>) = 0 [pid 5912] <... openat resumed>) = 3 [pid 5909] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5912] write(3, "1000", 4 [pid 5909] <... open resumed>) = 4 [pid 5912] <... write resumed>) = 4 [pid 5909] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [ 208.738367][ T5910] NILFS (loop4): trying rollback from an earlier position [ 208.756285][ T5911] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 208.784904][ T5910] NILFS (loop4): recovery complete [pid 5912] close(3) = 0 [pid 5909] <... open resumed>) = 5 [pid 5912] symlink("/dev/binderfs", "./binderfs" [pid 5910] <... mount resumed>) = 0 [pid 5909] ftruncate(5, 33587195 [pid 5912] <... symlink resumed>) = 0 [pid 5910] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5909] <... ftruncate resumed>) = 0 [pid 5912] memfd_create("syzkaller", 0 [pid 5910] <... openat resumed>) = 3 [pid 5909] sendfile(4, 5, NULL, 281474978811909 [pid 5912] <... memfd_create resumed>) = 3 [pid 5910] chdir("./file0" [pid 5912] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5910] <... chdir resumed>) = 0 [pid 5912] <... mmap resumed>) = 0x7fc0314e0000 [pid 5910] ioctl(4, LOOP_CLR_FD [pid 5912] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5910] <... ioctl resumed>) = 0 [pid 5910] close(4) = 0 [ 208.833233][ T5913] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5910] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5910] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5910] ftruncate(5, 33587195) = 0 [pid 5910] sendfile(4, 5, NULL, 281474978811909 [pid 5905] <... sendfile resumed>) = 1048576 [pid 5905] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5905] exit_group(0) = ? [pid 5905] +++ exited with 0 +++ [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5905, si_uid=0, si_status=0, si_utime=0, si_stime=18 /* 0.18 s */} --- [pid 5903] <... sendfile resumed>) = 1048576 [pid 5903] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5903] exit_group(0) = ? [pid 5064] umount2("./68", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5903] +++ exited with 0 +++ [pid 5064] openat(AT_FDCWD, "./68", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5903, si_uid=0, si_status=0, si_utime=0, si_stime=31 /* 0.31 s */} --- [pid 5064] <... openat resumed>) = 3 [pid 5064] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] umount2("./68/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] umount2("./69", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] lstat("./68/binderfs", [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] openat(AT_FDCWD, "./69", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] unlink("./68/binderfs") = 0 [pid 5069] <... openat resumed>) = 3 [pid 5064] umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, [pid 5912] <... write resumed>) = 2097152 [pid 5069] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./69/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./69/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./69/binderfs") = 0 [pid 5069] umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5912] munmap(0x7fc0314e0000, 2097152) = 0 [pid 5912] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5912] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5912] close(3) = 0 [pid 5912] mkdir("./file0", 0777) = 0 [ 209.071223][ T5912] loop3: detected capacity change from 0 to 4096 [ 209.136870][ T5912] NILFS (loop3): invalid segment: Checksum error in segment payload [ 209.144949][ T5912] NILFS (loop3): trying rollback from an earlier position [pid 5912] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5064] <... umount2 resumed>) = 0 [pid 5064] umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./68/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... umount2 resumed>) = 0 [pid 5904] <... sendfile resumed>) = 1048576 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5904] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5064] openat(AT_FDCWD, "./68/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5904] <... open resumed>) = -1 EFAULT (Bad address) [pid 5064] <... openat resumed>) = 4 [pid 5904] exit_group(0 [pid 5064] fstat(4, [pid 5904] <... exit_group resumed>) = ? [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5904] +++ exited with 0 +++ [pid 5064] getdents64(4, [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5904, si_uid=0, si_status=0, si_utime=0, si_stime=30 /* 0.30 s */} --- [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] restart_syscall(<... resuming interrupted clone ...> [pid 5064] getdents64(4, [pid 5066] <... restart_syscall resumed>) = 0 [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] close(4 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... close resumed>) = 0 [pid 5069] lstat("./69/file0", [pid 5066] umount2("./68", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] rmdir("./68/file0" [pid 5069] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... rmdir resumed>) = 0 [pid 5069] umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] openat(AT_FDCWD, "./68", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] getdents64(3, [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... openat resumed>) = 3 [pid 5064] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] fstat(3, [pid 5064] close(3 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] <... close resumed>) = 0 [pid 5066] getdents64(3, [pid 5064] rmdir("./68" [ 209.279281][ T5912] NILFS (loop3): recovery complete [pid 5069] openat(AT_FDCWD, "./69/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] <... rmdir resumed>) = 0 [pid 5912] <... mount resumed>) = 0 [pid 5069] <... openat resumed>) = 4 [pid 5066] umount2("./68/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] mkdir("./69", 0777 [pid 5912] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... mkdir resumed>) = 0 [pid 5912] <... openat resumed>) = 3 [pid 5066] lstat("./68/binderfs", [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5912] chdir("./file0" [pid 5069] fstat(4, [pid 5066] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] <... openat resumed>) = 3 [pid 5912] <... chdir resumed>) = 0 [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] unlink("./68/binderfs" [pid 5064] ioctl(3, LOOP_CLR_FD [pid 5912] ioctl(4, LOOP_CLR_FD [pid 5069] getdents64(4, [pid 5066] <... unlink resumed>) = 0 [pid 5064] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5912] <... ioctl resumed>) = 0 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] close(3 [pid 5912] close(4 [pid 5069] getdents64(4, [pid 5064] <... close resumed>) = 0 [pid 5912] <... close resumed>) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5912] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5064] <... clone resumed>, child_tidptr=0x555556c965d0) = 5915 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4 [pid 5912] <... open resumed>) = 4 [pid 5069] <... close resumed>) = 0 [pid 5912] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] rmdir("./69/file0") = 0 [pid 5912] <... open resumed>) = 5 [pid 5069] getdents64(3, [pid 5912] ftruncate(5, 33587195 [pid 5069] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5912] <... ftruncate resumed>) = 0 [pid 5069] close(3 [pid 5912] sendfile(4, 5, NULL, 281474978811909 [pid 5069] <... close resumed>) = 0 [pid 5069] rmdir("./69") = 0 [ 209.328496][ T5914] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5069] mkdir("./70", 0777) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5069] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 5916 ./strace-static-x86_64: Process 5915 attached [pid 5915] chdir("./69"./strace-static-x86_64: Process 5916 attached ) = 0 [pid 5916] chdir("./70" [pid 5915] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5916] <... chdir resumed>) = 0 [pid 5915] <... prctl resumed>) = 0 [pid 5916] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5915] setpgid(0, 0 [pid 5916] <... prctl resumed>) = 0 [pid 5916] setpgid(0, 0 [pid 5915] <... setpgid resumed>) = 0 [pid 5916] <... setpgid resumed>) = 0 [pid 5915] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5916] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5915] <... openat resumed>) = 3 [pid 5916] write(3, "1000", 4 [pid 5915] write(3, "1000", 4 [pid 5916] <... write resumed>) = 4 [pid 5915] <... write resumed>) = 4 [pid 5916] close(3 [pid 5915] close(3 [pid 5916] <... close resumed>) = 0 [pid 5915] <... close resumed>) = 0 [pid 5066] <... umount2 resumed>) = 0 [pid 5916] symlink("/dev/binderfs", "./binderfs" [pid 5915] symlink("/dev/binderfs", "./binderfs" [pid 5066] umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5916] <... symlink resumed>) = 0 [pid 5915] <... symlink resumed>) = 0 [pid 5915] memfd_create("syzkaller", 0 [pid 5916] memfd_create("syzkaller", 0 [pid 5915] <... memfd_create resumed>) = 3 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5916] <... memfd_create resumed>) = 3 [pid 5915] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5066] lstat("./68/file0", [pid 5916] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5915] <... mmap resumed>) = 0x7fc0314e0000 [pid 5066] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5916] <... mmap resumed>) = 0x7fc0314e0000 [pid 5066] umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./68/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 5915] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5066] rmdir("./68/file0" [pid 5916] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5066] <... rmdir resumed>) = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./68") = 0 [pid 5066] mkdir("./69", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5066] close(3) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 5917 ./strace-static-x86_64: Process 5917 attached [pid 5917] chdir("./69") = 0 [pid 5917] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5916] <... write resumed>) = 2097152 [pid 5917] <... prctl resumed>) = 0 [pid 5917] setpgid(0, 0 [pid 5916] munmap(0x7fc0314e0000, 2097152 [pid 5917] <... setpgid resumed>) = 0 [pid 5915] <... write resumed>) = 2097152 [pid 5917] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5916] <... munmap resumed>) = 0 [pid 5917] <... openat resumed>) = 3 [pid 5916] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5917] write(3, "1000", 4 [pid 5916] <... openat resumed>) = 4 [pid 5917] <... write resumed>) = 4 [pid 5916] ioctl(4, LOOP_SET_FD, 3 [pid 5917] close(3 [pid 5915] munmap(0x7fc0314e0000, 2097152) = 0 [pid 5917] <... close resumed>) = 0 [pid 5917] symlink("/dev/binderfs", "./binderfs" [pid 5916] <... ioctl resumed>) = 0 [pid 5915] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5917] <... symlink resumed>) = 0 [pid 5915] <... openat resumed>) = 4 [pid 5916] close(3 [pid 5915] ioctl(4, LOOP_SET_FD, 3 [pid 5917] memfd_create("syzkaller", 0 [pid 5916] <... close resumed>) = 0 [pid 5915] <... ioctl resumed>) = 0 [pid 5917] <... memfd_create resumed>) = 3 [pid 5916] mkdir("./file0", 0777 [pid 5915] close(3 [pid 5917] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5915] <... close resumed>) = 0 [pid 5916] <... mkdir resumed>) = 0 [pid 5915] mkdir("./file0", 0777) = 0 [pid 5915] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5917] <... mmap resumed>) = 0x7fc0314e0000 [ 209.730288][ T5916] loop5: detected capacity change from 0 to 4096 [ 209.758017][ T5915] loop0: detected capacity change from 0 to 4096 [pid 5916] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [ 209.792423][ T5916] NILFS (loop5): invalid segment: Checksum error in segment payload [ 209.800024][ T5915] NILFS (loop0): invalid segment: Checksum error in segment payload [ 209.845585][ T5916] NILFS (loop5): trying rollback from an earlier position [ 209.849388][ T5915] NILFS (loop0): trying rollback from an earlier position [pid 5917] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152 [pid 5916] <... mount resumed>) = 0 [pid 5910] <... sendfile resumed>) = 1048576 [pid 5917] munmap(0x7fc0314e0000, 2097152 [pid 5916] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5910] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5917] <... munmap resumed>) = 0 [pid 5917] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5916] <... openat resumed>) = 3 [pid 5910] exit_group(0 [pid 5909] <... sendfile resumed>) = 1048576 [pid 5917] <... openat resumed>) = 4 [pid 5916] chdir("./file0" [pid 5910] <... exit_group resumed>) = ? [pid 5917] ioctl(4, LOOP_SET_FD, 3 [pid 5916] <... chdir resumed>) = 0 [pid 5909] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5916] ioctl(4, LOOP_CLR_FD [pid 5910] +++ exited with 0 +++ [pid 5909] <... open resumed>) = -1 EFAULT (Bad address) [pid 5909] exit_group(0 [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5910, si_uid=0, si_status=0, si_utime=0, si_stime=22 /* 0.22 s */} --- [pid 5909] <... exit_group resumed>) = ? [pid 5916] <... ioctl resumed>) = 0 [pid 5909] +++ exited with 0 +++ [pid 5917] <... ioctl resumed>) = 0 [ 209.922905][ T5916] NILFS (loop5): recovery complete [ 209.939427][ T5918] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 209.951001][ T5915] NILFS (loop0): recovery complete [pid 5916] close(4 [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5909, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=24 /* 0.24 s */} --- [pid 5917] close(3 [pid 5916] <... close resumed>) = 0 [pid 5068] umount2("./69", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5917] <... close resumed>) = 0 [pid 5916] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] openat(AT_FDCWD, "./69", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5917] mkdir("./file0", 0777 [pid 5068] <... openat resumed>) = 3 [ 209.970317][ T5917] loop2: detected capacity change from 0 to 4096 [pid 5917] <... mkdir resumed>) = 0 [pid 5916] <... open resumed>) = 4 [pid 5068] fstat(3, [pid 5917] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5916] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5915] <... mount resumed>) = 0 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./68", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5916] <... open resumed>) = 5 [pid 5915] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5068] getdents64(3, [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5916] ftruncate(5, 33587195 [pid 5915] <... openat resumed>) = 3 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] openat(AT_FDCWD, "./68", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5916] <... ftruncate resumed>) = 0 [pid 5915] chdir("./file0" [pid 5068] umount2("./69/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... openat resumed>) = 3 [pid 5916] sendfile(4, 5, NULL, 281474978811909 [pid 5915] <... chdir resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] fstat(3, [pid 5915] ioctl(4, LOOP_CLR_FD [pid 5068] lstat("./69/binderfs", [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5915] <... ioctl resumed>) = 0 [pid 5068] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] getdents64(3, [pid 5915] close(4 [pid 5068] unlink("./69/binderfs" [pid 5915] <... close resumed>) = 0 [pid 5068] <... unlink resumed>) = 0 [pid 5065] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5915] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] umount2("./68/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5915] <... open resumed>) = 4 [pid 5915] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5915] <... open resumed>) = 5 [pid 5065] lstat("./68/binderfs", [pid 5915] ftruncate(5, 33587195 [pid 5065] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5915] <... ftruncate resumed>) = 0 [pid 5065] unlink("./68/binderfs" [ 209.998944][ T5919] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5915] sendfile(4, 5, NULL, 281474978811909 [pid 5065] <... unlink resumed>) = 0 [ 210.052466][ T5917] NILFS (loop2): invalid segment: Checksum error in segment payload [ 210.108731][ T5917] NILFS (loop2): trying rollback from an earlier position [pid 5065] umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... umount2 resumed>) = 0 [ 210.198138][ T5917] NILFS (loop2): recovery complete [pid 5917] <... mount resumed>) = 0 [pid 5917] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5917] chdir("./file0") = 0 [pid 5917] ioctl(4, LOOP_CLR_FD) = 0 [pid 5917] close(4 [pid 5912] <... sendfile resumed>) = 1048576 [pid 5917] <... close resumed>) = 0 [pid 5068] umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5917] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5912] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5917] <... open resumed>) = 4 [pid 5912] exit_group(0 [pid 5917] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5912] <... exit_group resumed>) = ? [pid 5917] <... open resumed>) = 5 [pid 5912] +++ exited with 0 +++ [pid 5917] ftruncate(5, 33587195 [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5912, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5917] <... ftruncate resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] restart_syscall(<... resuming interrupted clone ...> [pid 5917] sendfile(4, 5, NULL, 281474978811909 [pid 5068] lstat("./69/file0", [pid 5067] <... restart_syscall resumed>) = 0 [pid 5068] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] umount2("./69", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] openat(AT_FDCWD, "./69/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... openat resumed>) = 4 [pid 5067] openat(AT_FDCWD, "./69", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] fstat(4, [pid 5067] <... openat resumed>) = 3 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] fstat(3, [pid 5068] getdents64(4, [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] <... umount2 resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(3, [ 210.237814][ T5920] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5068] getdents64(4, [pid 5067] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] umount2("./69/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] close(4 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... close resumed>) = 0 [pid 5067] lstat("./69/binderfs", [pid 5068] rmdir("./69/file0" [pid 5067] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] <... rmdir resumed>) = 0 [pid 5067] unlink("./69/binderfs" [pid 5068] getdents64(3, [pid 5067] <... unlink resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] close(3) = 0 [pid 5068] rmdir("./69") = 0 [pid 5068] mkdir("./70", 0777) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5068] close(3) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 5921 [pid 5065] umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./68/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 ./strace-static-x86_64: Process 5921 attached [pid 5065] umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5921] chdir("./70" [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5921] <... chdir resumed>) = 0 [pid 5065] openat(AT_FDCWD, "./68/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5921] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5065] <... openat resumed>) = 4 [pid 5921] <... prctl resumed>) = 0 [pid 5065] fstat(4, [pid 5921] setpgid(0, 0 [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5921] <... setpgid resumed>) = 0 [pid 5065] getdents64(4, [pid 5921] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5921] <... openat resumed>) = 3 [pid 5065] getdents64(4, [pid 5921] write(3, "1000", 4 [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5921] <... write resumed>) = 4 [pid 5065] close(4 [pid 5921] close(3 [pid 5065] <... close resumed>) = 0 [pid 5921] <... close resumed>) = 0 [pid 5065] rmdir("./68/file0" [pid 5921] symlink("/dev/binderfs", "./binderfs" [pid 5065] <... rmdir resumed>) = 0 [pid 5921] <... symlink resumed>) = 0 [pid 5065] getdents64(3, [pid 5921] memfd_create("syzkaller", 0 [pid 5065] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5921] <... memfd_create resumed>) = 3 [pid 5065] close(3 [pid 5921] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5065] <... close resumed>) = 0 [pid 5921] <... mmap resumed>) = 0x7fc0314e0000 [pid 5065] rmdir("./68") = 0 [pid 5065] mkdir("./69", 0777) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 5922 ./strace-static-x86_64: Process 5922 attached [pid 5922] chdir("./69") = 0 [pid 5922] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5922] setpgid(0, 0) = 0 [pid 5922] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5922] write(3, "1000", 4) = 4 [pid 5922] close(3) = 0 [pid 5922] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5921] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5922] memfd_create("syzkaller", 0) = 3 [pid 5922] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5922] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5067] <... umount2 resumed>) = 0 [pid 5067] umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./69/file0", [pid 5921] <... write resumed>) = 2097152 [pid 5067] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./69/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5921] munmap(0x7fc0314e0000, 2097152 [pid 5067] fstat(4, [pid 5921] <... munmap resumed>) = 0 [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5921] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5067] getdents64(4, [pid 5921] <... openat resumed>) = 4 [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5921] ioctl(4, LOOP_SET_FD, 3 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./69/file0") = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./69") = 0 [pid 5067] mkdir("./70", 0777 [pid 5922] <... write resumed>) = 2097152 [pid 5067] <... mkdir resumed>) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5921] <... ioctl resumed>) = 0 [pid 5067] close(3 [pid 5921] close(3 [pid 5067] <... close resumed>) = 0 [pid 5921] <... close resumed>) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5921] mkdir("./file0", 0777) = 0 [pid 5067] <... clone resumed>, child_tidptr=0x555556c965d0) = 5923 [ 210.625209][ T5921] loop4: detected capacity change from 0 to 4096 [pid 5921] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, ""./strace-static-x86_64: Process 5923 attached [pid 5923] chdir("./70" [pid 5922] munmap(0x7fc0314e0000, 2097152 [pid 5923] <... chdir resumed>) = 0 [pid 5922] <... munmap resumed>) = 0 [pid 5923] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5922] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5923] <... prctl resumed>) = 0 [pid 5922] <... openat resumed>) = 4 [pid 5922] ioctl(4, LOOP_SET_FD, 3 [pid 5923] setpgid(0, 0) = 0 [pid 5923] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5923] write(3, "1000", 4) = 4 [pid 5923] close(3) = 0 [pid 5922] <... ioctl resumed>) = 0 [pid 5923] symlink("/dev/binderfs", "./binderfs" [pid 5922] close(3 [pid 5923] <... symlink resumed>) = 0 [pid 5922] <... close resumed>) = 0 [pid 5923] memfd_create("syzkaller", 0 [pid 5922] mkdir("./file0", 0777 [pid 5923] <... memfd_create resumed>) = 3 [pid 5922] <... mkdir resumed>) = 0 [pid 5923] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5922] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5923] <... mmap resumed>) = 0x7fc0314e0000 [ 210.705296][ T5921] NILFS (loop4): invalid segment: Checksum error in segment payload [ 210.734276][ T5922] loop1: detected capacity change from 0 to 4096 [ 210.794196][ T5921] NILFS (loop4): trying rollback from an earlier position [ 210.812374][ T5922] NILFS (loop1): invalid segment: Checksum error in segment payload [ 210.844966][ T5922] NILFS (loop1): trying rollback from an earlier position [ 210.869664][ T5921] NILFS (loop4): recovery complete [pid 5923] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5921] <... mount resumed>) = 0 [pid 5921] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5921] chdir("./file0") = 0 [pid 5921] ioctl(4, LOOP_CLR_FD [pid 5923] <... write resumed>) = 2097152 [pid 5923] munmap(0x7fc0314e0000, 2097152 [pid 5921] <... ioctl resumed>) = 0 [pid 5921] close(4) = 0 [pid 5921] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5921] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5921] ftruncate(5, 33587195) = 0 [ 210.905376][ T5924] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5921] sendfile(4, 5, NULL, 281474978811909 [pid 5923] <... munmap resumed>) = 0 [pid 5923] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5923] ioctl(4, LOOP_SET_FD, 3 [pid 5916] <... sendfile resumed>) = 1048576 [pid 5916] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5916] exit_group(0 [pid 5922] <... mount resumed>) = 0 [pid 5916] <... exit_group resumed>) = ? [pid 5916] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5916, si_uid=0, si_status=0, si_utime=0, si_stime=24 /* 0.24 s */} --- [pid 5922] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5923] <... ioctl resumed>) = 0 [pid 5069] restart_syscall(<... resuming interrupted clone ...> [pid 5923] close(3 [pid 5922] <... openat resumed>) = 3 [pid 5069] <... restart_syscall resumed>) = 0 [pid 5923] <... close resumed>) = 0 [pid 5922] chdir("./file0" [ 210.947298][ T5922] NILFS (loop1): recovery complete [ 210.961020][ T5923] loop3: detected capacity change from 0 to 4096 [ 210.985943][ T5925] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5923] mkdir("./file0", 0777 [pid 5922] <... chdir resumed>) = 0 [pid 5923] <... mkdir resumed>) = 0 [pid 5922] ioctl(4, LOOP_CLR_FD [pid 5069] umount2("./70", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5923] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5922] <... ioctl resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5922] close(4 [pid 5069] openat(AT_FDCWD, "./70", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5922] <... close resumed>) = 0 [pid 5069] <... openat resumed>) = 3 [pid 5922] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./70/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5922] <... open resumed>) = 4 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5922] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] lstat("./70/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./70/binderfs" [pid 5922] <... open resumed>) = 5 [pid 5069] <... unlink resumed>) = 0 [pid 5922] ftruncate(5, 33587195 [pid 5069] umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5922] <... ftruncate resumed>) = 0 [pid 5922] sendfile(4, 5, NULL, 281474978811909 [pid 5915] <... sendfile resumed>) = 1048576 [pid 5915] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5915] exit_group(0) = ? [pid 5915] +++ exited with 0 +++ [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5915, si_uid=0, si_status=0, si_utime=0, si_stime=33 /* 0.33 s */} --- [pid 5064] umount2("./69", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./69", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5064] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 211.069776][ T5923] NILFS (loop3): invalid segment: Checksum error in segment payload [ 211.103837][ T5923] NILFS (loop3): trying rollback from an earlier position [pid 5064] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] umount2("./69/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./69/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] unlink("./69/binderfs") = 0 [pid 5064] umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5923] <... mount resumed>) = 0 [pid 5923] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5923] chdir("./file0") = 0 [pid 5923] ioctl(4, LOOP_CLR_FD) = 0 [ 211.197663][ T5923] NILFS (loop3): recovery complete [ 211.205803][ T5926] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5923] close(4) = 0 [pid 5923] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5923] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5923] ftruncate(5, 33587195) = 0 [pid 5923] sendfile(4, 5, NULL, 281474978811909 [pid 5069] <... umount2 resumed>) = 0 [pid 5069] umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./70/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./70/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 5069] rmdir("./70/file0") = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./70") = 0 [pid 5069] mkdir("./71", 0777) = 0 [pid 5917] <... sendfile resumed>) = 1048576 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5917] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5069] <... openat resumed>) = 3 [pid 5917] <... open resumed>) = -1 EFAULT (Bad address) [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5917] exit_group(0 [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5917] <... exit_group resumed>) = ? [pid 5069] close(3 [pid 5917] +++ exited with 0 +++ [pid 5069] <... close resumed>) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5917, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 5927 [pid 5066] umount2("./69", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./69", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5066] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(3, ./strace-static-x86_64: Process 5927 attached 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5927] chdir("./71" [pid 5066] umount2("./69/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5927] <... chdir resumed>) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5927] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5066] lstat("./69/binderfs", [pid 5927] <... prctl resumed>) = 0 [pid 5066] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5927] setpgid(0, 0 [pid 5066] unlink("./69/binderfs" [pid 5927] <... setpgid resumed>) = 0 [pid 5066] <... unlink resumed>) = 0 [pid 5927] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5066] umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5927] <... openat resumed>) = 3 [pid 5927] write(3, "1000", 4) = 4 [pid 5927] close(3) = 0 [pid 5927] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5927] memfd_create("syzkaller", 0) = 3 [pid 5927] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5064] <... umount2 resumed>) = 0 [pid 5064] umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./69/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./69/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5064] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5927] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5064] close(4) = 0 [pid 5064] rmdir("./69/file0") = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] close(3) = 0 [pid 5064] rmdir("./69") = 0 [pid 5064] mkdir("./70", 0777) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5064] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5064] close(3) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 5928 ./strace-static-x86_64: Process 5928 attached [pid 5928] chdir("./70") = 0 [pid 5928] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5928] setpgid(0, 0) = 0 [pid 5928] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5928] write(3, "1000", 4) = 4 [pid 5928] close(3) = 0 [pid 5927] <... write resumed>) = 2097152 [pid 5928] symlink("/dev/binderfs", "./binderfs" [pid 5927] munmap(0x7fc0314e0000, 2097152 [pid 5928] <... symlink resumed>) = 0 [pid 5928] memfd_create("syzkaller", 0) = 3 [pid 5928] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5927] <... munmap resumed>) = 0 [pid 5928] <... mmap resumed>) = 0x7fc0314e0000 [pid 5927] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5927] ioctl(4, LOOP_SET_FD, 3 [pid 5066] <... umount2 resumed>) = 0 [pid 5066] umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./69/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5927] <... ioctl resumed>) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5927] close(3) = 0 [pid 5928] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5927] mkdir("./file0", 0777 [pid 5066] openat(AT_FDCWD, "./69/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5927] <... mkdir resumed>) = 0 [pid 5927] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5066] <... openat resumed>) = 4 [pid 5066] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 211.630176][ T5927] loop5: detected capacity change from 0 to 4096 [pid 5066] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 5066] rmdir("./69/file0") = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./69") = 0 [pid 5066] mkdir("./70", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5066] close(3 [pid 5928] <... write resumed>) = 2097152 [pid 5066] <... close resumed>) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 5929 [ 211.701612][ T5927] NILFS (loop5): invalid segment: Checksum error in segment payload [pid 5928] munmap(0x7fc0314e0000, 2097152./strace-static-x86_64: Process 5929 attached ) = 0 [pid 5929] chdir("./70" [pid 5928] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5929] <... chdir resumed>) = 0 [pid 5928] <... openat resumed>) = 4 [pid 5929] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5928] ioctl(4, LOOP_SET_FD, 3 [pid 5929] <... prctl resumed>) = 0 [ 211.760254][ T5927] NILFS (loop5): trying rollback from an earlier position [pid 5929] setpgid(0, 0) = 0 [pid 5928] <... ioctl resumed>) = 0 [pid 5929] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5928] close(3 [pid 5929] <... openat resumed>) = 3 [pid 5928] <... close resumed>) = 0 [pid 5929] write(3, "1000", 4 [pid 5928] mkdir("./file0", 0777 [pid 5929] <... write resumed>) = 4 [pid 5928] <... mkdir resumed>) = 0 [pid 5929] close(3 [pid 5928] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5929] <... close resumed>) = 0 [pid 5929] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5929] memfd_create("syzkaller", 0) = 3 [pid 5929] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5927] <... mount resumed>) = 0 [ 211.820335][ T5928] loop0: detected capacity change from 0 to 4096 [ 211.834670][ T5927] NILFS (loop5): recovery complete [ 211.850902][ T5928] NILFS (loop0): invalid segment: Checksum error in segment payload [pid 5929] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5927] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5927] chdir("./file0") = 0 [pid 5927] ioctl(4, LOOP_CLR_FD) = 0 [pid 5927] close(4) = 0 [pid 5927] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5927] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5927] ftruncate(5, 33587195) = 0 [ 211.869439][ T5930] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 211.908566][ T5928] NILFS (loop0): trying rollback from an earlier position [pid 5927] sendfile(4, 5, NULL, 281474978811909 [pid 5921] <... sendfile resumed>) = 1048576 [pid 5921] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5921] exit_group(0) = ? [pid 5921] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5921, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=19 /* 0.19 s */} --- [pid 5068] umount2("./70", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./70", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5929] <... write resumed>) = 2097152 [pid 5068] <... openat resumed>) = 3 [pid 5929] munmap(0x7fc0314e0000, 2097152 [ 212.010368][ T5928] NILFS (loop0): recovery complete [pid 5068] fstat(3, [pid 5929] <... munmap resumed>) = 0 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5929] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5068] getdents64(3, [pid 5929] <... openat resumed>) = 4 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5929] ioctl(4, LOOP_SET_FD, 3 [pid 5068] umount2("./70/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5928] <... mount resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5928] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5068] lstat("./70/binderfs", [pid 5928] <... openat resumed>) = 3 [pid 5068] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5928] chdir("./file0" [pid 5068] unlink("./70/binderfs" [pid 5928] <... chdir resumed>) = 0 [pid 5068] <... unlink resumed>) = 0 [pid 5928] ioctl(4, LOOP_CLR_FD [pid 5068] umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5928] <... ioctl resumed>) = 0 [pid 5928] close(4) = 0 [pid 5928] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5929] <... ioctl resumed>) = 0 [pid 5929] close(3) = 0 [pid 5929] mkdir("./file0", 0777) = 0 [pid 5929] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5928] <... open resumed>) = 4 [pid 5928] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5928] ftruncate(5, 33587195) = 0 [ 212.071067][ T5929] loop2: detected capacity change from 0 to 4096 [ 212.071307][ T5931] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 212.136970][ T5929] NILFS (loop2): invalid segment: Checksum error in segment payload [pid 5928] sendfile(4, 5, NULL, 281474978811909 [pid 5922] <... sendfile resumed>) = 1048576 [pid 5922] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5922] exit_group(0) = ? [pid 5922] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5922, si_uid=0, si_status=0, si_utime=0, si_stime=24 /* 0.24 s */} --- [pid 5065] umount2("./69", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./69", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./69/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./69/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] unlink("./69/binderfs") = 0 [ 212.193018][ T5929] NILFS (loop2): trying rollback from an earlier position [pid 5065] umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5929] <... mount resumed>) = 0 [ 212.268256][ T5929] NILFS (loop2): recovery complete [pid 5929] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5929] chdir("./file0") = 0 [pid 5929] ioctl(4, LOOP_CLR_FD) = 0 [pid 5929] close(4) = 0 [pid 5929] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5929] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5929] ftruncate(5, 33587195) = 0 [pid 5929] sendfile(4, 5, NULL, 281474978811909 [pid 5068] <... umount2 resumed>) = 0 [ 212.309390][ T5932] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5068] umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./70/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./70/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5923] <... sendfile resumed>) = 1048576 [pid 5068] <... openat resumed>) = 4 [pid 5923] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5068] fstat(4, [pid 5923] <... open resumed>) = -1 EFAULT (Bad address) [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5923] exit_group(0 [pid 5068] getdents64(4, [pid 5923] <... exit_group resumed>) = ? [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5923] +++ exited with 0 +++ [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5923, si_uid=0, si_status=0, si_utime=0, si_stime=29 /* 0.29 s */} --- [pid 5068] close(4 [pid 5067] umount2("./70", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... close resumed>) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] rmdir("./70/file0" [pid 5067] openat(AT_FDCWD, "./70", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] <... rmdir resumed>) = 0 [pid 5067] fstat(3, [pid 5068] getdents64(3, [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] getdents64(3, [pid 5068] close(3 [pid 5067] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] <... close resumed>) = 0 [pid 5067] umount2("./70/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] rmdir("./70" [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... rmdir resumed>) = 0 [pid 5067] lstat("./70/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] mkdir("./71", 0777 [pid 5067] unlink("./70/binderfs" [pid 5068] <... mkdir resumed>) = 0 [pid 5067] <... unlink resumed>) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5067] umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... openat resumed>) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5068] close(3) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 5933 ./strace-static-x86_64: Process 5933 attached [pid 5933] chdir("./71") = 0 [pid 5933] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5933] setpgid(0, 0) = 0 [pid 5933] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5933] write(3, "1000", 4) = 4 [pid 5933] close(3) = 0 [pid 5933] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5933] memfd_create("syzkaller", 0) = 3 [pid 5933] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5065] <... umount2 resumed>) = 0 [pid 5065] umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./69/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./69/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [pid 5065] rmdir("./69/file0") = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] close(3 [pid 5933] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5065] <... close resumed>) = 0 [pid 5065] rmdir("./69") = 0 [pid 5065] mkdir("./70", 0777) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 5934 ./strace-static-x86_64: Process 5934 attached [pid 5934] chdir("./70") = 0 [pid 5934] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5934] setpgid(0, 0) = 0 [pid 5934] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5934] write(3, "1000", 4) = 4 [pid 5934] close(3) = 0 [pid 5934] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5934] memfd_create("syzkaller", 0) = 3 [pid 5934] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5933] <... write resumed>) = 2097152 [pid 5933] munmap(0x7fc0314e0000, 2097152) = 0 [pid 5933] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5933] ioctl(4, LOOP_SET_FD, 3 [pid 5067] <... umount2 resumed>) = 0 [pid 5067] umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5934] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./70/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./70/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5933] <... ioctl resumed>) = 0 [pid 5933] close(3 [pid 5067] <... openat resumed>) = 4 [pid 5933] <... close resumed>) = 0 [pid 5067] fstat(4, [pid 5933] mkdir("./file0", 0777 [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5933] <... mkdir resumed>) = 0 [pid 5067] getdents64(4, [pid 5933] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./70/file0") = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./70") = 0 [ 212.717456][ T5933] loop4: detected capacity change from 0 to 4096 [pid 5067] mkdir("./71", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 5935 ./strace-static-x86_64: Process 5935 attached [ 212.775090][ T5933] NILFS (loop4): invalid segment: Checksum error in segment payload [pid 5935] chdir("./71") = 0 [pid 5935] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5935] setpgid(0, 0) = 0 [pid 5935] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5935] write(3, "1000", 4) = 4 [pid 5934] <... write resumed>) = 2097152 [pid 5935] close(3) = 0 [pid 5935] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5935] memfd_create("syzkaller", 0) = 3 [pid 5935] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5934] munmap(0x7fc0314e0000, 2097152) = 0 [pid 5934] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5934] ioctl(4, LOOP_SET_FD, 3) = 0 [ 212.828006][ T5933] NILFS (loop4): trying rollback from an earlier position [pid 5935] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5934] close(3) = 0 [pid 5934] mkdir("./file0", 0777) = 0 [ 212.887306][ T5934] loop1: detected capacity change from 0 to 4096 [ 212.910232][ T5933] NILFS (loop4): recovery complete [pid 5934] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5933] <... mount resumed>) = 0 [pid 5927] <... sendfile resumed>) = 1048576 [pid 5933] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5927] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5933] <... openat resumed>) = 3 [pid 5927] <... open resumed>) = -1 EFAULT (Bad address) [pid 5933] chdir("./file0" [pid 5927] exit_group(0 [pid 5933] <... chdir resumed>) = 0 [pid 5933] ioctl(4, LOOP_CLR_FD [pid 5927] <... exit_group resumed>) = ? [pid 5933] <... ioctl resumed>) = 0 [pid 5935] <... write resumed>) = 2097152 [pid 5933] close(4 [pid 5927] +++ exited with 0 +++ [pid 5935] munmap(0x7fc0314e0000, 2097152 [pid 5933] <... close resumed>) = 0 [pid 5935] <... munmap resumed>) = 0 [pid 5933] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5927, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=30 /* 0.30 s */} --- [pid 5935] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5069] restart_syscall(<... resuming interrupted clone ...> [pid 5935] <... openat resumed>) = 4 [pid 5069] <... restart_syscall resumed>) = 0 [ 212.931348][ T5936] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 212.954902][ T5934] NILFS (loop1): invalid segment: Checksum error in segment payload [ 212.975639][ T5934] NILFS (loop1): trying rollback from an earlier position [pid 5935] ioctl(4, LOOP_SET_FD, 3 [pid 5933] <... open resumed>) = 4 [pid 5933] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] umount2("./71", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5933] <... open resumed>) = 5 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./71", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5933] ftruncate(5, 33587195 [pid 5069] <... openat resumed>) = 3 [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./71/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./71/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./71/binderfs") = 0 [pid 5069] umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5933] <... ftruncate resumed>) = 0 [pid 5933] sendfile(4, 5, NULL, 281474978811909 [pid 5935] <... ioctl resumed>) = 0 [pid 5935] close(3) = 0 [pid 5935] mkdir("./file0", 0777) = 0 [ 212.997735][ T5934] NILFS (loop1): recovery complete [ 212.998072][ T5935] loop3: detected capacity change from 0 to 4096 [pid 5935] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5934] <... mount resumed>) = 0 [pid 5934] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5934] chdir("./file0") = 0 [pid 5934] ioctl(4, LOOP_CLR_FD) = 0 [pid 5934] close(4) = 0 [pid 5934] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5934] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5934] ftruncate(5, 33587195) = 0 [ 213.055704][ T5937] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 213.088198][ T5935] NILFS (loop3): invalid segment: Checksum error in segment payload [ 213.139732][ T5935] NILFS (loop3): trying rollback from an earlier position [ 213.227329][ T5935] NILFS (loop3): recovery complete [pid 5934] sendfile(4, 5, NULL, 281474978811909 [pid 5069] <... umount2 resumed>) = 0 [pid 5069] umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./71/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./71/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 5069] rmdir("./71/file0") = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./71" [pid 5935] <... mount resumed>) = 0 [pid 5935] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5069] <... rmdir resumed>) = 0 [pid 5935] chdir("./file0" [pid 5069] mkdir("./72", 0777 [pid 5935] <... chdir resumed>) = 0 [pid 5069] <... mkdir resumed>) = 0 [pid 5935] ioctl(4, LOOP_CLR_FD) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5935] close(4 [pid 5069] <... openat resumed>) = 3 [pid 5935] <... close resumed>) = 0 [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5935] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5935] <... open resumed>) = 4 [pid 5935] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] close(3 [pid 5935] <... open resumed>) = 5 [pid 5069] <... close resumed>) = 0 [pid 5935] ftruncate(5, 33587195 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5935] <... ftruncate resumed>) = 0 [pid 5935] sendfile(4, 5, NULL, 281474978811909 [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 5939 [ 213.281255][ T5938] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds ./strace-static-x86_64: Process 5939 attached [pid 5939] chdir("./72") = 0 [pid 5939] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5939] setpgid(0, 0) = 0 [pid 5939] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5939] write(3, "1000", 4) = 4 [pid 5939] close(3) = 0 [pid 5939] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5939] memfd_create("syzkaller", 0) = 3 [pid 5939] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5928] <... sendfile resumed>) = 1048576 [pid 5928] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5939] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5928] <... open resumed>) = -1 EFAULT (Bad address) [pid 5928] exit_group(0) = ? [pid 5929] <... sendfile resumed>) = 1048576 [pid 5928] +++ exited with 0 +++ [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5928, si_uid=0, si_status=0, si_utime=0, si_stime=33 /* 0.33 s */} --- [pid 5929] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5929] exit_group(0) = ? [pid 5929] +++ exited with 0 +++ [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5929, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 5064] umount2("./70", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./70", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5066] umount2("./70", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] fstat(3, [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] openat(AT_FDCWD, "./70", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] getdents64(3, [pid 5066] <... openat resumed>) = 3 [pid 5064] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] fstat(3, [pid 5939] <... write resumed>) = 2097152 [pid 5064] umount2("./70/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] getdents64(3, [pid 5939] munmap(0x7fc0314e0000, 2097152 [pid 5066] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] lstat("./70/binderfs", [pid 5939] <... munmap resumed>) = 0 [pid 5066] umount2("./70/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] unlink("./70/binderfs" [pid 5939] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5066] lstat("./70/binderfs", [pid 5939] <... openat resumed>) = 4 [pid 5064] <... unlink resumed>) = 0 [pid 5939] ioctl(4, LOOP_SET_FD, 3 [pid 5066] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] unlink("./70/binderfs" [pid 5064] umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... unlink resumed>) = 0 [pid 5066] umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5939] <... ioctl resumed>) = 0 [pid 5939] close(3) = 0 [pid 5939] mkdir("./file0", 0777) = 0 [ 213.469541][ T5939] loop5: detected capacity change from 0 to 4096 [ 213.543774][ T5939] NILFS (loop5): invalid segment: Checksum error in segment payload [pid 5939] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5064] <... umount2 resumed>) = 0 [pid 5066] <... umount2 resumed>) = 0 [ 213.597241][ T5939] NILFS (loop5): trying rollback from an earlier position [pid 5064] umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./70/file0", [pid 5066] lstat("./70/file0", [pid 5064] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./70/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] openat(AT_FDCWD, "./70/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] <... openat resumed>) = 4 [pid 5064] <... openat resumed>) = 4 [pid 5066] fstat(4, [pid 5064] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(4, [pid 5066] getdents64(4, [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] getdents64(4, [pid 5066] getdents64(4, [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] close(4 [pid 5064] close(4 [pid 5066] <... close resumed>) = 0 [pid 5064] <... close resumed>) = 0 [pid 5066] rmdir("./70/file0" [pid 5064] rmdir("./70/file0" [pid 5066] <... rmdir resumed>) = 0 [pid 5066] getdents64(3, [pid 5064] <... rmdir resumed>) = 0 [pid 5066] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] getdents64(3, [pid 5066] close(3) = 0 [pid 5064] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [ 213.687127][ T5939] NILFS (loop5): recovery complete [pid 5066] rmdir("./70" [pid 5064] close(3 [pid 5066] <... rmdir resumed>) = 0 [pid 5064] <... close resumed>) = 0 [pid 5066] mkdir("./71", 0777 [pid 5064] rmdir("./70" [pid 5066] <... mkdir resumed>) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5064] <... rmdir resumed>) = 0 [pid 5066] <... openat resumed>) = 3 [pid 5064] mkdir("./71", 0777 [pid 5066] ioctl(3, LOOP_CLR_FD [pid 5939] <... mount resumed>) = 0 [pid 5064] <... mkdir resumed>) = 0 [pid 5939] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5939] chdir("./file0") = 0 [pid 5939] ioctl(4, LOOP_CLR_FD) = 0 [pid 5939] close(4) = 0 [pid 5066] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5939] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5066] close(3 [pid 5064] <... openat resumed>) = 3 [pid 5939] <... open resumed>) = 4 [pid 5066] <... close resumed>) = 0 [pid 5064] ioctl(3, LOOP_CLR_FD [pid 5939] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5064] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5939] <... open resumed>) = 5 [pid 5064] close(3./strace-static-x86_64: Process 5941 attached [pid 5939] ftruncate(5, 33587195 [pid 5066] <... clone resumed>, child_tidptr=0x555556c965d0) = 5941 [pid 5064] <... close resumed>) = 0 [pid 5941] chdir("./71" [pid 5939] <... ftruncate resumed>) = 0 [ 213.745673][ T5940] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5941] <... chdir resumed>) = 0 [pid 5939] sendfile(4, 5, NULL, 281474978811909 [pid 5941] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5064] <... clone resumed>, child_tidptr=0x555556c965d0) = 5942 ./strace-static-x86_64: Process 5942 attached [pid 5941] <... prctl resumed>) = 0 [pid 5941] setpgid(0, 0) = 0 [pid 5941] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5941] write(3, "1000", 4 [pid 5942] chdir("./71" [pid 5941] <... write resumed>) = 4 [pid 5942] <... chdir resumed>) = 0 [pid 5941] close(3 [pid 5942] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5941] <... close resumed>) = 0 [pid 5942] <... prctl resumed>) = 0 [pid 5941] symlink("/dev/binderfs", "./binderfs" [pid 5942] setpgid(0, 0 [pid 5941] <... symlink resumed>) = 0 [pid 5942] <... setpgid resumed>) = 0 [pid 5941] memfd_create("syzkaller", 0 [pid 5942] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5941] <... memfd_create resumed>) = 3 [pid 5942] <... openat resumed>) = 3 [pid 5941] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5942] write(3, "1000", 4 [pid 5941] <... mmap resumed>) = 0x7fc0314e0000 [pid 5942] <... write resumed>) = 4 [pid 5942] close(3) = 0 [pid 5942] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5942] memfd_create("syzkaller", 0) = 3 [pid 5942] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5941] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5942] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5941] <... write resumed>) = 2097152 [pid 5941] munmap(0x7fc0314e0000, 2097152) = 0 [pid 5941] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5941] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5941] close(3) = 0 [pid 5941] mkdir("./file0", 0777) = 0 [pid 5942] <... write resumed>) = 2097152 [pid 5941] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5942] munmap(0x7fc0314e0000, 2097152) = 0 [pid 5942] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5942] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5942] close(3) = 0 [pid 5942] mkdir("./file0", 0777) = 0 [ 214.009554][ T5941] loop2: detected capacity change from 0 to 4096 [ 214.047354][ T5942] loop0: detected capacity change from 0 to 4096 [ 214.092454][ T5941] NILFS (loop2): invalid segment: Checksum error in segment payload [ 214.100961][ T5942] NILFS (loop0): invalid segment: Checksum error in segment payload [ 214.109170][ T5941] NILFS (loop2): trying rollback from an earlier position [ 214.116105][ T5942] NILFS (loop0): trying rollback from an earlier position [pid 5942] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5933] <... sendfile resumed>) = 1048576 [pid 5942] <... mount resumed>) = 0 [pid 5933] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5942] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5933] <... open resumed>) = -1 EFAULT (Bad address) [pid 5942] <... openat resumed>) = 3 [pid 5933] exit_group(0 [pid 5942] chdir("./file0" [pid 5933] <... exit_group resumed>) = ? [pid 5942] <... chdir resumed>) = 0 [pid 5942] ioctl(4, LOOP_CLR_FD) = 0 [pid 5933] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5933, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} --- [pid 5942] close(4) = 0 [ 214.165421][ T5941] NILFS (loop2): recovery complete [ 214.171237][ T5942] NILFS (loop0): recovery complete [ 214.203184][ T5944] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5942] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5941] <... mount resumed>) = 0 [pid 5068] umount2("./71", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5941] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5068] openat(AT_FDCWD, "./71", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5941] <... openat resumed>) = 3 [pid 5942] <... open resumed>) = 4 [pid 5941] chdir("./file0" [pid 5068] <... openat resumed>) = 3 [pid 5941] <... chdir resumed>) = 0 [pid 5068] fstat(3, [pid 5941] ioctl(4, LOOP_CLR_FD [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5941] <... ioctl resumed>) = 0 [pid 5068] getdents64(3, [pid 5941] close(4 [pid 5942] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5941] <... close resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5942] <... open resumed>) = 5 [pid 5941] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] umount2("./71/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5942] ftruncate(5, 33587195 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5942] <... ftruncate resumed>) = 0 [pid 5941] <... open resumed>) = 4 [pid 5068] lstat("./71/binderfs", [pid 5942] sendfile(4, 5, NULL, 281474978811909 [pid 5941] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5941] <... open resumed>) = 5 [pid 5068] unlink("./71/binderfs") = 0 [pid 5941] ftruncate(5, 33587195) = 0 [pid 5068] umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW [ 214.220043][ T5943] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5941] sendfile(4, 5, NULL, 281474978811909 [pid 5934] <... sendfile resumed>) = 1048576 [pid 5934] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5934] exit_group(0) = ? [pid 5934] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5934, si_uid=0, si_status=0, si_utime=0, si_stime=22 /* 0.22 s */} --- [pid 5065] umount2("./70", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./70", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./70/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./70/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] unlink("./70/binderfs") = 0 [pid 5065] umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5935] <... sendfile resumed>) = 1048576 [pid 5935] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5935] exit_group(0) = ? [pid 5935] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5935, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 5067] umount2("./71", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./71", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./71/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./71/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./71/binderfs") = 0 [pid 5067] umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... umount2 resumed>) = 0 [pid 5068] umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./71/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./71/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5068] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5068] rmdir("./71/file0") = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5068] rmdir("./71") = 0 [pid 5068] mkdir("./72", 0777) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5068] close(3) = 0 [pid 5065] <... umount2 resumed>) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 5945 ./strace-static-x86_64: Process 5945 attached [pid 5945] chdir("./72") = 0 [pid 5945] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5065] umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5945] setpgid(0, 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5945] <... setpgid resumed>) = 0 [pid 5065] lstat("./70/file0", [pid 5945] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5065] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5945] <... openat resumed>) = 3 [pid 5065] umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5945] write(3, "1000", 4 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5945] <... write resumed>) = 4 [pid 5065] openat(AT_FDCWD, "./70/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5945] close(3 [pid 5065] <... openat resumed>) = 4 [pid 5945] <... close resumed>) = 0 [pid 5065] fstat(4, [pid 5945] symlink("/dev/binderfs", "./binderfs" [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5945] <... symlink resumed>) = 0 [pid 5065] getdents64(4, [pid 5945] memfd_create("syzkaller", 0) = 3 [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5945] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5065] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [pid 5065] rmdir("./70/file0") = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 5945] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5067] <... umount2 resumed>) = 0 [pid 5065] rmdir("./70" [pid 5067] umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] <... rmdir resumed>) = 0 [pid 5067] lstat("./71/file0", [pid 5065] mkdir("./71", 0777 [pid 5067] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... mkdir resumed>) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5067] openat(AT_FDCWD, "./71/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] <... openat resumed>) = 3 [pid 5067] <... openat resumed>) = 4 [pid 5065] ioctl(3, LOOP_CLR_FD [pid 5067] fstat(4, [pid 5065] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] close(3 [pid 5067] getdents64(4, [pid 5065] <... close resumed>) = 0 [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4 [pid 5065] <... clone resumed>, child_tidptr=0x555556c965d0) = 5946 ./strace-static-x86_64: Process 5946 attached [pid 5067] <... close resumed>) = 0 [pid 5946] chdir("./71" [pid 5067] rmdir("./71/file0" [pid 5946] <... chdir resumed>) = 0 [pid 5067] <... rmdir resumed>) = 0 [pid 5946] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5067] getdents64(3, [pid 5946] <... prctl resumed>) = 0 [pid 5067] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5946] setpgid(0, 0 [pid 5067] close(3 [pid 5946] <... setpgid resumed>) = 0 [pid 5067] <... close resumed>) = 0 [pid 5946] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5067] rmdir("./71" [pid 5946] <... openat resumed>) = 3 [pid 5067] <... rmdir resumed>) = 0 [pid 5946] write(3, "1000", 4) = 4 [pid 5067] mkdir("./72", 0777 [pid 5946] close(3 [pid 5067] <... mkdir resumed>) = 0 [pid 5946] <... close resumed>) = 0 [pid 5946] symlink("/dev/binderfs", "./binderfs" [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5946] <... symlink resumed>) = 0 [pid 5067] <... openat resumed>) = 3 [pid 5946] memfd_create("syzkaller", 0 [pid 5067] ioctl(3, LOOP_CLR_FD [pid 5946] <... memfd_create resumed>) = 3 [pid 5067] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5946] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5067] close(3 [pid 5946] <... mmap resumed>) = 0x7fc0314e0000 [pid 5067] <... close resumed>) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 5947 ./strace-static-x86_64: Process 5947 attached [pid 5947] chdir("./72") = 0 [pid 5947] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5947] setpgid(0, 0) = 0 [pid 5947] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5947] write(3, "1000", 4) = 4 [pid 5947] close(3) = 0 [pid 5947] symlink("/dev/binderfs", "./binderfs" [pid 5946] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5947] <... symlink resumed>) = 0 [pid 5947] memfd_create("syzkaller", 0) = 3 [pid 5945] <... write resumed>) = 2097152 [pid 5947] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5945] munmap(0x7fc0314e0000, 2097152 [pid 5947] <... mmap resumed>) = 0x7fc0314e0000 [pid 5946] <... write resumed>) = 2097152 [pid 5945] <... munmap resumed>) = 0 [pid 5945] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5945] ioctl(4, LOOP_SET_FD, 3 [pid 5947] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5945] <... ioctl resumed>) = 0 [pid 5945] close(3) = 0 [pid 5945] mkdir("./file0", 0777) = 0 [pid 5945] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5946] munmap(0x7fc0314e0000, 2097152) = 0 [ 214.929807][ T5945] loop4: detected capacity change from 0 to 4096 [pid 5946] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5946] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5946] close(3) = 0 [pid 5946] mkdir("./file0", 0777 [pid 5947] <... write resumed>) = 2097152 [pid 5946] <... mkdir resumed>) = 0 [pid 5946] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5947] munmap(0x7fc0314e0000, 2097152) = 0 [pid 5947] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [ 214.984724][ T5945] NILFS (loop4): invalid segment: Checksum error in segment payload [ 214.993162][ T5945] NILFS (loop4): trying rollback from an earlier position [ 215.010990][ T5946] loop1: detected capacity change from 0 to 4096 [pid 5947] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5947] close(3) = 0 [pid 5947] mkdir("./file0", 0777 [pid 5939] <... sendfile resumed>) = 1048576 [pid 5939] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5939] exit_group(0) = ? [pid 5939] +++ exited with 0 +++ [pid 5947] <... mkdir resumed>) = 0 [pid 5947] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5939, si_uid=0, si_status=0, si_utime=0, si_stime=24 /* 0.24 s */} --- [pid 5069] umount2("./72", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./72", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./72/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./72/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [ 215.051127][ T5947] loop3: detected capacity change from 0 to 4096 [ 215.064114][ T5946] NILFS (loop1): invalid segment: Checksum error in segment payload [ 215.071419][ T5945] NILFS (loop4): recovery complete [ 215.076396][ T5946] NILFS (loop1): trying rollback from an earlier position [pid 5069] unlink("./72/binderfs") = 0 [pid 5945] <... mount resumed>) = 0 [pid 5069] umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5945] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5945] chdir("./file0") = 0 [pid 5945] ioctl(4, LOOP_CLR_FD) = 0 [pid 5945] close(4) = 0 [ 215.125918][ T5947] NILFS (loop3): invalid segment: Checksum error in segment payload [ 215.136153][ T5948] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 215.139087][ T5946] NILFS (loop1): recovery complete [ 215.148220][ T5947] NILFS (loop3): trying rollback from an earlier position [pid 5945] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5945] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5946] <... mount resumed>) = 0 [pid 5946] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5945] ftruncate(5, 33587195 [pid 5946] <... openat resumed>) = 3 [pid 5945] <... ftruncate resumed>) = 0 [pid 5946] chdir("./file0" [pid 5945] sendfile(4, 5, NULL, 281474978811909 [pid 5946] <... chdir resumed>) = 0 [pid 5946] ioctl(4, LOOP_CLR_FD) = 0 [pid 5946] close(4) = 0 [pid 5946] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5946] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5946] ftruncate(5, 33587195) = 0 [ 215.174515][ T5949] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5946] sendfile(4, 5, NULL, 281474978811909 [pid 5941] <... sendfile resumed>) = 1048576 [pid 5941] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5941] exit_group(0) = ? [pid 5941] +++ exited with 0 +++ [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5941, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5066] umount2("./71", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./71", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5066] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [ 215.223197][ T5947] NILFS (loop3): recovery complete [pid 5066] umount2("./71/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./71/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] unlink("./71/binderfs") = 0 [pid 5066] umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5947] <... mount resumed>) = 0 [pid 5947] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5947] chdir("./file0") = 0 [pid 5947] ioctl(4, LOOP_CLR_FD) = 0 [pid 5947] close(4) = 0 [pid 5947] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5947] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5947] ftruncate(5, 33587195) = 0 [ 215.287632][ T5950] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5947] sendfile(4, 5, NULL, 281474978811909 [pid 5069] <... umount2 resumed>) = 0 [pid 5069] umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./72/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./72/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 5069] rmdir("./72/file0") = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./72") = 0 [pid 5069] mkdir("./73", 0777) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5069] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 5951 [pid 5066] <... umount2 resumed>) = 0 [pid 5942] <... sendfile resumed>) = 1048576 [pid 5942] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5942] exit_group(0./strace-static-x86_64: Process 5951 attached ) = ? [pid 5951] chdir("./73" [pid 5942] +++ exited with 0 +++ [pid 5951] <... chdir resumed>) = 0 [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5942, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 5951] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5951] setpgid(0, 0) = 0 [pid 5951] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5064] umount2("./71", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5951] write(3, "1000", 4) = 4 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5951] close(3) = 0 [pid 5951] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5064] openat(AT_FDCWD, "./71", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5951] memfd_create("syzkaller", 0) = 3 [pid 5064] <... openat resumed>) = 3 [pid 5951] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5066] umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(3, [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] lstat("./71/file0", [pid 5064] umount2("./71/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./71/binderfs", [pid 5066] openat(AT_FDCWD, "./71/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5064] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] fstat(4, [pid 5064] unlink("./71/binderfs" [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] <... unlink resumed>) = 0 [pid 5066] getdents64(4, [pid 5064] umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 5066] rmdir("./71/file0") = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./71") = 0 [pid 5066] mkdir("./72", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5066] close(3) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 5952 [pid 5951] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152./strace-static-x86_64: Process 5952 attached [pid 5952] chdir("./72") = 0 [pid 5952] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5952] setpgid(0, 0) = 0 [pid 5952] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5952] write(3, "1000", 4) = 4 [pid 5952] close(3) = 0 [pid 5952] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5952] memfd_create("syzkaller", 0) = 3 [pid 5952] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5952] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5951] <... write resumed>) = 2097152 [pid 5951] munmap(0x7fc0314e0000, 2097152) = 0 [pid 5951] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5951] ioctl(4, LOOP_SET_FD, 3 [pid 5064] <... umount2 resumed>) = 0 [pid 5951] <... ioctl resumed>) = 0 [pid 5951] close(3) = 0 [pid 5951] mkdir("./file0", 0777) = 0 [ 215.691288][ T5951] loop5: detected capacity change from 0 to 4096 [pid 5951] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5064] umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./71/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5952] <... write resumed>) = 2097152 [pid 5064] umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./71/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5064] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] close(4) = 0 [pid 5064] rmdir("./71/file0") = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] close(3) = 0 [pid 5064] rmdir("./71") = 0 [pid 5064] mkdir("./72", 0777) = 0 [pid 5952] munmap(0x7fc0314e0000, 2097152 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5952] <... munmap resumed>) = 0 [pid 5064] ioctl(3, LOOP_CLR_FD [pid 5952] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5064] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5952] <... openat resumed>) = 4 [pid 5064] close(3 [ 215.774347][ T5951] NILFS (loop5): invalid segment: Checksum error in segment payload [pid 5952] ioctl(4, LOOP_SET_FD, 3 [pid 5064] <... close resumed>) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 5953 ./strace-static-x86_64: Process 5953 attached [pid 5953] chdir("./72") = 0 [pid 5953] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5953] setpgid(0, 0) = 0 [pid 5953] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5953] write(3, "1000", 4) = 4 [pid 5953] close(3 [pid 5952] <... ioctl resumed>) = 0 [pid 5953] <... close resumed>) = 0 [pid 5952] close(3 [pid 5953] symlink("/dev/binderfs", "./binderfs" [pid 5952] <... close resumed>) = 0 [pid 5953] <... symlink resumed>) = 0 [pid 5952] mkdir("./file0", 0777 [pid 5953] memfd_create("syzkaller", 0 [pid 5952] <... mkdir resumed>) = 0 [pid 5953] <... memfd_create resumed>) = 3 [pid 5952] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5953] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 215.836296][ T5952] loop2: detected capacity change from 0 to 4096 [ 215.842750][ T5951] NILFS (loop5): trying rollback from an earlier position [pid 5953] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5951] <... mount resumed>) = 0 [pid 5951] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5951] chdir("./file0") = 0 [pid 5951] ioctl(4, LOOP_CLR_FD) = 0 [ 215.923317][ T5952] NILFS (loop2): invalid segment: Checksum error in segment payload [ 215.933812][ T5951] NILFS (loop5): recovery complete [ 215.952634][ T5954] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 215.958723][ T5952] NILFS (loop2): trying rollback from an earlier position [pid 5951] close(4 [pid 5953] <... write resumed>) = 2097152 [pid 5953] munmap(0x7fc0314e0000, 2097152) = 0 [pid 5953] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5951] <... close resumed>) = 0 [pid 5951] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5953] <... openat resumed>) = 4 [pid 5951] <... open resumed>) = 4 [pid 5951] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5951] ftruncate(5, 33587195) = 0 [pid 5953] ioctl(4, LOOP_SET_FD, 3 [ 216.016519][ T5952] NILFS (loop2): recovery complete [pid 5951] sendfile(4, 5, NULL, 281474978811909 [pid 5953] <... ioctl resumed>) = 0 [pid 5952] <... mount resumed>) = 0 [pid 5952] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5953] close(3 [pid 5952] <... openat resumed>) = 3 [pid 5953] <... close resumed>) = 0 [pid 5952] chdir("./file0" [pid 5953] mkdir("./file0", 0777 [pid 5952] <... chdir resumed>) = 0 [pid 5953] <... mkdir resumed>) = 0 [pid 5952] ioctl(4, LOOP_CLR_FD [pid 5953] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5952] <... ioctl resumed>) = 0 [pid 5952] close(4) = 0 [pid 5952] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5952] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5952] ftruncate(5, 33587195) = 0 [ 216.037398][ T5953] loop0: detected capacity change from 0 to 4096 [ 216.052497][ T5955] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 216.117661][ T5953] NILFS (loop0): invalid segment: Checksum error in segment payload [ 216.142143][ T5953] NILFS (loop0): trying rollback from an earlier position [ 216.266017][ T5953] NILFS (loop0): recovery complete [pid 5952] sendfile(4, 5, NULL, 281474978811909 [pid 5945] <... sendfile resumed>) = 1048576 [pid 5945] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5945] exit_group(0) = ? [pid 5945] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5945, si_uid=0, si_status=0, si_utime=0, si_stime=24 /* 0.24 s */} --- [pid 5068] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5953] <... mount resumed>) = 0 [pid 5953] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5068] umount2("./72", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5953] <... openat resumed>) = 3 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5953] chdir("./file0" [pid 5068] openat(AT_FDCWD, "./72", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5953] <... chdir resumed>) = 0 [pid 5068] <... openat resumed>) = 3 [pid 5953] ioctl(4, LOOP_CLR_FD [pid 5068] fstat(3, [pid 5953] <... ioctl resumed>) = 0 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5953] close(4 [pid 5068] getdents64(3, [pid 5953] <... close resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5953] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] umount2("./72/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./72/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] unlink("./72/binderfs") = 0 [pid 5068] umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5953] <... open resumed>) = 4 [pid 5953] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5953] ftruncate(5, 33587195) = 0 [ 216.310239][ T5956] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5953] sendfile(4, 5, NULL, 281474978811909 [pid 5947] <... sendfile resumed>) = 1048576 [pid 5947] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5947] exit_group(0) = ? [pid 5947] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5947, si_uid=0, si_status=0, si_utime=0, si_stime=28 /* 0.28 s */} --- [pid 5946] <... sendfile resumed>) = 1048576 [pid 5067] umount2("./72", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5946] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5946] <... open resumed>) = -1 EFAULT (Bad address) [pid 5067] openat(AT_FDCWD, "./72", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5946] exit_group(0 [pid 5067] <... openat resumed>) = 3 [pid 5946] <... exit_group resumed>) = ? [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, [pid 5946] +++ exited with 0 +++ [pid 5067] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./72/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5946, si_uid=0, si_status=0, si_utime=0, si_stime=28 /* 0.28 s */} --- [pid 5067] lstat("./72/binderfs", [pid 5065] umount2("./71", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] unlink("./72/binderfs" [pid 5065] openat(AT_FDCWD, "./71", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5067] <... unlink resumed>) = 0 [pid 5065] <... openat resumed>) = 3 [pid 5067] umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./71/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./71/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] unlink("./71/binderfs") = 0 [pid 5065] umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... umount2 resumed>) = 0 [pid 5068] umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./72/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./72/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5068] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5068] rmdir("./72/file0") = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5068] rmdir("./72") = 0 [pid 5068] mkdir("./73", 0777) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5068] close(3) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 5957 ./strace-static-x86_64: Process 5957 attached [pid 5957] chdir("./73") = 0 [pid 5957] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5957] setpgid(0, 0) = 0 [pid 5957] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5957] write(3, "1000", 4) = 4 [pid 5957] close(3) = 0 [pid 5957] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5957] memfd_create("syzkaller", 0) = 3 [pid 5957] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5957] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5067] <... umount2 resumed>) = 0 [pid 5067] umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./72/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... umount2 resumed>) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./72/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] getdents64(4, [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] lstat("./71/file0", [pid 5067] close(4) = 0 [pid 5065] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] rmdir("./72/file0" [pid 5065] umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... rmdir resumed>) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] openat(AT_FDCWD, "./71/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5067] close(3) = 0 [pid 5065] <... openat resumed>) = 4 [pid 5067] rmdir("./72" [pid 5065] fstat(4, [pid 5067] <... rmdir resumed>) = 0 [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] mkdir("./73", 0777 [pid 5065] getdents64(4, [pid 5067] <... mkdir resumed>) = 0 [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5065] getdents64(4, [pid 5067] <... clone resumed>, child_tidptr=0x555556c965d0) = 5958 [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [pid 5065] rmdir("./71/file0") = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 5065] rmdir("./71") = 0 [pid 5065] mkdir("./72", 0777) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5065] close(3) = 0 [pid 5957] <... write resumed>) = 2097152 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5957] munmap(0x7fc0314e0000, 2097152) = 0 [pid 5065] <... clone resumed>, child_tidptr=0x555556c965d0) = 5959 [pid 5957] openat(AT_FDCWD, "/dev/loop4", O_RDWR./strace-static-x86_64: Process 5959 attached ./strace-static-x86_64: Process 5958 attached ) = 4 [pid 5959] chdir("./72" [pid 5958] chdir("./73" [pid 5957] ioctl(4, LOOP_SET_FD, 3 [pid 5959] <... chdir resumed>) = 0 [pid 5958] <... chdir resumed>) = 0 [pid 5959] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5958] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5959] <... prctl resumed>) = 0 [pid 5958] <... prctl resumed>) = 0 [pid 5959] setpgid(0, 0) = 0 [pid 5959] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5959] write(3, "1000", 4 [pid 5958] setpgid(0, 0 [pid 5959] <... write resumed>) = 4 [pid 5958] <... setpgid resumed>) = 0 [pid 5959] close(3 [pid 5958] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5959] <... close resumed>) = 0 [pid 5958] <... openat resumed>) = 3 [pid 5959] symlink("/dev/binderfs", "./binderfs" [pid 5958] write(3, "1000", 4 [pid 5957] <... ioctl resumed>) = 0 [pid 5959] <... symlink resumed>) = 0 [pid 5958] <... write resumed>) = 4 [pid 5957] close(3 [pid 5959] memfd_create("syzkaller", 0 [pid 5958] close(3 [pid 5959] <... memfd_create resumed>) = 3 [pid 5958] <... close resumed>) = 0 [pid 5957] <... close resumed>) = 0 [pid 5959] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5958] symlink("/dev/binderfs", "./binderfs" [pid 5957] mkdir("./file0", 0777 [pid 5959] <... mmap resumed>) = 0x7fc0314e0000 [pid 5958] <... symlink resumed>) = 0 [pid 5957] <... mkdir resumed>) = 0 [pid 5959] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5957] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5958] memfd_create("syzkaller", 0) = 3 [ 216.948280][ T5957] loop4: detected capacity change from 0 to 4096 [pid 5958] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5952] <... sendfile resumed>) = 1048576 [pid 5952] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5952] exit_group(0 [pid 5958] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5952] <... exit_group resumed>) = ? [pid 5951] <... sendfile resumed>) = 1048576 [pid 5951] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5952] +++ exited with 0 +++ [pid 5951] <... open resumed>) = -1 EFAULT (Bad address) [pid 5951] exit_group(0) = ? [pid 5951] +++ exited with 0 +++ [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5952, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=25 /* 0.25 s */} --- [pid 5066] umount2("./72", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5951, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=24 /* 0.24 s */} --- [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./72", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5066] <... openat resumed>) = 3 [pid 5066] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./73", MNT_DETACH|UMOUNT_NOFOLLOW [ 217.046842][ T5957] NILFS (loop4): invalid segment: Checksum error in segment payload [ 217.056294][ T5957] NILFS (loop4): trying rollback from an earlier position [pid 5066] getdents64(3, [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] openat(AT_FDCWD, "./73", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] umount2("./72/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... openat resumed>) = 3 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] fstat(3, [pid 5066] lstat("./72/binderfs", [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5958] <... write resumed>) = 2097152 [pid 5069] getdents64(3, [pid 5066] unlink("./72/binderfs" [pid 5958] munmap(0x7fc0314e0000, 2097152 [pid 5069] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./73/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... unlink resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5958] <... munmap resumed>) = 0 [pid 5069] lstat("./73/binderfs", [pid 5958] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5069] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [ 217.097630][ T5957] NILFS (loop4): recovery complete [pid 5959] <... write resumed>) = 2097152 [pid 5958] <... openat resumed>) = 4 [pid 5957] <... mount resumed>) = 0 [pid 5069] unlink("./73/binderfs" [pid 5959] munmap(0x7fc0314e0000, 2097152 [pid 5958] ioctl(4, LOOP_SET_FD, 3 [pid 5957] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5069] <... unlink resumed>) = 0 [pid 5959] <... munmap resumed>) = 0 [pid 5957] <... openat resumed>) = 3 [pid 5957] chdir("./file0") = 0 [pid 5957] ioctl(4, LOOP_CLR_FD) = 0 [pid 5957] close(4) = 0 [pid 5957] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5069] umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5959] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5958] <... ioctl resumed>) = 0 [pid 5957] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5959] <... openat resumed>) = 4 [pid 5957] <... open resumed>) = 5 [pid 5958] close(3 [pid 5959] ioctl(4, LOOP_SET_FD, 3 [pid 5958] <... close resumed>) = 0 [pid 5957] ftruncate(5, 33587195) = 0 [ 217.125430][ T5960] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 217.139627][ T5958] loop3: detected capacity change from 0 to 4096 [pid 5957] sendfile(4, 5, NULL, 281474978811909 [pid 5959] <... ioctl resumed>) = 0 [pid 5958] mkdir("./file0", 0777) = 0 [pid 5958] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5959] close(3) = 0 [pid 5959] mkdir("./file0", 0777) = 0 [ 217.176143][ T5959] loop1: detected capacity change from 0 to 4096 [ 217.238949][ T5958] NILFS (loop3): invalid segment: Checksum error in segment payload [ 217.267995][ T5959] NILFS (loop1): invalid segment: Checksum error in segment payload [pid 5959] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5066] <... umount2 resumed>) = 0 [pid 5066] umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./72/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 217.286613][ T5958] NILFS (loop3): trying rollback from an earlier position [ 217.307219][ T5959] NILFS (loop1): trying rollback from an earlier position [pid 5066] umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... umount2 resumed>) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./72/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] fstat(4, [pid 5069] umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] getdents64(4, [pid 5069] lstat("./73/file0", [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(4, [pid 5069] umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] close(4 [pid 5069] openat(AT_FDCWD, "./73/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] <... close resumed>) = 0 [pid 5069] <... openat resumed>) = 4 [pid 5066] rmdir("./72/file0" [pid 5069] fstat(4, [pid 5066] <... rmdir resumed>) = 0 [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(3, [pid 5069] getdents64(4, [pid 5066] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] close(3 [pid 5069] getdents64(4, [pid 5066] <... close resumed>) = 0 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [ 217.380409][ T5958] NILFS (loop3): recovery complete [pid 5066] rmdir("./72" [pid 5958] <... mount resumed>) = 0 [pid 5069] close(4 [pid 5066] <... rmdir resumed>) = 0 [pid 5958] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5069] <... close resumed>) = 0 [pid 5066] mkdir("./73", 0777 [pid 5958] <... openat resumed>) = 3 [pid 5069] rmdir("./73/file0" [pid 5066] <... mkdir resumed>) = 0 [pid 5958] chdir("./file0" [pid 5069] <... rmdir resumed>) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5958] <... chdir resumed>) = 0 [pid 5069] getdents64(3, [pid 5066] <... openat resumed>) = 3 [pid 5958] ioctl(4, LOOP_CLR_FD [pid 5069] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] ioctl(3, LOOP_CLR_FD [pid 5958] <... ioctl resumed>) = 0 [pid 5069] close(3 [pid 5066] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5958] close(4 [pid 5069] <... close resumed>) = 0 [pid 5066] close(3 [pid 5958] <... close resumed>) = 0 [pid 5069] rmdir("./73" [pid 5066] <... close resumed>) = 0 [pid 5958] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] <... rmdir resumed>) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5958] <... open resumed>) = 4 [pid 5069] mkdir("./74", 0777 [pid 5958] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] <... mkdir resumed>) = 0 [pid 5066] <... clone resumed>, child_tidptr=0x555556c965d0) = 5963 [pid 5958] <... open resumed>) = 5 [pid 5953] <... sendfile resumed>) = 1048576 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5958] ftruncate(5, 33587195 [pid 5953] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5069] <... openat resumed>) = 3 [ 217.420748][ T5959] NILFS (loop1): recovery complete [ 217.428598][ T5961] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds ./strace-static-x86_64: Process 5963 attached [pid 5959] <... mount resumed>) = 0 [pid 5958] <... ftruncate resumed>) = 0 [pid 5953] <... open resumed>) = -1 EFAULT (Bad address) [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5959] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5959] <... openat resumed>) = 3 [pid 5958] sendfile(4, 5, NULL, 281474978811909 [pid 5953] exit_group(0 [pid 5069] close(3 [pid 5959] chdir("./file0" [pid 5069] <... close resumed>) = 0 [pid 5959] <... chdir resumed>) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5959] ioctl(4, LOOP_CLR_FD [pid 5953] <... exit_group resumed>) = ? [pid 5959] <... ioctl resumed>) = 0 [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 5964 [pid 5959] close(4 [pid 5953] +++ exited with 0 +++ [pid 5959] <... close resumed>) = 0 [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5953, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=25 /* 0.25 s */} --- [pid 5963] chdir("./73" [pid 5959] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5064] restart_syscall(<... resuming interrupted clone ...>./strace-static-x86_64: Process 5964 attached [pid 5963] <... chdir resumed>) = 0 [pid 5959] <... open resumed>) = 4 [pid 5064] <... restart_syscall resumed>) = 0 [pid 5964] chdir("./74" [pid 5963] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5959] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5964] <... chdir resumed>) = 0 [pid 5963] <... prctl resumed>) = 0 [pid 5959] <... open resumed>) = 5 [pid 5964] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5963] setpgid(0, 0 [pid 5959] ftruncate(5, 33587195 [pid 5064] umount2("./72", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5964] <... prctl resumed>) = 0 [pid 5963] <... setpgid resumed>) = 0 [pid 5959] <... ftruncate resumed>) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5964] setpgid(0, 0 [pid 5963] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5959] sendfile(4, 5, NULL, 281474978811909 [pid 5064] openat(AT_FDCWD, "./72", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5964] <... setpgid resumed>) = 0 [pid 5963] <... openat resumed>) = 3 [pid 5064] <... openat resumed>) = 3 [pid 5964] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5963] write(3, "1000", 4 [pid 5064] fstat(3, [pid 5964] <... openat resumed>) = 3 [pid 5963] <... write resumed>) = 4 [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 217.468051][ T5962] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5964] write(3, "1000", 4 [pid 5963] close(3 [pid 5064] getdents64(3, [pid 5964] <... write resumed>) = 4 [pid 5963] <... close resumed>) = 0 [pid 5064] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5964] close(3 [pid 5963] symlink("/dev/binderfs", "./binderfs" [pid 5064] umount2("./72/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5964] <... close resumed>) = 0 [pid 5963] <... symlink resumed>) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5964] symlink("/dev/binderfs", "./binderfs" [pid 5963] memfd_create("syzkaller", 0 [pid 5064] lstat("./72/binderfs", [pid 5964] <... symlink resumed>) = 0 [pid 5963] <... memfd_create resumed>) = 3 [pid 5064] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5964] memfd_create("syzkaller", 0 [pid 5963] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5064] unlink("./72/binderfs" [pid 5964] <... memfd_create resumed>) = 3 [pid 5963] <... mmap resumed>) = 0x7fc0314e0000 [pid 5064] <... unlink resumed>) = 0 [pid 5964] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5064] umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5964] <... mmap resumed>) = 0x7fc0314e0000 [pid 5964] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5963] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5964] <... write resumed>) = 2097152 [pid 5964] munmap(0x7fc0314e0000, 2097152) = 0 [pid 5964] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5964] ioctl(4, LOOP_SET_FD, 3 [pid 5064] <... umount2 resumed>) = 0 [pid 5963] <... write resumed>) = 2097152 [pid 5963] munmap(0x7fc0314e0000, 2097152) = 0 [pid 5963] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5964] <... ioctl resumed>) = 0 [pid 5963] <... openat resumed>) = 4 [pid 5964] close(3 [pid 5963] ioctl(4, LOOP_SET_FD, 3 [pid 5964] <... close resumed>) = 0 [pid 5964] mkdir("./file0", 0777) = 0 [ 217.723174][ T5964] loop5: detected capacity change from 0 to 4096 [pid 5963] <... ioctl resumed>) = 0 [pid 5964] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5963] close(3 [pid 5064] umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5963] <... close resumed>) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5963] mkdir("./file0", 0777 [pid 5064] lstat("./72/file0", [pid 5963] <... mkdir resumed>) = 0 [pid 5064] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5963] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5064] umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./72/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5064] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [ 217.778226][ T5963] loop2: detected capacity change from 0 to 4096 [pid 5064] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] close(4) = 0 [pid 5064] rmdir("./72/file0") = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] close(3) = 0 [pid 5064] rmdir("./72") = 0 [pid 5064] mkdir("./73", 0777) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5064] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5064] close(3) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 5965 ./strace-static-x86_64: Process 5965 attached [pid 5965] chdir("./73") = 0 [pid 5965] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5965] setpgid(0, 0) = 0 [ 217.836065][ T5963] NILFS (loop2): invalid segment: Checksum error in segment payload [ 217.839951][ T5964] NILFS (loop5): invalid segment: Checksum error in segment payload [ 217.845780][ T5963] NILFS (loop2): trying rollback from an earlier position [pid 5965] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5965] write(3, "1000", 4) = 4 [pid 5965] close(3) = 0 [pid 5965] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5965] memfd_create("syzkaller", 0) = 3 [pid 5965] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 217.920129][ T5964] NILFS (loop5): trying rollback from an earlier position [ 217.936745][ T5963] NILFS (loop2): recovery complete [pid 5963] <... mount resumed>) = 0 [pid 5963] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5963] chdir("./file0") = 0 [pid 5963] ioctl(4, LOOP_CLR_FD) = 0 [pid 5963] close(4) = 0 [pid 5963] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5965] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5963] <... open resumed>) = 4 [ 217.963452][ T5966] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5963] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5963] ftruncate(5, 33587195) = 0 [ 218.031173][ T5964] NILFS (loop5): recovery complete [pid 5963] sendfile(4, 5, NULL, 281474978811909 [pid 5964] <... mount resumed>) = 0 [pid 5964] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5964] chdir("./file0") = 0 [pid 5964] ioctl(4, LOOP_CLR_FD) = 0 [pid 5964] close(4) = 0 [pid 5964] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5964] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5964] ftruncate(5, 33587195) = 0 [ 218.072846][ T5967] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5964] sendfile(4, 5, NULL, 281474978811909 [pid 5965] <... write resumed>) = 2097152 [pid 5965] munmap(0x7fc0314e0000, 2097152) = 0 [pid 5965] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5965] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5965] close(3) = 0 [pid 5965] mkdir("./file0", 0777) = 0 [pid 5957] <... sendfile resumed>) = 1048576 [pid 5965] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5957] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5957] exit_group(0) = ? [pid 5957] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5957, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5068] umount2("./73", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./73", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] umount2("./73/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./73/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] unlink("./73/binderfs") = 0 [ 218.184638][ T5965] loop0: detected capacity change from 0 to 4096 [ 218.264980][ T5965] NILFS (loop0): invalid segment: Checksum error in segment payload [ 218.275077][ T5965] NILFS (loop0): trying rollback from an earlier position [pid 5068] umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5068] umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./73/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./73/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5068] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5068] rmdir("./73/file0") = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5068] rmdir("./73" [pid 5965] <... mount resumed>) = 0 [pid 5068] <... rmdir resumed>) = 0 [pid 5965] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [ 218.356621][ T5965] NILFS (loop0): recovery complete [pid 5068] mkdir("./74", 0777 [pid 5965] chdir("./file0") = 0 [pid 5965] ioctl(4, LOOP_CLR_FD) = 0 [pid 5965] close(4) = 0 [pid 5965] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5068] <... mkdir resumed>) = 0 [pid 5965] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5965] ftruncate(5, 33587195) = 0 [pid 5068] <... openat resumed>) = 3 [ 218.396960][ T5968] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5965] sendfile(4, 5, NULL, 281474978811909 [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5068] close(3) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 5969 ./strace-static-x86_64: Process 5969 attached [pid 5969] chdir("./74") = 0 [pid 5969] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5969] setpgid(0, 0) = 0 [pid 5969] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5969] write(3, "1000", 4) = 4 [pid 5969] close(3) = 0 [pid 5969] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5969] memfd_create("syzkaller", 0) = 3 [pid 5969] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5969] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5959] <... sendfile resumed>) = 1048576 [pid 5958] <... sendfile resumed>) = 1048576 [pid 5959] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5959] exit_group(0) = ? [pid 5958] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5959] +++ exited with 0 +++ [pid 5958] <... open resumed>) = -1 EFAULT (Bad address) [pid 5969] <... write resumed>) = 2097152 [pid 5958] exit_group(0) = ? [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5959, si_uid=0, si_status=0, si_utime=0, si_stime=20 /* 0.20 s */} --- [pid 5958] +++ exited with 0 +++ [pid 5065] umount2("./72", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5958, si_uid=0, si_status=0, si_utime=0, si_stime=24 /* 0.24 s */} --- [pid 5067] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5067] umount2("./73", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./73", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./73/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./73/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./73/binderfs") = 0 [pid 5067] umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./72", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, [pid 5969] munmap(0x7fc0314e0000, 2097152 [pid 5065] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5969] <... munmap resumed>) = 0 [pid 5065] umount2("./72/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5969] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./72/binderfs", [pid 5969] <... openat resumed>) = 4 [pid 5065] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5969] ioctl(4, LOOP_SET_FD, 3 [pid 5065] unlink("./72/binderfs" [pid 5969] <... ioctl resumed>) = 0 [pid 5065] <... unlink resumed>) = 0 [pid 5065] umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5969] close(3) = 0 [pid 5969] mkdir("./file0", 0777) = 0 [pid 5969] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5067] <... umount2 resumed>) = 0 [ 218.726138][ T5969] loop4: detected capacity change from 0 to 4096 [pid 5067] umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./73/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./73/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./73/file0") = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./73") = 0 [ 218.781514][ T5969] NILFS (loop4): invalid segment: Checksum error in segment payload [ 218.815972][ T5969] NILFS (loop4): trying rollback from an earlier position [pid 5067] mkdir("./74", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] close(3) = 0 [ 218.849174][ T5969] NILFS (loop4): recovery complete [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 5971 [pid 5969] <... mount resumed>) = 0 [pid 5969] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 ./strace-static-x86_64: Process 5971 attached [pid 5969] chdir("./file0" [pid 5065] <... umount2 resumed>) = 0 [pid 5971] chdir("./74" [pid 5969] <... chdir resumed>) = 0 [pid 5065] umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5971] <... chdir resumed>) = 0 [pid 5969] ioctl(4, LOOP_CLR_FD [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5971] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5969] <... ioctl resumed>) = 0 [pid 5065] lstat("./72/file0", [pid 5971] <... prctl resumed>) = 0 [pid 5969] close(4 [pid 5065] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5971] setpgid(0, 0 [pid 5969] <... close resumed>) = 0 [pid 5065] umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5971] <... setpgid resumed>) = 0 [ 218.886048][ T5970] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5969] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5065] openat(AT_FDCWD, "./72/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5971] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5065] <... openat resumed>) = 4 [pid 5971] <... openat resumed>) = 3 [pid 5969] <... open resumed>) = 4 [pid 5065] fstat(4, [pid 5969] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5971] write(3, "1000", 4 [pid 5969] <... open resumed>) = 5 [pid 5969] ftruncate(5, 33587195 [pid 5065] getdents64(4, [pid 5971] <... write resumed>) = 4 [pid 5971] close(3 [pid 5969] <... ftruncate resumed>) = 0 [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5969] sendfile(4, 5, NULL, 281474978811909 [pid 5971] <... close resumed>) = 0 [pid 5065] getdents64(4, [pid 5971] symlink("/dev/binderfs", "./binderfs" [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5971] <... symlink resumed>) = 0 [pid 5065] close(4 [pid 5971] memfd_create("syzkaller", 0 [pid 5065] <... close resumed>) = 0 [pid 5971] <... memfd_create resumed>) = 3 [pid 5065] rmdir("./72/file0") = 0 [pid 5971] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5065] getdents64(3, [pid 5971] <... mmap resumed>) = 0x7fc0314e0000 [pid 5065] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 5065] rmdir("./72") = 0 [pid 5065] mkdir("./73", 0777) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5065] close(3) = 0 [pid 5971] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 5972 [pid 5971] <... write resumed>) = 2097152 [pid 5971] munmap(0x7fc0314e0000, 2097152) = 0 [pid 5971] openat(AT_FDCWD, "/dev/loop3", O_RDWR./strace-static-x86_64: Process 5972 attached [pid 5972] chdir("./73" [pid 5971] <... openat resumed>) = 4 [pid 5972] <... chdir resumed>) = 0 [pid 5972] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5972] setpgid(0, 0) = 0 [pid 5972] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5971] ioctl(4, LOOP_SET_FD, 3 [pid 5972] write(3, "1000", 4) = 4 [pid 5971] <... ioctl resumed>) = 0 [pid 5972] close(3) = 0 [pid 5972] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5971] close(3 [pid 5972] memfd_create("syzkaller", 0 [pid 5971] <... close resumed>) = 0 [pid 5972] <... memfd_create resumed>) = 3 [pid 5972] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5971] mkdir("./file0", 0777 [pid 5972] <... mmap resumed>) = 0x7fc0314e0000 [pid 5971] <... mkdir resumed>) = 0 [ 219.098815][ T5971] loop3: detected capacity change from 0 to 4096 [pid 5971] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [ 219.164149][ T5971] NILFS (loop3): invalid segment: Checksum error in segment payload [ 219.194365][ T5971] NILFS (loop3): trying rollback from an earlier position [pid 5972] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5963] <... sendfile resumed>) = 1048576 [pid 5963] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5963] exit_group(0) = ? [pid 5963] +++ exited with 0 +++ [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5963, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} --- [pid 5066] umount2("./73", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./73", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5066] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 219.251102][ T5971] NILFS (loop3): recovery complete [pid 5066] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] umount2("./73/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./73/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5972] <... write resumed>) = 2097152 [pid 5972] munmap(0x7fc0314e0000, 2097152 [pid 5066] unlink("./73/binderfs" [pid 5972] <... munmap resumed>) = 0 [pid 5066] <... unlink resumed>) = 0 [pid 5972] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5972] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5971] <... mount resumed>) = 0 [pid 5066] umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5971] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5972] close(3) = 0 [pid 5972] mkdir("./file0", 0777 [pid 5971] <... openat resumed>) = 3 [pid 5971] chdir("./file0") = 0 [pid 5971] ioctl(4, LOOP_CLR_FD) = 0 [pid 5964] <... sendfile resumed>) = 1048576 [pid 5964] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5964] exit_group(0 [pid 5971] close(4 [pid 5964] <... exit_group resumed>) = ? [pid 5971] <... close resumed>) = 0 [pid 5964] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5964, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 5069] umount2("./74", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./74", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, [pid 5971] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./74/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./74/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./74/binderfs" [pid 5971] <... open resumed>) = 4 [pid 5069] <... unlink resumed>) = 0 [pid 5069] umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5971] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5972] <... mkdir resumed>) = 0 [pid 5971] <... open resumed>) = 5 [ 219.314102][ T5973] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 219.328580][ T5972] loop1: detected capacity change from 0 to 4096 [pid 5972] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5971] ftruncate(5, 33587195) = 0 [ 219.392973][ T5972] NILFS (loop1): invalid segment: Checksum error in segment payload [ 219.437082][ T5972] NILFS (loop1): trying rollback from an earlier position [pid 5971] sendfile(4, 5, NULL, 281474978811909 [pid 5965] <... sendfile resumed>) = 1048576 [pid 5965] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5965] exit_group(0) = ? [pid 5965] +++ exited with 0 +++ [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5965, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 5064] umount2("./73", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./73", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5066] <... umount2 resumed>) = 0 [pid 5064] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./73/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./73/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5064] getdents64(3, [pid 5066] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] getdents64(4, [pid 5064] umount2("./73/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 5066] rmdir("./73/file0") = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./73/binderfs", [pid 5066] getdents64(3, [pid 5064] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] close(3 [pid 5064] unlink("./73/binderfs" [pid 5066] <... close resumed>) = 0 [pid 5066] rmdir("./73") = 0 [pid 5064] <... unlink resumed>) = 0 [pid 5064] umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] mkdir("./74", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 219.552669][ T5972] NILFS (loop1): recovery complete [pid 5066] close(3 [pid 5972] <... mount resumed>) = 0 [pid 5069] <... umount2 resumed>) = 0 [pid 5066] <... close resumed>) = 0 [pid 5972] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5972] <... openat resumed>) = 3 [pid 5972] chdir("./file0") = 0 [pid 5066] <... clone resumed>, child_tidptr=0x555556c965d0) = 5975 [pid 5972] ioctl(4, LOOP_CLR_FD) = 0 [pid 5972] close(4) = 0 [pid 5972] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5972] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5972] ftruncate(5, 33587195) = 0 [pid 5972] sendfile(4, 5, NULL, 281474978811909./strace-static-x86_64: Process 5975 attached [pid 5069] umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5975] chdir("./74") = 0 [pid 5975] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5975] setpgid(0, 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5975] <... setpgid resumed>) = 0 [pid 5975] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5069] lstat("./74/file0", [pid 5975] <... openat resumed>) = 3 [pid 5975] write(3, "1000", 4 [pid 5069] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5975] <... write resumed>) = 4 [pid 5069] umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5975] close(3 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5975] <... close resumed>) = 0 [pid 5975] symlink("/dev/binderfs", "./binderfs" [pid 5069] openat(AT_FDCWD, "./74/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5975] <... symlink resumed>) = 0 [pid 5069] <... openat resumed>) = 4 [pid 5975] memfd_create("syzkaller", 0) = 3 [pid 5975] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5069] fstat(4, [pid 5975] <... mmap resumed>) = 0x7fc0314e0000 [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 219.613123][ T5974] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5069] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 5069] rmdir("./74/file0") = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./74") = 0 [pid 5069] mkdir("./75", 0777) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5975] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5069] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 5976 ./strace-static-x86_64: Process 5976 attached [pid 5976] chdir("./75" [pid 5064] <... umount2 resumed>) = 0 [pid 5976] <... chdir resumed>) = 0 [pid 5976] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5976] setpgid(0, 0) = 0 [pid 5976] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5976] write(3, "1000", 4) = 4 [pid 5976] close(3) = 0 [pid 5976] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5976] memfd_create("syzkaller", 0) = 3 [pid 5976] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5064] umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./73/file0", [pid 5975] <... write resumed>) = 2097152 [pid 5064] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5975] munmap(0x7fc0314e0000, 2097152 [pid 5064] umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./73/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5064] fstat(4, [pid 5975] <... munmap resumed>) = 0 [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(4, [pid 5975] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5975] <... openat resumed>) = 4 [pid 5064] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5975] ioctl(4, LOOP_SET_FD, 3 [pid 5064] close(4) = 0 [pid 5064] rmdir("./73/file0") = 0 [pid 5064] getdents64(3, [pid 5976] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5064] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] close(3) = 0 [pid 5064] rmdir("./73") = 0 [pid 5064] mkdir("./74", 0777) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5975] <... ioctl resumed>) = 0 [pid 5064] <... openat resumed>) = 3 [pid 5064] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5975] close(3) = 0 [pid 5064] close(3 [pid 5975] mkdir("./file0", 0777 [pid 5064] <... close resumed>) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 5977 [pid 5975] <... mkdir resumed>) = 0 [pid 5976] <... write resumed>) = 2097152 [ 219.874996][ T5975] loop2: detected capacity change from 0 to 4096 [pid 5975] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, ""./strace-static-x86_64: Process 5977 attached [pid 5976] munmap(0x7fc0314e0000, 2097152 [pid 5977] chdir("./74" [pid 5976] <... munmap resumed>) = 0 [pid 5977] <... chdir resumed>) = 0 [pid 5976] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5977] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5976] <... openat resumed>) = 4 [pid 5977] <... prctl resumed>) = 0 [pid 5976] ioctl(4, LOOP_SET_FD, 3 [pid 5977] setpgid(0, 0) = 0 [pid 5977] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5977] write(3, "1000", 4) = 4 [pid 5977] close(3) = 0 [pid 5977] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5977] memfd_create("syzkaller", 0) = 3 [pid 5977] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5969] <... sendfile resumed>) = 1048576 [pid 5976] <... ioctl resumed>) = 0 [pid 5969] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5976] close(3 [pid 5969] <... open resumed>) = -1 EFAULT (Bad address) [pid 5976] <... close resumed>) = 0 [pid 5969] exit_group(0 [pid 5976] mkdir("./file0", 0777 [pid 5969] <... exit_group resumed>) = ? [pid 5976] <... mkdir resumed>) = 0 [pid 5969] +++ exited with 0 +++ [pid 5976] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5969, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=18 /* 0.18 s */} --- [pid 5068] umount2("./74", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./74", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 219.952054][ T5975] NILFS (loop2): invalid segment: Checksum error in segment payload [ 219.959310][ T5976] loop5: detected capacity change from 0 to 4096 [ 219.986529][ T5975] NILFS (loop2): trying rollback from an earlier position [pid 5977] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5975] <... mount resumed>) = 0 [pid 5068] fstat(3, [pid 5975] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5975] <... openat resumed>) = 3 [pid 5068] getdents64(3, [pid 5975] chdir("./file0" [pid 5068] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5975] <... chdir resumed>) = 0 [pid 5068] umount2("./74/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5975] ioctl(4, LOOP_CLR_FD [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5975] <... ioctl resumed>) = 0 [pid 5068] lstat("./74/binderfs", [pid 5975] close(4 [pid 5068] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5975] <... close resumed>) = 0 [pid 5068] unlink("./74/binderfs" [pid 5975] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] <... unlink resumed>) = 0 [pid 5975] <... open resumed>) = 4 [pid 5068] umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5975] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5975] ftruncate(5, 33587195) = 0 [ 220.029345][ T5975] NILFS (loop2): recovery complete [ 220.042283][ T5978] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5975] sendfile(4, 5, NULL, 281474978811909 [pid 5977] <... write resumed>) = 2097152 [pid 5977] munmap(0x7fc0314e0000, 2097152) = 0 [pid 5977] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5977] ioctl(4, LOOP_SET_FD, 3 [pid 5976] <... mount resumed>) = 0 [pid 5977] <... ioctl resumed>) = 0 [pid 5976] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [ 220.117846][ T5976] NILFS (loop5): invalid segment: Checksum error in segment payload [ 220.134198][ T5976] NILFS (loop5): trying rollback from an earlier position [ 220.150039][ T5976] NILFS (loop5): recovery complete [pid 5976] chdir("./file0") = 0 [pid 5976] ioctl(4, LOOP_CLR_FD) = 0 [pid 5977] close(3 [pid 5976] close(4 [pid 5977] <... close resumed>) = 0 [pid 5976] <... close resumed>) = 0 [pid 5977] mkdir("./file0", 0777 [pid 5976] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5977] <... mkdir resumed>) = 0 [pid 5976] <... open resumed>) = 4 [pid 5977] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5976] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5068] <... umount2 resumed>) = 0 [ 220.186127][ T5977] loop0: detected capacity change from 0 to 4096 [ 220.195036][ T5979] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5976] ftruncate(5, 33587195) = 0 [pid 5976] sendfile(4, 5, NULL, 281474978811909 [pid 5068] umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./74/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./74/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 220.255781][ T5977] NILFS (loop0): invalid segment: Checksum error in segment payload [pid 5068] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [ 220.325984][ T5977] NILFS (loop0): trying rollback from an earlier position [pid 5068] rmdir("./74/file0") = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5068] rmdir("./74") = 0 [pid 5068] mkdir("./75", 0777) = 0 [ 220.369328][ T5977] NILFS (loop0): recovery complete [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5977] <... mount resumed>) = 0 [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5977] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5068] close(3 [pid 5977] <... openat resumed>) = 3 [pid 5068] <... close resumed>) = 0 [pid 5977] chdir("./file0" [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5977] <... chdir resumed>) = 0 [pid 5971] <... sendfile resumed>) = 1048576 [pid 5977] ioctl(4, LOOP_CLR_FD [pid 5971] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5977] <... ioctl resumed>) = 0 [pid 5971] <... open resumed>) = -1 EFAULT (Bad address) [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 5981 ./strace-static-x86_64: Process 5981 attached [pid 5977] close(4 [pid 5971] exit_group(0 [pid 5981] chdir("./75" [pid 5977] <... close resumed>) = 0 [pid 5971] <... exit_group resumed>) = ? [pid 5981] <... chdir resumed>) = 0 [ 220.407275][ T5980] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5977] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5971] +++ exited with 0 +++ [pid 5981] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5971, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 5981] <... prctl resumed>) = 0 [pid 5977] <... open resumed>) = 4 [pid 5981] setpgid(0, 0 [pid 5977] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5981] <... setpgid resumed>) = 0 [pid 5977] <... open resumed>) = 5 [pid 5981] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5977] ftruncate(5, 33587195 [pid 5981] <... openat resumed>) = 3 [pid 5977] <... ftruncate resumed>) = 0 [pid 5981] write(3, "1000", 4 [pid 5977] sendfile(4, 5, NULL, 281474978811909 [pid 5067] umount2("./74", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5981] <... write resumed>) = 4 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./74", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5981] close(3 [pid 5067] <... openat resumed>) = 3 [pid 5981] <... close resumed>) = 0 [pid 5067] fstat(3, [pid 5981] symlink("/dev/binderfs", "./binderfs" [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5981] <... symlink resumed>) = 0 [pid 5067] getdents64(3, [pid 5981] memfd_create("syzkaller", 0 [pid 5067] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5981] <... memfd_create resumed>) = 3 [pid 5067] umount2("./74/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5981] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5981] <... mmap resumed>) = 0x7fc0314e0000 [pid 5067] lstat("./74/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./74/binderfs") = 0 [pid 5067] umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5981] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152 [pid 5981] munmap(0x7fc0314e0000, 2097152) = 0 [pid 5981] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5981] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5981] close(3 [pid 5067] <... umount2 resumed>) = 0 [pid 5981] <... close resumed>) = 0 [pid 5981] mkdir("./file0", 0777) = 0 [pid 5981] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5972] <... sendfile resumed>) = 1048576 [pid 5067] umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5972] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./74/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5972] <... open resumed>) = -1 EFAULT (Bad address) [pid 5067] umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./74/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./74/file0") = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./74") = 0 [pid 5067] mkdir("./75", 0777) = 0 [pid 5972] exit_group(0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 220.735912][ T5981] loop4: detected capacity change from 0 to 4096 [pid 5067] close(3 [pid 5972] <... exit_group resumed>) = ? [pid 5067] <... close resumed>) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 5982 [pid 5972] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5972, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 5065] umount2("./73", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5982 attached [pid 5982] chdir("./75" [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5982] <... chdir resumed>) = 0 [pid 5982] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5065] openat(AT_FDCWD, "./73", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5982] <... prctl resumed>) = 0 [pid 5982] setpgid(0, 0) = 0 [pid 5982] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5982] write(3, "1000", 4) = 4 [pid 5982] close(3) = 0 [pid 5982] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5982] memfd_create("syzkaller", 0) = 3 [pid 5982] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5065] <... openat resumed>) = 3 [pid 5982] <... mmap resumed>) = 0x7fc0314e0000 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./73/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./73/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] unlink("./73/binderfs") = 0 [pid 5982] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [ 220.805661][ T5981] NILFS (loop4): invalid segment: Checksum error in segment payload [ 220.825654][ T5981] NILFS (loop4): trying rollback from an earlier position [pid 5065] umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5981] <... mount resumed>) = 0 [pid 5982] <... write resumed>) = 2097152 [pid 5981] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5982] munmap(0x7fc0314e0000, 2097152 [pid 5981] <... openat resumed>) = 3 [pid 5981] chdir("./file0") = 0 [pid 5981] ioctl(4, LOOP_CLR_FD [pid 5982] <... munmap resumed>) = 0 [pid 5981] <... ioctl resumed>) = 0 [pid 5982] openat(AT_FDCWD, "/dev/loop3", O_RDWR [ 220.910146][ T5981] NILFS (loop4): recovery complete [ 220.917744][ T5983] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5981] close(4 [pid 5982] <... openat resumed>) = 4 [pid 5981] <... close resumed>) = 0 [pid 5982] ioctl(4, LOOP_SET_FD, 3 [pid 5981] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5982] <... ioctl resumed>) = 0 [pid 5981] <... open resumed>) = 4 [pid 5981] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5981] ftruncate(5, 33587195) = 0 [pid 5981] sendfile(4, 5, NULL, 281474978811909 [pid 5982] close(3) = 0 [pid 5982] mkdir("./file0", 0777) = 0 [ 220.986470][ T5982] loop3: detected capacity change from 0 to 4096 [pid 5982] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5065] <... umount2 resumed>) = 0 [pid 5065] umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./73/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./73/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [pid 5065] rmdir("./73/file0") = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 5065] rmdir("./73") = 0 [ 221.073276][ T5982] NILFS (loop3): invalid segment: Checksum error in segment payload [pid 5065] mkdir("./74", 0777) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 5984 ./strace-static-x86_64: Process 5984 attached [pid 5984] chdir("./74") = 0 [pid 5984] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5984] setpgid(0, 0) = 0 [pid 5984] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5984] write(3, "1000", 4) = 4 [pid 5984] close(3) = 0 [pid 5984] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5984] memfd_create("syzkaller", 0) = 3 [pid 5984] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 221.129850][ T5982] NILFS (loop3): trying rollback from an earlier position [ 221.203208][ T5982] NILFS (loop3): recovery complete [pid 5984] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5982] <... mount resumed>) = 0 [pid 5982] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5982] chdir("./file0") = 0 [pid 5982] ioctl(4, LOOP_CLR_FD) = 0 [pid 5982] close(4) = 0 [ 221.223496][ T5985] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5982] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5984] <... write resumed>) = 2097152 [pid 5984] munmap(0x7fc0314e0000, 2097152) = 0 [pid 5984] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5984] ioctl(4, LOOP_SET_FD, 3 [pid 5982] <... open resumed>) = 4 [pid 5982] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5982] ftruncate(5, 33587195) = 0 [pid 5982] sendfile(4, 5, NULL, 281474978811909 [pid 5984] <... ioctl resumed>) = 0 [pid 5984] close(3) = 0 [pid 5984] mkdir("./file0", 0777) = 0 [ 221.299821][ T5984] loop1: detected capacity change from 0 to 4096 [pid 5984] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5976] <... sendfile resumed>) = 1048576 [pid 5976] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5975] <... sendfile resumed>) = 1048576 [pid 5976] exit_group(0 [pid 5975] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5976] <... exit_group resumed>) = ? [pid 5975] <... open resumed>) = -1 EFAULT (Bad address) [pid 5976] +++ exited with 0 +++ [pid 5975] exit_group(0) = ? [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5976, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 5069] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5975] +++ exited with 0 +++ [pid 5069] umount2("./75", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./75", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5975, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5069] <... openat resumed>) = 3 [pid 5066] umount2("./74", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] fstat(3, [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] openat(AT_FDCWD, "./74", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] getdents64(3, [pid 5066] <... openat resumed>) = 3 [pid 5069] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] fstat(3, [pid 5069] umount2("./75/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] getdents64(3, [pid 5069] lstat("./75/binderfs", [pid 5066] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] umount2("./74/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] unlink("./75/binderfs" [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... unlink resumed>) = 0 [pid 5066] lstat("./74/binderfs", [pid 5069] umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] unlink("./74/binderfs") = 0 [ 221.433843][ T5984] NILFS (loop1): invalid segment: Checksum error in segment payload [ 221.467775][ T5984] NILFS (loop1): trying rollback from an earlier position [ 221.554401][ T5984] NILFS (loop1): recovery complete [pid 5066] umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5977] <... sendfile resumed>) = 1048576 [pid 5977] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5977] exit_group(0) = ? [pid 5977] +++ exited with 0 +++ [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5977, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5064] umount2("./74", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./74", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5064] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] umount2("./74/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./74/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] unlink("./74/binderfs") = 0 [pid 5064] umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... umount2 resumed>) = 0 [pid 5984] <... mount resumed>) = 0 [pid 5984] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5984] chdir("./file0" [pid 5069] <... umount2 resumed>) = 0 [pid 5066] umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5984] <... chdir resumed>) = 0 [pid 5069] umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5984] ioctl(4, LOOP_CLR_FD) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./74/file0", [pid 5984] close(4 [ 221.628050][ T5986] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5069] lstat("./75/file0", [pid 5066] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5984] <... close resumed>) = 0 [pid 5069] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5984] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./75/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5984] <... open resumed>) = 4 [pid 5069] <... openat resumed>) = 4 [pid 5066] openat(AT_FDCWD, "./74/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5984] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] fstat(4, [pid 5066] <... openat resumed>) = 4 [pid 5984] <... open resumed>) = 5 [pid 5984] ftruncate(5, 33587195 [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5984] <... ftruncate resumed>) = 0 [pid 5066] fstat(4, [pid 5984] sendfile(4, 5, NULL, 281474978811909 [pid 5069] getdents64(4, [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, [pid 5064] <... umount2 resumed>) = 0 [pid 5069] getdents64(4, [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] getdents64(4, [pid 5064] umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] close(4) = 0 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] rmdir("./75/file0" [pid 5066] close(4 [pid 5069] <... rmdir resumed>) = 0 [pid 5066] <... close resumed>) = 0 [pid 5066] rmdir("./74/file0" [pid 5069] getdents64(3, [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] <... rmdir resumed>) = 0 [pid 5064] lstat("./74/file0", [pid 5069] close(3 [pid 5066] getdents64(3, [pid 5069] <... close resumed>) = 0 [pid 5066] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] rmdir("./75" [pid 5066] close(3 [pid 5069] <... rmdir resumed>) = 0 [pid 5066] <... close resumed>) = 0 [pid 5064] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] mkdir("./76", 0777 [pid 5066] rmdir("./74" [pid 5069] <... mkdir resumed>) = 0 [pid 5066] <... rmdir resumed>) = 0 [pid 5064] umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5066] mkdir("./75", 0777 [pid 5069] <... openat resumed>) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5066] <... mkdir resumed>) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5064] openat(AT_FDCWD, "./74/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] close(3 [pid 5066] <... openat resumed>) = 3 [pid 5064] <... openat resumed>) = 4 [pid 5069] <... close resumed>) = 0 [pid 5066] ioctl(3, LOOP_CLR_FD [pid 5064] fstat(4, [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5066] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] close(3 [pid 5064] getdents64(4, [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 5987 [pid 5066] <... close resumed>) = 0 [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5064] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] <... clone resumed>, child_tidptr=0x555556c965d0) = 5988 [pid 5064] close(4) = 0 [pid 5064] rmdir("./74/file0") = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] close(3./strace-static-x86_64: Process 5987 attached ) = 0 [pid 5987] chdir("./76" [pid 5064] rmdir("./74" [pid 5987] <... chdir resumed>) = 0 [pid 5064] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 5988 attached [pid 5987] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5064] mkdir("./75", 0777 [pid 5988] chdir("./75" [pid 5987] <... prctl resumed>) = 0 [pid 5064] <... mkdir resumed>) = 0 [pid 5988] <... chdir resumed>) = 0 [pid 5987] setpgid(0, 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5988] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5987] <... setpgid resumed>) = 0 [pid 5064] <... openat resumed>) = 3 [pid 5988] <... prctl resumed>) = 0 [pid 5987] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5064] ioctl(3, LOOP_CLR_FD [pid 5988] setpgid(0, 0 [pid 5987] <... openat resumed>) = 3 [pid 5064] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5988] <... setpgid resumed>) = 0 [pid 5987] write(3, "1000", 4 [pid 5064] close(3 [pid 5988] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5987] <... write resumed>) = 4 [pid 5064] <... close resumed>) = 0 [pid 5987] close(3 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5987] <... close resumed>) = 0 [pid 5988] <... openat resumed>) = 3 [pid 5987] symlink("/dev/binderfs", "./binderfs" [pid 5064] <... clone resumed>, child_tidptr=0x555556c965d0) = 5989 [pid 5988] write(3, "1000", 4 [pid 5987] <... symlink resumed>) = 0 [pid 5988] <... write resumed>) = 4 [pid 5987] memfd_create("syzkaller", 0 [pid 5988] close(3 [pid 5987] <... memfd_create resumed>) = 3 ./strace-static-x86_64: Process 5989 attached [pid 5988] <... close resumed>) = 0 [pid 5987] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5989] chdir("./75" [pid 5988] symlink("/dev/binderfs", "./binderfs" [pid 5987] <... mmap resumed>) = 0x7fc0314e0000 [pid 5989] <... chdir resumed>) = 0 [pid 5988] <... symlink resumed>) = 0 [pid 5989] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5988] memfd_create("syzkaller", 0 [pid 5989] <... prctl resumed>) = 0 [pid 5988] <... memfd_create resumed>) = 3 [pid 5989] setpgid(0, 0 [pid 5988] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5987] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5989] <... setpgid resumed>) = 0 [pid 5988] <... mmap resumed>) = 0x7fc0314e0000 [pid 5989] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5989] write(3, "1000", 4) = 4 [pid 5989] close(3) = 0 [pid 5989] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5989] memfd_create("syzkaller", 0) = 3 [pid 5989] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5989] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5988] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5981] <... sendfile resumed>) = 1048576 [pid 5981] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5981] exit_group(0) = ? [pid 5987] <... write resumed>) = 2097152 [pid 5981] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5981, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5987] munmap(0x7fc0314e0000, 2097152 [pid 5068] umount2("./75", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./75", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5987] <... munmap resumed>) = 0 [pid 5988] <... write resumed>) = 2097152 [pid 5068] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5987] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5068] getdents64(3, [pid 5988] munmap(0x7fc0314e0000, 2097152 [pid 5987] <... openat resumed>) = 4 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5988] <... munmap resumed>) = 0 [pid 5987] ioctl(4, LOOP_SET_FD, 3 [pid 5068] umount2("./75/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5988] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5988] <... openat resumed>) = 4 [pid 5068] lstat("./75/binderfs", [pid 5988] ioctl(4, LOOP_SET_FD, 3 [pid 5068] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] unlink("./75/binderfs") = 0 [pid 5068] umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5989] <... write resumed>) = 2097152 [pid 5989] munmap(0x7fc0314e0000, 2097152) = 0 [pid 5989] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5989] ioctl(4, LOOP_SET_FD, 3 [pid 5988] <... ioctl resumed>) = 0 [pid 5988] close(3) = 0 [pid 5988] mkdir("./file0", 0777) = 0 [pid 5988] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5987] <... ioctl resumed>) = 0 [pid 5987] close(3) = 0 [pid 5987] mkdir("./file0", 0777) = 0 [pid 5987] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5989] <... ioctl resumed>) = 0 [pid 5989] close(3) = 0 [pid 5989] mkdir("./file0", 0777) = 0 [ 222.057941][ T5987] loop5: detected capacity change from 0 to 4096 [ 222.064462][ T5988] loop2: detected capacity change from 0 to 4096 [ 222.079569][ T5989] loop0: detected capacity change from 0 to 4096 [ 222.124725][ T5988] NILFS (loop2): invalid segment: Checksum error in segment payload [ 222.150686][ T5989] NILFS (loop0): invalid segment: Checksum error in segment payload [ 222.160169][ T5988] NILFS (loop2): trying rollback from an earlier position [ 222.163546][ T5987] NILFS (loop5): invalid segment: Checksum error in segment payload [ 222.168748][ T5989] NILFS (loop0): trying rollback from an earlier position [ 222.182568][ T5987] NILFS (loop5): trying rollback from an earlier position [ 222.207189][ T5987] NILFS (loop5): recovery complete [pid 5989] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5987] <... mount resumed>) = 0 [pid 5987] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5987] chdir("./file0") = 0 [pid 5987] ioctl(4, LOOP_CLR_FD) = 0 [pid 5987] close(4) = 0 [pid 5068] <... umount2 resumed>) = 0 [pid 5987] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [ 222.219426][ T5990] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5068] umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./75/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5987] <... open resumed>) = 4 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5987] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] openat(AT_FDCWD, "./75/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5987] <... open resumed>) = 5 [pid 5068] <... openat resumed>) = 4 [pid 5987] ftruncate(5, 33587195 [pid 5068] fstat(4, [pid 5987] <... ftruncate resumed>) = 0 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5987] sendfile(4, 5, NULL, 281474978811909 [pid 5068] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [ 222.270738][ T5989] NILFS (loop0): recovery complete [pid 5068] close(4) = 0 [pid 5068] rmdir("./75/file0") = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5068] rmdir("./75") = 0 [pid 5068] mkdir("./76", 0777) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [ 222.309098][ T5988] NILFS (loop2): recovery complete [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5068] close(3) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 5992 ./strace-static-x86_64: Process 5992 attached [pid 5989] <... mount resumed>) = 0 [pid 5989] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5989] chdir("./file0") = 0 [pid 5989] ioctl(4, LOOP_CLR_FD) = 0 [pid 5989] close(4) = 0 [pid 5989] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5992] chdir("./76" [pid 5988] <... mount resumed>) = 0 [pid 5989] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5992] <... chdir resumed>) = 0 [pid 5989] <... open resumed>) = 5 [pid 5988] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5992] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5988] <... openat resumed>) = 3 [pid 5989] ftruncate(5, 33587195 [pid 5992] <... prctl resumed>) = 0 [pid 5989] <... ftruncate resumed>) = 0 [pid 5988] chdir("./file0" [pid 5982] <... sendfile resumed>) = 1048576 [pid 5992] setpgid(0, 0 [pid 5989] sendfile(4, 5, NULL, 281474978811909 [pid 5988] <... chdir resumed>) = 0 [pid 5982] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5992] <... setpgid resumed>) = 0 [pid 5988] ioctl(4, LOOP_CLR_FD [pid 5982] <... open resumed>) = -1 EFAULT (Bad address) [pid 5992] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5988] <... ioctl resumed>) = 0 [pid 5982] exit_group(0 [pid 5992] <... openat resumed>) = 3 [pid 5988] close(4 [pid 5982] <... exit_group resumed>) = ? [pid 5992] write(3, "1000", 4 [pid 5988] <... close resumed>) = 0 [pid 5982] +++ exited with 0 +++ [pid 5992] <... write resumed>) = 4 [pid 5988] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5982, si_uid=0, si_status=0, si_utime=0, si_stime=24 /* 0.24 s */} --- [pid 5992] close(3 [pid 5988] <... open resumed>) = 4 [pid 5992] <... close resumed>) = 0 [ 222.339814][ T5991] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 222.357373][ T5993] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5988] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5992] symlink("/dev/binderfs", "./binderfs" [pid 5988] <... open resumed>) = 5 [pid 5067] umount2("./75", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5992] <... symlink resumed>) = 0 [pid 5988] ftruncate(5, 33587195 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5992] memfd_create("syzkaller", 0 [pid 5988] <... ftruncate resumed>) = 0 [pid 5067] openat(AT_FDCWD, "./75", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5992] <... memfd_create resumed>) = 3 [pid 5988] sendfile(4, 5, NULL, 281474978811909 [pid 5067] <... openat resumed>) = 3 [pid 5992] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5067] fstat(3, [pid 5992] <... mmap resumed>) = 0x7fc0314e0000 [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./75/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./75/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./75/binderfs") = 0 [pid 5067] umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5992] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152 [pid 5992] munmap(0x7fc0314e0000, 2097152) = 0 [pid 5992] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5992] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5992] close(3) = 0 [pid 5992] mkdir("./file0", 0777) = 0 [ 222.656512][ T5992] loop4: detected capacity change from 0 to 4096 [pid 5992] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5067] <... umount2 resumed>) = 0 [pid 5067] umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./75/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./75/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./75/file0") = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./75") = 0 [pid 5067] mkdir("./76", 0777) = 0 [pid 5984] <... sendfile resumed>) = 1048576 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5984] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5067] <... openat resumed>) = 3 [pid 5984] <... open resumed>) = -1 EFAULT (Bad address) [pid 5067] ioctl(3, LOOP_CLR_FD [pid 5984] exit_group(0 [pid 5067] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5984] <... exit_group resumed>) = ? [ 222.755217][ T5992] NILFS (loop4): invalid segment: Checksum error in segment payload [ 222.793921][ T5992] NILFS (loop4): trying rollback from an earlier position [pid 5067] close(3 [pid 5984] +++ exited with 0 +++ [pid 5067] <... close resumed>) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5984, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5067] <... clone resumed>, child_tidptr=0x555556c965d0) = 5994 [pid 5065] umount2("./74", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./74", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./74/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./74/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] unlink("./74/binderfs") = 0 [pid 5065] umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5994 attached [pid 5994] chdir("./76") = 0 [pid 5994] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5994] setpgid(0, 0) = 0 [pid 5994] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5994] write(3, "1000", 4) = 4 [pid 5994] close(3) = 0 [pid 5994] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5994] memfd_create("syzkaller", 0) = 3 [pid 5994] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 222.810876][ T5992] NILFS (loop4): recovery complete [pid 5994] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5992] <... mount resumed>) = 0 [pid 5992] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5992] chdir("./file0") = 0 [pid 5992] ioctl(4, LOOP_CLR_FD) = 0 [pid 5992] close(4) = 0 [pid 5992] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [ 222.902455][ T5995] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5992] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5992] ftruncate(5, 33587195 [pid 5994] <... write resumed>) = 2097152 [pid 5992] <... ftruncate resumed>) = 0 [pid 5065] <... umount2 resumed>) = 0 [pid 5992] sendfile(4, 5, NULL, 281474978811909 [pid 5994] munmap(0x7fc0314e0000, 2097152) = 0 [pid 5994] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5994] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5065] umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5994] close(3 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5994] <... close resumed>) = 0 [pid 5994] mkdir("./file0", 0777 [pid 5065] lstat("./74/file0", [pid 5994] <... mkdir resumed>) = 0 [pid 5065] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5994] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5065] umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 223.030409][ T5994] loop3: detected capacity change from 0 to 4096 [pid 5065] openat(AT_FDCWD, "./74/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [pid 5065] rmdir("./74/file0") = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 5065] rmdir("./74") = 0 [pid 5065] mkdir("./75", 0777) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 223.123330][ T5994] NILFS (loop3): invalid segment: Checksum error in segment payload [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 5996 ./strace-static-x86_64: Process 5996 attached [ 223.165589][ T5994] NILFS (loop3): trying rollback from an earlier position [pid 5996] chdir("./75") = 0 [pid 5996] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5996] setpgid(0, 0) = 0 [pid 5996] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 223.217665][ T5994] NILFS (loop3): recovery complete [pid 5996] write(3, "1000", 4) = 4 [pid 5994] <... mount resumed>) = 0 [pid 5996] close(3) = 0 [pid 5996] symlink("/dev/binderfs", "./binderfs" [pid 5994] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5996] <... symlink resumed>) = 0 [pid 5996] memfd_create("syzkaller", 0 [pid 5994] <... openat resumed>) = 3 [pid 5996] <... memfd_create resumed>) = 3 [pid 5994] chdir("./file0" [pid 5996] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5994] <... chdir resumed>) = 0 [pid 5996] <... mmap resumed>) = 0x7fc0314e0000 [pid 5994] ioctl(4, LOOP_CLR_FD [pid 5996] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5994] <... ioctl resumed>) = 0 [pid 5994] close(4) = 0 [ 223.256886][ T5997] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5994] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5994] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5994] ftruncate(5, 33587195) = 0 [pid 5994] sendfile(4, 5, NULL, 281474978811909 [pid 5987] <... sendfile resumed>) = 1048576 [pid 5987] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5987] exit_group(0) = ? [pid 5987] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5987, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=25 /* 0.25 s */} --- [pid 5069] umount2("./76", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./76", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./76/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./76/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./76/binderfs") = 0 [pid 5069] umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5996] <... write resumed>) = 2097152 [pid 5996] munmap(0x7fc0314e0000, 2097152) = 0 [pid 5996] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5996] ioctl(4, LOOP_SET_FD, 3 [pid 5989] <... sendfile resumed>) = 1048576 [pid 5989] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5989] exit_group(0) = ? [pid 5989] +++ exited with 0 +++ [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5989, si_uid=0, si_status=0, si_utime=0, si_stime=29 /* 0.29 s */} --- [pid 5064] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5064] umount2("./75", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5988] <... sendfile resumed>) = 1048576 [pid 5064] openat(AT_FDCWD, "./75", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5996] <... ioctl resumed>) = 0 [pid 5988] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5064] <... openat resumed>) = 3 [pid 5996] close(3 [pid 5988] <... open resumed>) = -1 EFAULT (Bad address) [pid 5064] fstat(3, [pid 5996] <... close resumed>) = 0 [pid 5988] exit_group(0 [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5996] mkdir("./file0", 0777 [pid 5988] <... exit_group resumed>) = ? [pid 5064] getdents64(3, [pid 5996] <... mkdir resumed>) = 0 [pid 5996] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5988] +++ exited with 0 +++ [ 223.466866][ T5996] loop1: detected capacity change from 0 to 4096 [pid 5064] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] umount2("./75/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5988, si_uid=0, si_status=0, si_utime=0, si_stime=18 /* 0.18 s */} --- [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] restart_syscall(<... resuming interrupted clone ...> [pid 5064] lstat("./75/binderfs", [pid 5066] <... restart_syscall resumed>) = 0 [pid 5064] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] unlink("./75/binderfs" [pid 5066] umount2("./75", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] <... unlink resumed>) = 0 [pid 5066] openat(AT_FDCWD, "./75", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... openat resumed>) = 3 [pid 5066] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] umount2("./75/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./75/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] unlink("./75/binderfs") = 0 [pid 5066] umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... umount2 resumed>) = 0 [pid 5069] umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./76/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 223.569391][ T5996] NILFS (loop1): invalid segment: Checksum error in segment payload [ 223.592111][ T5996] NILFS (loop1): trying rollback from an earlier position [pid 5069] openat(AT_FDCWD, "./76/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 5069] rmdir("./76/file0") = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./76") = 0 [pid 5069] mkdir("./77", 0777) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5069] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 5998 ./strace-static-x86_64: Process 5998 attached [pid 5998] chdir("./77" [ 223.689382][ T5996] NILFS (loop1): recovery complete [pid 5996] <... mount resumed>) = 0 [pid 5996] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5998] <... chdir resumed>) = 0 [pid 5996] <... openat resumed>) = 3 [pid 5996] chdir("./file0") = 0 [pid 5996] ioctl(4, LOOP_CLR_FD [pid 5998] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5998] setpgid(0, 0) = 0 [pid 5996] <... ioctl resumed>) = 0 [pid 5998] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5996] close(4 [pid 5998] <... openat resumed>) = 3 [pid 5996] <... close resumed>) = 0 [pid 5998] write(3, "1000", 4 [pid 5996] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5998] <... write resumed>) = 4 [pid 5998] close(3 [pid 5996] <... open resumed>) = 4 [pid 5998] <... close resumed>) = 0 [pid 5996] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5998] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5996] <... open resumed>) = 5 [pid 5064] <... umount2 resumed>) = 0 [pid 5998] memfd_create("syzkaller", 0) = 3 [pid 5996] ftruncate(5, 33587195 [pid 5998] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5996] <... ftruncate resumed>) = 0 [ 223.758874][ T5999] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5066] <... umount2 resumed>) = 0 [pid 5064] umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5992] <... sendfile resumed>) = 1048576 [pid 5996] sendfile(4, 5, NULL, 281474978811909 [pid 5992] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5066] umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5998] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5992] <... open resumed>) = -1 EFAULT (Bad address) [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./75/file0", [pid 5992] exit_group(0 [pid 5066] lstat("./75/file0", [pid 5992] <... exit_group resumed>) = ? [pid 5066] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5992] +++ exited with 0 +++ [pid 5066] umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5992, si_uid=0, si_status=0, si_utime=0, si_stime=24 /* 0.24 s */} --- [pid 5066] openat(AT_FDCWD, "./75/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] openat(AT_FDCWD, "./75/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5066] <... openat resumed>) = 4 [pid 5064] <... openat resumed>) = 4 [pid 5066] fstat(4, [pid 5064] fstat(4, [pid 5998] <... write resumed>) = 2097152 [pid 5998] munmap(0x7fc0314e0000, 2097152 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5998] <... munmap resumed>) = 0 [pid 5068] umount2("./76", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] getdents64(4, [pid 5064] getdents64(4, [pid 5998] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5998] <... openat resumed>) = 4 [pid 5068] openat(AT_FDCWD, "./76", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] getdents64(4, [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5998] ioctl(4, LOOP_SET_FD, 3 [pid 5068] <... openat resumed>) = 3 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] getdents64(4, [pid 5068] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] umount2("./76/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./76/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] unlink("./76/binderfs" [pid 5066] close(4 [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] <... unlink resumed>) = 0 [pid 5066] <... close resumed>) = 0 [pid 5064] close(4 [pid 5068] umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] rmdir("./75/file0" [pid 5064] <... close resumed>) = 0 [pid 5066] <... rmdir resumed>) = 0 [pid 5064] rmdir("./75/file0" [pid 5998] <... ioctl resumed>) = 0 [pid 5998] close(3 [pid 5066] getdents64(3, [pid 5064] <... rmdir resumed>) = 0 [pid 5998] <... close resumed>) = 0 [pid 5066] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] getdents64(3, [pid 5998] mkdir("./file0", 0777 [pid 5066] close(3 [pid 5998] <... mkdir resumed>) = 0 [pid 5064] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] <... close resumed>) = 0 [pid 5998] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5064] close(3 [pid 5066] rmdir("./75" [pid 5064] <... close resumed>) = 0 [pid 5066] <... rmdir resumed>) = 0 [pid 5064] rmdir("./75") = 0 [pid 5066] mkdir("./76", 0777 [pid 5064] mkdir("./76", 0777 [pid 5066] <... mkdir resumed>) = 0 [pid 5064] <... mkdir resumed>) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5064] <... openat resumed>) = 3 [pid 5066] close(3 [ 223.883170][ T5998] loop5: detected capacity change from 0 to 4096 [pid 5064] ioctl(3, LOOP_CLR_FD [pid 5066] <... close resumed>) = 0 [pid 5064] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5064] close(3) = 0 [pid 5066] <... clone resumed>, child_tidptr=0x555556c965d0) = 6000 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6001 ./strace-static-x86_64: Process 6000 attached [pid 6000] chdir("./76"./strace-static-x86_64: Process 6001 attached ) = 0 [pid 6000] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6001] chdir("./76" [pid 6000] setpgid(0, 0) = 0 [pid 6000] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6001] <... chdir resumed>) = 0 [pid 6000] <... openat resumed>) = 3 [pid 6001] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6000] write(3, "1000", 4 [pid 6001] <... prctl resumed>) = 0 [pid 6000] <... write resumed>) = 4 [pid 6001] setpgid(0, 0 [pid 6000] close(3 [pid 6001] <... setpgid resumed>) = 0 [pid 6000] <... close resumed>) = 0 [pid 6001] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6000] symlink("/dev/binderfs", "./binderfs" [pid 6001] <... openat resumed>) = 3 [pid 6000] <... symlink resumed>) = 0 [pid 6001] write(3, "1000", 4 [pid 6000] memfd_create("syzkaller", 0 [pid 6001] <... write resumed>) = 4 [pid 6000] <... memfd_create resumed>) = 3 [pid 6001] close(3 [pid 6000] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6001] <... close resumed>) = 0 [pid 6000] <... mmap resumed>) = 0x7fc0314e0000 [pid 6001] symlink("/dev/binderfs", "./binderfs" [pid 6000] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6001] <... symlink resumed>) = 0 [ 223.978280][ T5998] NILFS (loop5): invalid segment: Checksum error in segment payload [ 224.015864][ T5998] NILFS (loop5): trying rollback from an earlier position [pid 6001] memfd_create("syzkaller", 0) = 3 [pid 6001] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5068] <... umount2 resumed>) = 0 [pid 5068] umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./76/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6001] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./76/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5068] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5068] rmdir("./76/file0") = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [ 224.107546][ T5998] NILFS (loop5): recovery complete [pid 5068] close(3 [pid 5998] <... mount resumed>) = 0 [pid 5068] <... close resumed>) = 0 [pid 5998] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5068] rmdir("./76" [pid 5998] <... openat resumed>) = 3 [pid 5068] <... rmdir resumed>) = 0 [pid 6001] <... write resumed>) = 2097152 [pid 5998] chdir("./file0" [pid 5068] mkdir("./77", 0777 [pid 5998] <... chdir resumed>) = 0 [pid 5068] <... mkdir resumed>) = 0 [pid 5998] ioctl(4, LOOP_CLR_FD [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5998] <... ioctl resumed>) = 0 [pid 5068] <... openat resumed>) = 3 [pid 6001] munmap(0x7fc0314e0000, 2097152 [pid 5998] close(4 [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5998] <... close resumed>) = 0 [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5068] close(3) = 0 [pid 6001] <... munmap resumed>) = 0 [pid 5998] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6001] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5998] <... open resumed>) = 4 [pid 6001] <... openat resumed>) = 4 [pid 5998] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 6003 [pid 6001] ioctl(4, LOOP_SET_FD, 3 [pid 5998] <... open resumed>) = 5 [pid 6000] <... write resumed>) = 2097152 [pid 5998] ftruncate(5, 33587195 [pid 6000] munmap(0x7fc0314e0000, 2097152) = 0 [pid 5998] <... ftruncate resumed>) = 0 [pid 5998] sendfile(4, 5, NULL, 281474978811909./strace-static-x86_64: Process 6003 attached [ 224.150272][ T6002] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6000] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6000] ioctl(4, LOOP_SET_FD, 3 [pid 6003] chdir("./77" [pid 6001] <... ioctl resumed>) = 0 [pid 6003] <... chdir resumed>) = 0 [pid 6001] close(3 [pid 6003] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6001] <... close resumed>) = 0 [pid 6003] <... prctl resumed>) = 0 [pid 6001] mkdir("./file0", 0777 [pid 6003] setpgid(0, 0) = 0 [pid 6001] <... mkdir resumed>) = 0 [pid 6003] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6001] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6003] <... openat resumed>) = 3 [pid 6003] write(3, "1000", 4 [pid 6000] <... ioctl resumed>) = 0 [pid 6000] close(3) = 0 [pid 6000] mkdir("./file0", 0777) = 0 [pid 6000] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6003] <... write resumed>) = 4 [ 224.206211][ T6001] loop0: detected capacity change from 0 to 4096 [ 224.233264][ T6000] loop2: detected capacity change from 0 to 4096 [pid 6003] close(3) = 0 [pid 6003] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6003] memfd_create("syzkaller", 0) = 3 [pid 6003] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 224.274583][ T6001] NILFS (loop0): invalid segment: Checksum error in segment payload [ 224.325021][ T6000] NILFS (loop2): invalid segment: Checksum error in segment payload [ 224.340063][ T6001] NILFS (loop0): trying rollback from an earlier position [ 224.353238][ T6000] NILFS (loop2): trying rollback from an earlier position [pid 6003] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152 [pid 6003] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6003] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6003] ioctl(4, LOOP_SET_FD, 3 [pid 6001] <... mount resumed>) = 0 [pid 5994] <... sendfile resumed>) = 1048576 [ 224.428365][ T6000] NILFS (loop2): recovery complete [ 224.430049][ T6001] NILFS (loop0): recovery complete [pid 5994] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5994] exit_group(0) = ? [pid 5994] +++ exited with 0 +++ [pid 6001] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5994, si_uid=0, si_status=0, si_utime=0, si_stime=30 /* 0.30 s */} --- [pid 6001] <... openat resumed>) = 3 [pid 6000] <... mount resumed>) = 0 [pid 5067] restart_syscall(<... resuming interrupted clone ...> [pid 6001] chdir("./file0" [pid 6000] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5067] <... restart_syscall resumed>) = 0 [pid 6001] <... chdir resumed>) = 0 [pid 6000] <... openat resumed>) = 3 [pid 6001] ioctl(4, LOOP_CLR_FD [pid 6000] chdir("./file0" [pid 6001] <... ioctl resumed>) = 0 [pid 6000] <... chdir resumed>) = 0 [pid 5067] umount2("./76", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6001] close(4 [pid 6000] ioctl(4, LOOP_CLR_FD [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6001] <... close resumed>) = 0 [pid 6000] <... ioctl resumed>) = 0 [pid 5067] openat(AT_FDCWD, "./76", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6001] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6000] close(4 [pid 5067] <... openat resumed>) = 3 [pid 6001] <... open resumed>) = 4 [pid 6000] <... close resumed>) = 0 [pid 5067] fstat(3, [pid 6001] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6000] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6001] <... open resumed>) = 5 [pid 6000] <... open resumed>) = 4 [pid 5067] getdents64(3, [pid 6001] ftruncate(5, 33587195 [pid 6000] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6001] <... ftruncate resumed>) = 0 [pid 6000] <... open resumed>) = 5 [pid 5067] umount2("./76/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6001] sendfile(4, 5, NULL, 281474978811909 [pid 6000] ftruncate(5, 33587195 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6000] <... ftruncate resumed>) = 0 [pid 5067] lstat("./76/binderfs", [pid 6000] sendfile(4, 5, NULL, 281474978811909 [pid 5067] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./76/binderfs") = 0 [ 224.479565][ T6004] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 224.483915][ T6005] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 224.490607][ T6003] loop4: detected capacity change from 0 to 4096 [pid 5067] umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6003] <... ioctl resumed>) = 0 [pid 6003] close(3) = 0 [pid 6003] mkdir("./file0", 0777) = 0 [ 224.645223][ T6003] NILFS (loop4): invalid segment: Checksum error in segment payload [ 224.680861][ T6003] NILFS (loop4): trying rollback from an earlier position [pid 6003] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5996] <... sendfile resumed>) = 1048576 [pid 5996] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5996] exit_group(0) = ? [pid 5067] <... umount2 resumed>) = 0 [pid 5067] umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5996] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5996, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] umount2("./75", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] lstat("./76/file0", [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] openat(AT_FDCWD, "./75", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5067] umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... openat resumed>) = 3 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] fstat(3, [pid 5067] openat(AT_FDCWD, "./76/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] <... openat resumed>) = 4 [pid 5065] getdents64(3, [pid 5067] fstat(4, [pid 5065] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 224.797564][ T6003] NILFS (loop4): recovery complete [pid 5065] umount2("./75/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] getdents64(4, [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6003] <... mount resumed>) = 0 [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] lstat("./75/binderfs", [pid 6003] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5067] getdents64(4, [pid 5065] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6003] <... openat resumed>) = 3 [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] unlink("./75/binderfs" [pid 6003] chdir("./file0" [pid 5067] close(4 [pid 5065] <... unlink resumed>) = 0 [pid 6003] <... chdir resumed>) = 0 [pid 5067] <... close resumed>) = 0 [pid 5065] umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6003] ioctl(4, LOOP_CLR_FD [pid 5067] rmdir("./76/file0" [pid 6003] <... ioctl resumed>) = 0 [pid 5067] <... rmdir resumed>) = 0 [pid 6003] close(4 [pid 5067] getdents64(3, [pid 6003] <... close resumed>) = 0 [pid 5067] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6003] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] close(3) = 0 [pid 5067] rmdir("./76") = 0 [pid 5067] mkdir("./77", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6003] <... open resumed>) = 4 [pid 5067] <... openat resumed>) = 3 [pid 6003] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] ioctl(3, LOOP_CLR_FD [pid 6003] <... open resumed>) = 5 [pid 5067] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6003] ftruncate(5, 33587195 [pid 5067] close(3 [pid 6003] <... ftruncate resumed>) = 0 [ 224.856436][ T6006] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5067] <... close resumed>) = 0 [pid 6003] sendfile(4, 5, NULL, 281474978811909 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6007 ./strace-static-x86_64: Process 6007 attached [pid 6007] chdir("./77") = 0 [pid 6007] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6007] setpgid(0, 0) = 0 [pid 6007] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6007] write(3, "1000", 4) = 4 [pid 6007] close(3) = 0 [pid 6007] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6007] memfd_create("syzkaller", 0) = 3 [pid 6007] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5065] <... umount2 resumed>) = 0 [pid 6007] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5065] umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./75/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./75/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [pid 5065] rmdir("./75/file0") = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 5065] rmdir("./75") = 0 [pid 5065] mkdir("./76", 0777) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5065] close(3 [pid 6007] <... write resumed>) = 2097152 [pid 5065] <... close resumed>) = 0 [pid 6007] munmap(0x7fc0314e0000, 2097152 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6007] <... munmap resumed>) = 0 [pid 6007] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5065] <... clone resumed>, child_tidptr=0x555556c965d0) = 6008 [pid 6007] <... openat resumed>) = 4 ./strace-static-x86_64: Process 6008 attached [pid 6008] chdir("./76") = 0 [pid 6008] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6008] setpgid(0, 0) = 0 [pid 6008] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6007] ioctl(4, LOOP_SET_FD, 3 [pid 6008] <... openat resumed>) = 3 [pid 6008] write(3, "1000", 4) = 4 [pid 6008] close(3) = 0 [pid 6008] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6007] <... ioctl resumed>) = 0 [pid 6008] memfd_create("syzkaller", 0 [pid 6007] close(3 [pid 6008] <... memfd_create resumed>) = 3 [pid 6007] <... close resumed>) = 0 [pid 6008] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6007] mkdir("./file0", 0777) = 0 [pid 6007] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5998] <... sendfile resumed>) = 1048576 [ 225.228376][ T6007] loop3: detected capacity change from 0 to 4096 [pid 5998] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5998] exit_group(0) = ? [pid 5998] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5998, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5069] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5069] umount2("./77", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./77", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] fstat(3, [pid 6008] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./77/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./77/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./77/binderfs") = 0 [ 225.325120][ T6007] NILFS (loop3): invalid segment: Checksum error in segment payload [ 225.355472][ T6007] NILFS (loop3): trying rollback from an earlier position [pid 5069] umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6008] <... write resumed>) = 2097152 [pid 6008] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6008] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6008] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6008] close(3) = 0 [pid 6008] mkdir("./file0", 0777) = 0 [ 225.446838][ T6008] loop1: detected capacity change from 0 to 4096 [ 225.460449][ T6007] NILFS (loop3): recovery complete [pid 6008] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6007] <... mount resumed>) = 0 [pid 6007] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6007] chdir("./file0") = 0 [pid 6007] ioctl(4, LOOP_CLR_FD [pid 6001] <... sendfile resumed>) = 1048576 [pid 6007] <... ioctl resumed>) = 0 [pid 6001] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6007] close(4 [pid 6001] <... open resumed>) = -1 EFAULT (Bad address) [pid 6007] <... close resumed>) = 0 [pid 6001] exit_group(0 [ 225.496941][ T6009] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6007] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6001] <... exit_group resumed>) = ? [pid 6000] <... sendfile resumed>) = 1048576 [pid 6007] <... open resumed>) = 4 [pid 6001] +++ exited with 0 +++ [pid 6000] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6007] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6000] <... open resumed>) = -1 EFAULT (Bad address) [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6001, si_uid=0, si_status=0, si_utime=0, si_stime=24 /* 0.24 s */} --- [pid 6007] <... open resumed>) = 5 [pid 6000] exit_group(0 [pid 5064] restart_syscall(<... resuming interrupted clone ...> [pid 6007] ftruncate(5, 33587195 [pid 6000] <... exit_group resumed>) = ? [pid 5064] <... restart_syscall resumed>) = 0 [pid 6007] <... ftruncate resumed>) = 0 [pid 6007] sendfile(4, 5, NULL, 281474978811909 [pid 6000] +++ exited with 0 +++ [pid 5064] umount2("./76", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./76", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6000, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5064] fstat(3, [pid 5066] umount2("./76", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] getdents64(3, [pid 5066] openat(AT_FDCWD, "./76", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] <... openat resumed>) = 3 [pid 5064] umount2("./76/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] fstat(3, [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] lstat("./76/binderfs", [pid 5066] getdents64(3, [pid 5064] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] unlink("./76/binderfs" [pid 5069] <... umount2 resumed>) = 0 [pid 5066] umount2("./76/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... unlink resumed>) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 225.558309][ T6008] NILFS (loop1): invalid segment: Checksum error in segment payload [pid 5064] umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] lstat("./76/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] unlink("./76/binderfs" [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... unlink resumed>) = 0 [pid 5069] lstat("./77/file0", [pid 5066] umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./77/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 5069] rmdir("./77/file0") = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./77") = 0 [pid 5069] mkdir("./78", 0777) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5069] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6010 ./strace-static-x86_64: Process 6010 attached [pid 6010] chdir("./78") = 0 [ 225.606065][ T6008] NILFS (loop1): trying rollback from an earlier position [pid 6010] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6010] setpgid(0, 0) = 0 [pid 6010] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6010] write(3, "1000", 4) = 4 [pid 6010] close(3) = 0 [pid 6010] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6010] memfd_create("syzkaller", 0) = 3 [pid 6010] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 225.677392][ T6008] NILFS (loop1): recovery complete [pid 6008] <... mount resumed>) = 0 [pid 6008] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6008] chdir("./file0") = 0 [pid 6008] ioctl(4, LOOP_CLR_FD) = 0 [pid 6008] close(4) = 0 [pid 6008] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6008] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6008] ftruncate(5, 33587195) = 0 [pid 6008] sendfile(4, 5, NULL, 281474978811909 [ 225.735906][ T6011] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6010] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5064] <... umount2 resumed>) = 0 [pid 6010] <... write resumed>) = 2097152 [pid 6003] <... sendfile resumed>) = 1048576 [pid 5064] umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6010] munmap(0x7fc0314e0000, 2097152 [pid 6003] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6010] <... munmap resumed>) = 0 [pid 6003] <... open resumed>) = -1 EFAULT (Bad address) [pid 5066] <... umount2 resumed>) = 0 [pid 5064] lstat("./76/file0", [pid 6010] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 6003] exit_group(0 [pid 5066] umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6010] <... openat resumed>) = 4 [pid 6003] <... exit_group resumed>) = ? [pid 5064] umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6010] ioctl(4, LOOP_SET_FD, 3 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6003] +++ exited with 0 +++ [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6003, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 5066] lstat("./76/file0", [pid 5064] openat(AT_FDCWD, "./76/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] <... openat resumed>) = 4 [pid 5066] umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] fstat(4, [pid 6010] <... ioctl resumed>) = 0 [pid 5068] umount2("./77", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6010] close(3 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./76/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] getdents64(4, [pid 6010] <... close resumed>) = 0 [pid 5068] openat(AT_FDCWD, "./77", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] <... openat resumed>) = 4 [pid 6010] mkdir("./file0", 0777 [pid 5068] <... openat resumed>) = 3 [pid 5066] fstat(4, [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6010] <... mkdir resumed>) = 0 [pid 5068] fstat(3, [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(4, [pid 6010] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(4, [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] getdents64(3, [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] close(4 [pid 5066] getdents64(4, [pid 5064] <... close resumed>) = 0 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] rmdir("./76/file0" [pid 5066] close(4 [pid 5064] <... rmdir resumed>) = 0 [pid 5066] <... close resumed>) = 0 [pid 5064] getdents64(3, [pid 5066] rmdir("./76/file0" [pid 5064] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] <... rmdir resumed>) = 0 [pid 5064] close(3 [pid 5066] getdents64(3, [pid 5064] <... close resumed>) = 0 [pid 5066] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] rmdir("./76" [pid 5066] close(3 [pid 5064] <... rmdir resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] <... close resumed>) = 0 [pid 5064] mkdir("./77", 0777 [pid 5068] umount2("./77/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] rmdir("./76" [pid 5064] <... mkdir resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... rmdir resumed>) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5068] lstat("./77/binderfs", [pid 5066] mkdir("./77", 0777 [pid 5064] <... openat resumed>) = 3 [pid 5068] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] <... mkdir resumed>) = 0 [pid 5064] ioctl(3, LOOP_CLR_FD [pid 5068] unlink("./77/binderfs" [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5064] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5066] <... openat resumed>) = 3 [pid 5064] close(3 [pid 5068] <... unlink resumed>) = 0 [ 225.903186][ T6010] loop5: detected capacity change from 0 to 4096 [pid 5066] ioctl(3, LOOP_CLR_FD [pid 5064] <... close resumed>) = 0 [pid 5068] umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5066] close(3) = 0 [pid 5064] <... clone resumed>, child_tidptr=0x555556c965d0) = 6012 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6013 ./strace-static-x86_64: Process 6013 attached ./strace-static-x86_64: Process 6012 attached [pid 6013] chdir("./77" [pid 6012] chdir("./77" [pid 6013] <... chdir resumed>) = 0 [pid 6012] <... chdir resumed>) = 0 [pid 6012] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6013] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6012] setpgid(0, 0) = 0 [pid 6013] <... prctl resumed>) = 0 [pid 6012] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6013] setpgid(0, 0 [pid 6012] <... openat resumed>) = 3 [pid 6013] <... setpgid resumed>) = 0 [pid 6012] write(3, "1000", 4) = 4 [pid 6012] close(3 [pid 6013] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6012] <... close resumed>) = 0 [pid 6013] <... openat resumed>) = 3 [pid 6012] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6012] memfd_create("syzkaller", 0) = 3 [pid 6012] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6013] write(3, "1000", 4 [pid 6012] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6013] <... write resumed>) = 4 [pid 6013] close(3) = 0 [pid 6013] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6013] memfd_create("syzkaller", 0) = 3 [pid 6013] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 225.950924][ T6010] NILFS (loop5): invalid segment: Checksum error in segment payload [ 225.970691][ T6010] NILFS (loop5): trying rollback from an earlier position [ 226.054708][ T6010] NILFS (loop5): recovery complete [pid 6013] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6010] <... mount resumed>) = 0 [pid 6010] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6010] chdir("./file0") = 0 [pid 6010] ioctl(4, LOOP_CLR_FD) = 0 [pid 6010] close(4) = 0 [pid 6010] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6010] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6010] ftruncate(5, 33587195 [pid 6013] <... write resumed>) = 2097152 [pid 6010] <... ftruncate resumed>) = 0 [pid 5068] <... umount2 resumed>) = 0 [pid 6013] munmap(0x7fc0314e0000, 2097152 [pid 6010] sendfile(4, 5, NULL, 281474978811909 [pid 6013] <... munmap resumed>) = 0 [pid 6013] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6012] <... write resumed>) = 2097152 [pid 5068] umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6013] <... openat resumed>) = 4 [pid 6012] munmap(0x7fc0314e0000, 2097152 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 226.102783][ T6014] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6013] ioctl(4, LOOP_SET_FD, 3 [pid 6012] <... munmap resumed>) = 0 [pid 5068] lstat("./77/file0", [pid 6013] <... ioctl resumed>) = 0 [pid 6012] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5068] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6012] <... openat resumed>) = 4 [pid 5068] umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6012] ioctl(4, LOOP_SET_FD, 3 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6013] close(3 [pid 5068] openat(AT_FDCWD, "./77/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6013] <... close resumed>) = 0 [pid 5068] <... openat resumed>) = 4 [pid 5068] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(4, [pid 6013] mkdir("./file0", 0777 [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5068] rmdir("./77/file0") = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6013] <... mkdir resumed>) = 0 [pid 6012] <... ioctl resumed>) = 0 [pid 6013] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6012] close(3 [pid 5068] close(3 [pid 6012] <... close resumed>) = 0 [pid 5068] <... close resumed>) = 0 [ 226.178358][ T6013] loop2: detected capacity change from 0 to 4096 [ 226.190042][ T6012] loop0: detected capacity change from 0 to 4096 [pid 6012] mkdir("./file0", 0777 [pid 5068] rmdir("./77" [pid 6012] <... mkdir resumed>) = 0 [pid 5068] <... rmdir resumed>) = 0 [pid 6012] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] mkdir("./78", 0777) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [ 226.243814][ T6013] NILFS (loop2): invalid segment: Checksum error in segment payload [ 226.254730][ T6013] NILFS (loop2): trying rollback from an earlier position [ 226.280918][ T6012] NILFS (loop0): invalid segment: Checksum error in segment payload [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5068] close(3) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6016 [ 226.300945][ T6012] NILFS (loop0): trying rollback from an earlier position [ 226.316494][ T6013] NILFS (loop2): recovery complete ./strace-static-x86_64: Process 6016 attached [pid 6016] chdir("./78") = 0 [pid 6016] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6013] <... mount resumed>) = 0 [pid 6016] <... prctl resumed>) = 0 [pid 6013] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6016] setpgid(0, 0) = 0 [pid 6013] <... openat resumed>) = 3 [pid 6016] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6013] chdir("./file0" [pid 6016] <... openat resumed>) = 3 [pid 6016] write(3, "1000", 4 [pid 6013] <... chdir resumed>) = 0 [pid 6016] <... write resumed>) = 4 [pid 6016] close(3) = 0 [pid 6016] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6013] ioctl(4, LOOP_CLR_FD) = 0 [pid 6013] close(4) = 0 [pid 6013] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6016] memfd_create("syzkaller", 0 [pid 6013] <... open resumed>) = 4 [pid 6013] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6013] ftruncate(5, 33587195) = 0 [pid 6013] sendfile(4, 5, NULL, 281474978811909 [pid 6012] <... mount resumed>) = 0 [pid 6016] <... memfd_create resumed>) = 3 [pid 6012] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6012] chdir("./file0" [pid 6016] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6012] <... chdir resumed>) = 0 [pid 6012] ioctl(4, LOOP_CLR_FD) = 0 [pid 6016] <... mmap resumed>) = 0x7fc0314e0000 [pid 6012] close(4) = 0 [ 226.346823][ T6015] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 226.378356][ T6012] NILFS (loop0): recovery complete [pid 6012] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6012] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6012] ftruncate(5, 33587195) = 0 [ 226.412832][ T6017] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6012] sendfile(4, 5, NULL, 281474978811909 [pid 6016] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152 [pid 6016] munmap(0x7fc0314e0000, 2097152 [pid 6007] <... sendfile resumed>) = 1048576 [pid 6016] <... munmap resumed>) = 0 [pid 6007] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6016] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6007] <... open resumed>) = -1 EFAULT (Bad address) [pid 6016] <... openat resumed>) = 4 [pid 6007] exit_group(0 [pid 6016] ioctl(4, LOOP_SET_FD, 3 [pid 6007] <... exit_group resumed>) = ? [pid 6007] +++ exited with 0 +++ [pid 6016] <... ioctl resumed>) = 0 [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6007, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=29 /* 0.29 s */} --- [pid 6016] close(3) = 0 [pid 6016] mkdir("./file0", 0777) = 0 [pid 5067] umount2("./77", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6016] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./77", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./77/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 226.698401][ T6016] loop4: detected capacity change from 0 to 4096 [pid 5067] lstat("./77/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./77/binderfs") = 0 [pid 5067] umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6008] <... sendfile resumed>) = 1048576 [pid 6008] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6008] exit_group(0) = ? [pid 6008] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6008, si_uid=0, si_status=0, si_utime=0, si_stime=24 /* 0.24 s */} --- [pid 5065] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5065] umount2("./76", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 226.752957][ T6016] NILFS (loop4): invalid segment: Checksum error in segment payload [ 226.789254][ T6016] NILFS (loop4): trying rollback from an earlier position [pid 5065] openat(AT_FDCWD, "./76", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./76/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./76/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] unlink("./76/binderfs") = 0 [ 226.836858][ T6016] NILFS (loop4): recovery complete [pid 5065] umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6016] <... mount resumed>) = 0 [pid 6016] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6016] chdir("./file0") = 0 [pid 6016] ioctl(4, LOOP_CLR_FD) = 0 [pid 6016] close(4) = 0 [pid 6016] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [ 226.888884][ T6018] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6016] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6016] ftruncate(5, 33587195) = 0 [pid 6016] sendfile(4, 5, NULL, 281474978811909 [pid 5067] <... umount2 resumed>) = 0 [pid 5067] umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./77/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./77/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./77/file0") = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./77") = 0 [pid 5067] mkdir("./78", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6019 [pid 5065] <... umount2 resumed>) = 0 [pid 5065] umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./76/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 ./strace-static-x86_64: Process 6019 attached [pid 5065] umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6019] chdir("./78" [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6019] <... chdir resumed>) = 0 [pid 5065] openat(AT_FDCWD, "./76/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6019] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5065] <... openat resumed>) = 4 [pid 6019] <... prctl resumed>) = 0 [pid 5065] fstat(4, [pid 6019] setpgid(0, 0 [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6019] <... setpgid resumed>) = 0 [pid 5065] getdents64(4, [pid 6019] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6019] <... openat resumed>) = 3 [pid 5065] getdents64(4, [pid 6019] write(3, "1000", 4 [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6019] <... write resumed>) = 4 [pid 5065] close(4 [pid 6019] close(3 [pid 5065] <... close resumed>) = 0 [pid 6019] <... close resumed>) = 0 [pid 5065] rmdir("./76/file0" [pid 6019] symlink("/dev/binderfs", "./binderfs" [pid 5065] <... rmdir resumed>) = 0 [pid 6019] <... symlink resumed>) = 0 [pid 5065] getdents64(3, [pid 6019] memfd_create("syzkaller", 0 [pid 5065] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6019] <... memfd_create resumed>) = 3 [pid 5065] close(3 [pid 6019] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5065] <... close resumed>) = 0 [pid 6019] <... mmap resumed>) = 0x7fc0314e0000 [pid 5065] rmdir("./76") = 0 [pid 5065] mkdir("./77", 0777) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6020 ./strace-static-x86_64: Process 6020 attached [pid 6020] chdir("./77") = 0 [pid 6020] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6020] setpgid(0, 0) = 0 [pid 6020] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6020] write(3, "1000", 4 [pid 6019] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6020] <... write resumed>) = 4 [pid 6020] close(3) = 0 [pid 6020] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6020] memfd_create("syzkaller", 0) = 3 [pid 6020] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6020] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6019] <... write resumed>) = 2097152 [pid 6010] <... sendfile resumed>) = 1048576 [pid 6010] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6010] exit_group(0) = ? [pid 6019] munmap(0x7fc0314e0000, 2097152 [pid 6010] +++ exited with 0 +++ [pid 6019] <... munmap resumed>) = 0 [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6010, si_uid=0, si_status=0, si_utime=0, si_stime=31 /* 0.31 s */} --- [pid 6019] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6019] ioctl(4, LOOP_SET_FD, 3 [pid 5069] umount2("./78", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6019] <... ioctl resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./78", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./78/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./78/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./78/binderfs" [pid 6020] <... write resumed>) = 2097152 [pid 5069] <... unlink resumed>) = 0 [pid 5069] umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6019] close(3) = 0 [pid 6019] mkdir("./file0", 0777) = 0 [pid 6019] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6020] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6020] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [ 227.348289][ T6019] loop3: detected capacity change from 0 to 4096 [pid 6020] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6020] close(3) = 0 [pid 6020] mkdir("./file0", 0777) = 0 [ 227.426429][ T6020] loop1: detected capacity change from 0 to 4096 [ 227.433829][ T6019] NILFS (loop3): invalid segment: Checksum error in segment payload [pid 6020] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6012] <... sendfile resumed>) = 1048576 [pid 6012] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6013] <... sendfile resumed>) = 1048576 [pid 6012] exit_group(0 [pid 6013] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6012] <... exit_group resumed>) = ? [pid 6013] <... open resumed>) = -1 EFAULT (Bad address) [pid 6013] exit_group(0 [pid 6012] +++ exited with 0 +++ [pid 6013] <... exit_group resumed>) = ? [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6012, si_uid=0, si_status=0, si_utime=0, si_stime=29 /* 0.29 s */} --- [ 227.480006][ T6019] NILFS (loop3): trying rollback from an earlier position [ 227.493834][ T6020] NILFS (loop1): invalid segment: Checksum error in segment payload [pid 6013] +++ exited with 0 +++ [pid 5064] umount2("./77", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6013, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} --- [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... umount2 resumed>) = 0 [pid 5066] restart_syscall(<... resuming interrupted clone ...> [pid 5064] openat(AT_FDCWD, "./77", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] <... restart_syscall resumed>) = 0 [pid 5064] <... openat resumed>) = 3 [pid 5064] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] umount2("./77", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] getdents64(3, [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] openat(AT_FDCWD, "./77", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] umount2("./77/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... openat resumed>) = 3 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] fstat(3, [pid 5064] lstat("./77/binderfs", [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] getdents64(3, [pid 5064] unlink("./77/binderfs" [pid 5066] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] <... unlink resumed>) = 0 [pid 5066] umount2("./77/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./77/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] unlink("./77/binderfs") = 0 [pid 5066] umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6019] <... mount resumed>) = 0 [pid 6019] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6019] chdir("./file0") = 0 [pid 5069] umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6019] ioctl(4, LOOP_CLR_FD [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6019] <... ioctl resumed>) = 0 [pid 5069] lstat("./78/file0", [pid 6019] close(4 [pid 5069] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6019] <... close resumed>) = 0 [pid 5069] umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6019] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./78/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6019] <... open resumed>) = 4 [pid 6019] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] <... openat resumed>) = 4 [pid 6019] <... open resumed>) = 5 [pid 5069] fstat(4, [ 227.566473][ T6019] NILFS (loop3): recovery complete [ 227.579816][ T6020] NILFS (loop1): trying rollback from an earlier position [ 227.596412][ T6021] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6019] ftruncate(5, 33587195 [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6019] <... ftruncate resumed>) = 0 [pid 5069] getdents64(4, [pid 6019] sendfile(4, 5, NULL, 281474978811909 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 5069] rmdir("./78/file0") = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./78") = 0 [pid 5069] mkdir("./79", 0777) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5069] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6022 ./strace-static-x86_64: Process 6022 attached [pid 6022] chdir("./79") = 0 [pid 6022] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6022] setpgid(0, 0) = 0 [pid 6022] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6022] write(3, "1000", 4) = 4 [pid 6022] close(3) = 0 [pid 6022] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6022] memfd_create("syzkaller", 0) = 3 [pid 6022] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 227.707217][ T6020] NILFS (loop1): recovery complete [pid 6020] <... mount resumed>) = 0 [pid 6020] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6020] chdir("./file0") = 0 [pid 6020] ioctl(4, LOOP_CLR_FD) = 0 [pid 6020] close(4) = 0 [pid 6020] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6020] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6020] ftruncate(5, 33587195) = 0 [pid 6020] sendfile(4, 5, NULL, 281474978811909 [pid 5064] <... umount2 resumed>) = 0 [pid 5066] <... umount2 resumed>) = 0 [pid 5066] umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW [ 227.766109][ T6023] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5064] umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./77/file0", [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] lstat("./77/file0", [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] openat(AT_FDCWD, "./77/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... openat resumed>) = 4 [pid 6022] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5066] fstat(4, [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] openat(AT_FDCWD, "./77/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] getdents64(4, [pid 5064] <... openat resumed>) = 4 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, [pid 5064] fstat(4, [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] close(4 [pid 5064] getdents64(4, [pid 5066] <... close resumed>) = 0 [pid 5066] rmdir("./77/file0" [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] <... rmdir resumed>) = 0 [pid 5064] getdents64(4, [pid 5066] getdents64(3, [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] close(3 [pid 5064] close(4 [pid 5066] <... close resumed>) = 0 [pid 5066] rmdir("./77" [pid 5064] <... close resumed>) = 0 [pid 5066] <... rmdir resumed>) = 0 [pid 5064] rmdir("./77/file0" [pid 5066] mkdir("./78", 0777 [pid 5064] <... rmdir resumed>) = 0 [pid 5066] <... mkdir resumed>) = 0 [pid 5064] getdents64(3, [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5064] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] close(3 [pid 5066] <... openat resumed>) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD [pid 5064] <... close resumed>) = 0 [pid 5066] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5064] rmdir("./77" [pid 5066] close(3 [pid 6022] <... write resumed>) = 2097152 [pid 6016] <... sendfile resumed>) = 1048576 [pid 5066] <... close resumed>) = 0 [pid 5064] <... rmdir resumed>) = 0 [pid 6022] munmap(0x7fc0314e0000, 2097152 [pid 6016] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5064] mkdir("./78", 0777./strace-static-x86_64: Process 6024 attached [pid 6022] <... munmap resumed>) = 0 [pid 6016] <... open resumed>) = -1 EFAULT (Bad address) [pid 6024] chdir("./78" [pid 5064] <... mkdir resumed>) = 0 [pid 6024] <... chdir resumed>) = 0 [pid 6024] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6016] exit_group(0 [pid 5066] <... clone resumed>, child_tidptr=0x555556c965d0) = 6024 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6024] <... prctl resumed>) = 0 [pid 6016] <... exit_group resumed>) = ? [pid 6024] setpgid(0, 0 [pid 5064] <... openat resumed>) = 3 [pid 6024] <... setpgid resumed>) = 0 [pid 6024] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6016] +++ exited with 0 +++ [pid 5064] ioctl(3, LOOP_CLR_FD [pid 6024] <... openat resumed>) = 3 [pid 6024] write(3, "1000", 4 [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6016, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 5064] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6024] <... write resumed>) = 4 [pid 6022] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5068] restart_syscall(<... resuming interrupted clone ...> [pid 5064] close(3 [pid 6024] close(3 [pid 5068] <... restart_syscall resumed>) = 0 [pid 6022] <... openat resumed>) = 4 [pid 5064] <... close resumed>) = 0 [pid 6022] ioctl(4, LOOP_SET_FD, 3 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6024] <... close resumed>) = 0 [pid 6024] symlink("/dev/binderfs", "./binderfs" [pid 5064] <... clone resumed>, child_tidptr=0x555556c965d0) = 6025 [pid 5068] umount2("./78", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./78", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6024] <... symlink resumed>) = 0 [pid 5068] umount2("./78/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6024] memfd_create("syzkaller", 0 [pid 6022] <... ioctl resumed>) = 0 [pid 5068] lstat("./78/binderfs", [pid 6024] <... memfd_create resumed>) = 3 [pid 6022] close(3 [pid 5068] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6024] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6022] <... close resumed>) = 0 [pid 5068] unlink("./78/binderfs" [pid 6022] mkdir("./file0", 0777 [pid 6024] <... mmap resumed>) = 0x7fc0314e0000 [pid 6022] <... mkdir resumed>) = 0 [pid 5068] <... unlink resumed>) = 0 [pid 6022] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6025 attached [pid 6024] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6025] chdir("./78") = 0 [ 227.982076][ T6022] loop5: detected capacity change from 0 to 4096 [pid 6025] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6025] setpgid(0, 0) = 0 [pid 6025] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6025] write(3, "1000", 4) = 4 [pid 6025] close(3) = 0 [pid 6025] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6025] memfd_create("syzkaller", 0) = 3 [pid 6025] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 228.056868][ T6022] NILFS (loop5): invalid segment: Checksum error in segment payload [ 228.081627][ T6022] NILFS (loop5): trying rollback from an earlier position [pid 6025] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6024] <... write resumed>) = 2097152 [pid 6024] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6024] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 228.146409][ T6022] NILFS (loop5): recovery complete [pid 6024] ioctl(4, LOOP_SET_FD, 3 [pid 6022] <... mount resumed>) = 0 [pid 6022] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6022] chdir("./file0") = 0 [pid 6024] <... ioctl resumed>) = 0 [pid 6022] ioctl(4, LOOP_CLR_FD [pid 5068] <... umount2 resumed>) = 0 [pid 6024] close(3 [pid 6022] <... ioctl resumed>) = 0 [pid 6024] <... close resumed>) = 0 [pid 6024] mkdir("./file0", 0777 [pid 6022] close(4 [pid 5068] umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6025] <... write resumed>) = 2097152 [pid 6022] <... close resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6024] <... mkdir resumed>) = 0 [pid 6022] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] lstat("./78/file0", [pid 6022] <... open resumed>) = 4 [pid 5068] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6025] munmap(0x7fc0314e0000, 2097152 [pid 6024] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6022] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6022] <... open resumed>) = 5 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6025] <... munmap resumed>) = 0 [pid 6022] ftruncate(5, 33587195 [pid 5068] openat(AT_FDCWD, "./78/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6025] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6022] <... ftruncate resumed>) = 0 [pid 5068] <... openat resumed>) = 4 [pid 6022] sendfile(4, 5, NULL, 281474978811909 [pid 5068] fstat(4, [pid 6025] <... openat resumed>) = 4 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 228.167211][ T6024] loop2: detected capacity change from 0 to 4096 [ 228.173935][ T6026] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6025] ioctl(4, LOOP_SET_FD, 3 [pid 5068] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5068] rmdir("./78/file0") = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5068] rmdir("./78") = 0 [pid 5068] mkdir("./79", 0777) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5068] close(3) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6027 ./strace-static-x86_64: Process 6027 attached [pid 6027] chdir("./79" [pid 6025] <... ioctl resumed>) = 0 [pid 6027] <... chdir resumed>) = 0 [pid 6025] close(3 [pid 6027] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6025] <... close resumed>) = 0 [pid 6027] <... prctl resumed>) = 0 [pid 6025] mkdir("./file0", 0777 [pid 6027] setpgid(0, 0 [pid 6025] <... mkdir resumed>) = 0 [pid 6027] <... setpgid resumed>) = 0 [pid 6025] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6027] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 228.237547][ T6025] loop0: detected capacity change from 0 to 4096 [ 228.252103][ T6024] NILFS (loop2): invalid segment: Checksum error in segment payload [pid 6027] write(3, "1000", 4) = 4 [pid 6027] close(3) = 0 [pid 6027] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6027] memfd_create("syzkaller", 0) = 3 [pid 6027] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 228.314028][ T6024] NILFS (loop2): trying rollback from an earlier position [ 228.340084][ T6025] NILFS (loop0): invalid segment: Checksum error in segment payload [pid 6027] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6024] <... mount resumed>) = 0 [pid 6024] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6024] chdir("./file0") = 0 [pid 6024] ioctl(4, LOOP_CLR_FD) = 0 [pid 6024] close(4) = 0 [pid 6024] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6024] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [ 228.377556][ T6025] NILFS (loop0): trying rollback from an earlier position [ 228.390713][ T6024] NILFS (loop2): recovery complete [ 228.409069][ T6025] NILFS (loop0): recovery complete [ 228.415212][ T6028] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6024] ftruncate(5, 33587195) = 0 [pid 6024] sendfile(4, 5, NULL, 281474978811909 [pid 6025] <... mount resumed>) = 0 [pid 6025] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6025] chdir("./file0") = 0 [pid 6025] ioctl(4, LOOP_CLR_FD) = 0 [pid 6025] close(4) = 0 [pid 6025] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6025] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6027] <... write resumed>) = 2097152 [pid 6025] <... open resumed>) = 5 [pid 6027] munmap(0x7fc0314e0000, 2097152 [ 228.479370][ T6029] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6025] ftruncate(5, 33587195 [pid 6027] <... munmap resumed>) = 0 [pid 6025] <... ftruncate resumed>) = 0 [pid 6027] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6025] sendfile(4, 5, NULL, 281474978811909 [pid 6027] <... openat resumed>) = 4 [pid 6027] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6027] close(3) = 0 [pid 6027] mkdir("./file0", 0777) = 0 [ 228.568301][ T6027] loop4: detected capacity change from 0 to 4096 [pid 6027] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6019] <... sendfile resumed>) = 1048576 [pid 6019] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6019] exit_group(0) = ? [pid 6019] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6019, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=20 /* 0.20 s */} --- [pid 5067] umount2("./78", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./78", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [ 228.676778][ T6027] NILFS (loop4): invalid segment: Checksum error in segment payload [ 228.698555][ T6027] NILFS (loop4): trying rollback from an earlier position [ 228.718386][ T6027] NILFS (loop4): recovery complete [pid 5067] umount2("./78/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./78/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./78/binderfs") = 0 [pid 5067] umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6027] <... mount resumed>) = 0 [pid 6027] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6027] chdir("./file0") = 0 [pid 6027] ioctl(4, LOOP_CLR_FD) = 0 [pid 6027] close(4) = 0 [pid 6027] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6027] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6027] ftruncate(5, 33587195) = 0 [ 228.775105][ T6030] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6027] sendfile(4, 5, NULL, 281474978811909 [pid 6020] <... sendfile resumed>) = 1048576 [pid 6020] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6020] exit_group(0) = ? [pid 6020] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6020, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5065] umount2("./77", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./77", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] <... umount2 resumed>) = 0 [pid 5065] getdents64(3, [pid 5067] umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] umount2("./77/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] lstat("./78/file0", [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] lstat("./77/binderfs", [pid 5067] umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] unlink("./77/binderfs" [pid 5067] openat(AT_FDCWD, "./78/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] <... unlink resumed>) = 0 [pid 5067] <... openat resumed>) = 4 [pid 5065] umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./78/file0") = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./78") = 0 [pid 5067] mkdir("./79", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6031 ./strace-static-x86_64: Process 6031 attached [pid 6031] chdir("./79") = 0 [pid 6031] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6031] setpgid(0, 0) = 0 [pid 6031] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6031] write(3, "1000", 4) = 4 [pid 6031] close(3) = 0 [pid 6031] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6031] memfd_create("syzkaller", 0) = 3 [pid 6031] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6031] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5065] <... umount2 resumed>) = 0 [pid 5065] umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./77/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./77/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [pid 5065] rmdir("./77/file0") = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 5065] rmdir("./77") = 0 [pid 5065] mkdir("./78", 0777) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6032 [pid 6031] <... write resumed>) = 2097152 ./strace-static-x86_64: Process 6032 attached [pid 6031] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6031] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6031] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6032] chdir("./78") = 0 [pid 6031] close(3 [pid 6032] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6031] <... close resumed>) = 0 [pid 6032] <... prctl resumed>) = 0 [pid 6031] mkdir("./file0", 0777 [pid 6032] setpgid(0, 0 [pid 6031] <... mkdir resumed>) = 0 [pid 6032] <... setpgid resumed>) = 0 [pid 6031] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [ 229.247078][ T6031] loop3: detected capacity change from 0 to 4096 [pid 6032] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6032] write(3, "1000", 4) = 4 [pid 6032] close(3) = 0 [pid 6032] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6032] memfd_create("syzkaller", 0) = 3 [pid 6032] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 229.288599][ T6031] NILFS (loop3): invalid segment: Checksum error in segment payload [ 229.355849][ T6031] NILFS (loop3): trying rollback from an earlier position [pid 6032] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6022] <... sendfile resumed>) = 1048576 [pid 6022] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6032] <... write resumed>) = 2097152 [pid 6022] <... open resumed>) = -1 EFAULT (Bad address) [pid 6022] exit_group(0) = ? [pid 6022] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6022, si_uid=0, si_status=0, si_utime=0, si_stime=28 /* 0.28 s */} --- [pid 5069] umount2("./79", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./79", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6032] munmap(0x7fc0314e0000, 2097152 [pid 5069] fstat(3, [pid 6032] <... munmap resumed>) = 0 [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, [pid 6032] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5069] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6032] <... openat resumed>) = 4 [ 229.457518][ T6031] NILFS (loop3): recovery complete [pid 5069] umount2("./79/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6032] ioctl(4, LOOP_SET_FD, 3 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./79/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./79/binderfs") = 0 [pid 5069] umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6032] <... ioctl resumed>) = 0 [pid 6032] close(3) = 0 [pid 6031] <... mount resumed>) = 0 [pid 6031] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6031] chdir("./file0") = 0 [pid 6031] ioctl(4, LOOP_CLR_FD) = 0 [pid 6032] mkdir("./file0", 0777 [pid 6031] close(4 [pid 6032] <... mkdir resumed>) = 0 [pid 6031] <... close resumed>) = 0 [pid 6024] <... sendfile resumed>) = 1048576 [pid 6032] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6031] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6024] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6031] <... open resumed>) = 4 [pid 6024] <... open resumed>) = -1 EFAULT (Bad address) [pid 6031] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6024] exit_group(0 [pid 6031] <... open resumed>) = 5 [pid 6024] <... exit_group resumed>) = ? [pid 6031] ftruncate(5, 33587195 [pid 6024] +++ exited with 0 +++ [pid 6031] <... ftruncate resumed>) = 0 [ 229.511455][ T6032] loop1: detected capacity change from 0 to 4096 [ 229.518685][ T6033] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6031] sendfile(4, 5, NULL, 281474978811909 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6024, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 5066] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5066] umount2("./78", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./78", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5066] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] umount2("./78/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./78/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] unlink("./78/binderfs") = 0 [pid 5066] umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6025] <... sendfile resumed>) = 1048576 [pid 6025] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6025] exit_group(0) = ? [pid 6025] +++ exited with 0 +++ [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6025, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=23 /* 0.23 s */} --- [pid 5064] umount2("./78", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./78", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5064] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] umount2("./78/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./78/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] unlink("./78/binderfs") = 0 [ 229.619046][ T6032] NILFS (loop1): invalid segment: Checksum error in segment payload [ 229.659138][ T6032] NILFS (loop1): trying rollback from an earlier position [pid 5064] umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... umount2 resumed>) = 0 [pid 5069] umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./79/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./79/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [ 229.725695][ T6032] NILFS (loop1): recovery complete [pid 5069] rmdir("./79/file0") = 0 [pid 5069] getdents64(3, [pid 6032] <... mount resumed>) = 0 [pid 5069] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6032] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6027] <... sendfile resumed>) = 1048576 [pid 5069] close(3 [pid 6032] chdir("./file0" [pid 6027] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5069] <... close resumed>) = 0 [pid 6032] <... chdir resumed>) = 0 [pid 6027] <... open resumed>) = -1 EFAULT (Bad address) [pid 5069] rmdir("./79" [pid 6032] ioctl(4, LOOP_CLR_FD [pid 6027] exit_group(0 [pid 5069] <... rmdir resumed>) = 0 [pid 6032] <... ioctl resumed>) = 0 [pid 6027] <... exit_group resumed>) = ? [pid 5069] mkdir("./80", 0777 [pid 6032] close(4 [pid 6027] +++ exited with 0 +++ [pid 5069] <... mkdir resumed>) = 0 [pid 6032] <... close resumed>) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 6032] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] <... openat resumed>) = 3 [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6027, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5069] ioctl(3, LOOP_CLR_FD [pid 6032] <... open resumed>) = 4 [pid 5068] umount2("./79", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... umount2 resumed>) = 0 [pid 6032] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6032] <... open resumed>) = 5 [pid 5069] close(3 [pid 5068] openat(AT_FDCWD, "./79", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6032] ftruncate(5, 33587195 [pid 5069] <... close resumed>) = 0 [pid 5068] <... openat resumed>) = 3 [pid 5066] lstat("./78/file0", [pid 6032] <... ftruncate resumed>) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [ 229.779154][ T6034] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5068] fstat(3, [pid 6032] sendfile(4, 5, NULL, 281474978811909 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 6035 [pid 5068] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] umount2("./79/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./79/binderfs", [pid 5066] umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] unlink("./79/binderfs" [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... unlink resumed>) = 0 [pid 5066] openat(AT_FDCWD, "./78/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... openat resumed>) = 4 [pid 5066] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 5066] rmdir("./78/file0") = 0 [pid 5066] getdents64(3, ./strace-static-x86_64: Process 6035 attached [pid 6035] chdir("./80" [pid 5066] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./78") = 0 [pid 5066] mkdir("./79", 0777) = 0 [pid 6035] <... chdir resumed>) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 6035] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5066] ioctl(3, LOOP_CLR_FD [pid 6035] <... prctl resumed>) = 0 [pid 5064] <... umount2 resumed>) = 0 [pid 5066] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6035] setpgid(0, 0 [pid 5066] close(3 [pid 6035] <... setpgid resumed>) = 0 [pid 6035] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5066] <... close resumed>) = 0 [pid 5064] umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6035] <... openat resumed>) = 3 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6035] write(3, "1000", 4 [pid 5064] lstat("./78/file0", [pid 6035] <... write resumed>) = 4 [pid 5066] <... clone resumed>, child_tidptr=0x555556c965d0) = 6036 [pid 5064] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6035] close(3) = 0 [pid 5064] umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6035] symlink("/dev/binderfs", "./binderfs" [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6035] <... symlink resumed>) = 0 [pid 5064] openat(AT_FDCWD, "./78/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6035] memfd_create("syzkaller", 0 [pid 5064] <... openat resumed>) = 4 ./strace-static-x86_64: Process 6036 attached [pid 6035] <... memfd_create resumed>) = 3 [pid 5064] fstat(4, [pid 6036] chdir("./79" [pid 6035] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6036] <... chdir resumed>) = 0 [pid 6035] <... mmap resumed>) = 0x7fc0314e0000 [pid 5064] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] close(4) = 0 [pid 5064] rmdir("./78/file0") = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] close(3) = 0 [pid 6036] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5064] rmdir("./78" [pid 6036] <... prctl resumed>) = 0 [pid 6035] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5064] <... rmdir resumed>) = 0 [pid 5064] mkdir("./79", 0777 [pid 6036] setpgid(0, 0 [pid 5064] <... mkdir resumed>) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5064] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5064] close(3 [pid 6036] <... setpgid resumed>) = 0 [pid 5064] <... close resumed>) = 0 [pid 6036] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6036] <... openat resumed>) = 3 [pid 6036] write(3, "1000", 4 [pid 5064] <... clone resumed>, child_tidptr=0x555556c965d0) = 6037 [pid 6036] <... write resumed>) = 4 [pid 6036] close(3) = 0 [pid 6036] symlink("/dev/binderfs", "./binderfs"./strace-static-x86_64: Process 6037 attached ) = 0 [pid 6037] chdir("./79" [pid 6036] memfd_create("syzkaller", 0 [pid 6037] <... chdir resumed>) = 0 [pid 6036] <... memfd_create resumed>) = 3 [pid 6037] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6036] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6037] <... prctl resumed>) = 0 [pid 6037] setpgid(0, 0) = 0 [pid 6037] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6036] <... mmap resumed>) = 0x7fc0314e0000 [pid 6037] <... openat resumed>) = 3 [pid 6037] write(3, "1000", 4) = 4 [pid 6037] close(3) = 0 [pid 6037] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6037] memfd_create("syzkaller", 0) = 3 [pid 6037] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6036] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6035] <... write resumed>) = 2097152 [pid 6037] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6035] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6035] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 6035] ioctl(4, LOOP_SET_FD, 3 [pid 5068] <... umount2 resumed>) = 0 [pid 6035] <... ioctl resumed>) = 0 [pid 6035] close(3) = 0 [pid 6035] mkdir("./file0", 0777 [pid 5068] umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6035] <... mkdir resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6035] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] lstat("./79/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./79/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5068] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5068] rmdir("./79/file0") = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6036] <... write resumed>) = 2097152 [ 230.111842][ T6035] loop5: detected capacity change from 0 to 4096 [pid 5068] close(3) = 0 [pid 6037] <... write resumed>) = 2097152 [pid 6036] munmap(0x7fc0314e0000, 2097152 [pid 5068] rmdir("./79" [pid 6036] <... munmap resumed>) = 0 [pid 5068] <... rmdir resumed>) = 0 [pid 6036] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5068] mkdir("./80", 0777 [pid 6037] munmap(0x7fc0314e0000, 2097152 [pid 6036] <... openat resumed>) = 4 [pid 6037] <... munmap resumed>) = 0 [pid 6036] ioctl(4, LOOP_SET_FD, 3 [pid 5068] <... mkdir resumed>) = 0 [pid 6037] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6037] ioctl(4, LOOP_SET_FD, 3 [pid 6036] <... ioctl resumed>) = 0 [pid 6036] close(3 [ 230.170831][ T6035] NILFS (loop5): invalid segment: Checksum error in segment payload [ 230.188221][ T6035] NILFS (loop5): trying rollback from an earlier position [ 230.210819][ T6036] loop2: detected capacity change from 0 to 4096 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6036] <... close resumed>) = 0 [pid 6036] mkdir("./file0", 0777 [pid 5068] <... openat resumed>) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD [pid 6036] <... mkdir resumed>) = 0 [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6036] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] close(3 [pid 6037] <... ioctl resumed>) = 0 [pid 6035] <... mount resumed>) = 0 [pid 5068] <... close resumed>) = 0 [pid 6037] close(3 [pid 6035] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6037] <... close resumed>) = 0 [pid 6035] <... openat resumed>) = 3 [pid 6037] mkdir("./file0", 0777 [pid 6035] chdir("./file0" [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 6039 [pid 6037] <... mkdir resumed>) = 0 [pid 6035] <... chdir resumed>) = 0 [pid 6037] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6035] ioctl(4, LOOP_CLR_FD) = 0 [pid 6035] close(4) = 0 [pid 6035] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000./strace-static-x86_64: Process 6039 attached [pid 6039] chdir("./80" [pid 6035] <... open resumed>) = 4 [pid 6035] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [ 230.216040][ T6035] NILFS (loop5): recovery complete [ 230.218927][ T6037] loop0: detected capacity change from 0 to 4096 [ 230.252691][ T6038] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6035] ftruncate(5, 33587195 [pid 6039] <... chdir resumed>) = 0 [pid 6035] <... ftruncate resumed>) = 0 [pid 6039] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6035] sendfile(4, 5, NULL, 281474978811909 [pid 6039] <... prctl resumed>) = 0 [pid 6039] setpgid(0, 0) = 0 [pid 6039] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6039] write(3, "1000", 4) = 4 [pid 6039] close(3) = 0 [pid 6039] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6039] memfd_create("syzkaller", 0) = 3 [pid 6039] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 230.292867][ T6037] NILFS (loop0): invalid segment: Checksum error in segment payload [ 230.316720][ T6036] NILFS (loop2): invalid segment: Checksum error in segment payload [ 230.338915][ T6036] NILFS (loop2): trying rollback from an earlier position [ 230.347544][ T6037] NILFS (loop0): trying rollback from an earlier position [ 230.425120][ T6036] NILFS (loop2): recovery complete [pid 6039] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152 [ 230.445571][ T6037] NILFS (loop0): recovery complete [pid 6036] <... mount resumed>) = 0 [pid 6036] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6036] chdir("./file0") = 0 [pid 6037] <... mount resumed>) = 0 [pid 6036] ioctl(4, LOOP_CLR_FD [pid 6037] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6036] <... ioctl resumed>) = 0 [pid 6037] <... openat resumed>) = 3 [pid 6036] close(4 [pid 6037] chdir("./file0" [pid 6036] <... close resumed>) = 0 [pid 6037] <... chdir resumed>) = 0 [pid 6036] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6037] ioctl(4, LOOP_CLR_FD) = 0 [pid 6036] <... open resumed>) = 4 [pid 6037] close(4 [pid 6036] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6037] <... close resumed>) = 0 [pid 6037] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6036] <... open resumed>) = 5 [pid 6039] munmap(0x7fc0314e0000, 2097152 [pid 6037] <... open resumed>) = 4 [pid 6036] ftruncate(5, 33587195 [pid 6039] <... munmap resumed>) = 0 [pid 6037] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6036] <... ftruncate resumed>) = 0 [pid 6039] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6037] <... open resumed>) = 5 [pid 6036] sendfile(4, 5, NULL, 281474978811909 [pid 6039] <... openat resumed>) = 4 [pid 6037] ftruncate(5, 33587195 [pid 6039] ioctl(4, LOOP_SET_FD, 3 [pid 6037] <... ftruncate resumed>) = 0 [ 230.475556][ T6040] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 230.490306][ T6041] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6037] sendfile(4, 5, NULL, 281474978811909 [pid 6039] <... ioctl resumed>) = 0 [pid 6039] close(3) = 0 [pid 6039] mkdir("./file0", 0777) = 0 [ 230.541835][ T6039] loop4: detected capacity change from 0 to 4096 [pid 6039] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6031] <... sendfile resumed>) = 1048576 [pid 6031] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6031] exit_group(0) = ? [pid 6031] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6031, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} --- [ 230.658250][ T6039] NILFS (loop4): invalid segment: Checksum error in segment payload [pid 5067] umount2("./79", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./79", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./79/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./79/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./79/binderfs") = 0 [ 230.705418][ T6039] NILFS (loop4): trying rollback from an earlier position [ 230.816844][ T6039] NILFS (loop4): recovery complete [pid 5067] umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6039] <... mount resumed>) = 0 [pid 6039] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6039] chdir("./file0") = 0 [pid 6039] ioctl(4, LOOP_CLR_FD) = 0 [pid 6039] close(4) = 0 [pid 6039] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6039] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6039] ftruncate(5, 33587195) = 0 [ 230.860089][ T6042] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6039] sendfile(4, 5, NULL, 281474978811909 [pid 6032] <... sendfile resumed>) = 1048576 [pid 6032] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6032] exit_group(0) = ? [pid 6032] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6032, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=24 /* 0.24 s */} --- [pid 5065] umount2("./78", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... umount2 resumed>) = 0 [pid 5067] umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./78", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5067] lstat("./79/file0", [pid 5065] <... openat resumed>) = 3 [pid 5067] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] fstat(3, [pid 5067] umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] openat(AT_FDCWD, "./79/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] getdents64(3, [pid 5067] <... openat resumed>) = 4 [pid 5065] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] fstat(4, [pid 5065] umount2("./78/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] getdents64(4, [pid 5065] lstat("./78/binderfs", [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] getdents64(4, [pid 5065] unlink("./78/binderfs" [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4 [pid 5065] <... unlink resumed>) = 0 [pid 5067] <... close resumed>) = 0 [pid 5065] umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] rmdir("./79/file0") = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./79") = 0 [pid 5067] mkdir("./80", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6043 ./strace-static-x86_64: Process 6043 attached [pid 6043] chdir("./80") = 0 [pid 6043] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6043] setpgid(0, 0) = 0 [pid 6043] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6043] write(3, "1000", 4) = 4 [pid 6043] close(3) = 0 [pid 6043] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6043] memfd_create("syzkaller", 0) = 3 [pid 6043] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6043] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5065] <... umount2 resumed>) = 0 [pid 5065] umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6035] <... sendfile resumed>) = 1048576 [pid 5065] lstat("./78/file0", [pid 6035] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5065] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6035] <... open resumed>) = -1 EFAULT (Bad address) [pid 5065] umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6035] exit_group(0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6035] <... exit_group resumed>) = ? [pid 5065] openat(AT_FDCWD, "./78/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6035] +++ exited with 0 +++ [pid 5065] <... openat resumed>) = 4 [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6035, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] umount2("./80", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] close(4 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... close resumed>) = 0 [pid 5069] openat(AT_FDCWD, "./80", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] rmdir("./78/file0" [pid 6043] <... write resumed>) = 2097152 [pid 5069] <... openat resumed>) = 3 [pid 5065] <... rmdir resumed>) = 0 [pid 6043] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6043] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6043] ioctl(4, LOOP_SET_FD, 3 [pid 5069] fstat(3, [pid 5065] getdents64(3, [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, [pid 5065] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] close(3 [pid 5069] umount2("./80/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... close resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./80/binderfs", [pid 5065] rmdir("./78" [pid 6043] <... ioctl resumed>) = 0 [pid 5069] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6043] close(3) = 0 [pid 6043] mkdir("./file0", 0777 [pid 5069] unlink("./80/binderfs" [pid 5065] <... rmdir resumed>) = 0 [pid 6043] <... mkdir resumed>) = 0 [pid 5069] <... unlink resumed>) = 0 [pid 6043] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5069] umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] mkdir("./79", 0777) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6044 attached [pid 6044] chdir("./79" [pid 5065] <... clone resumed>, child_tidptr=0x555556c965d0) = 6044 [pid 6044] <... chdir resumed>) = 0 [pid 6044] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6044] setpgid(0, 0) = 0 [pid 6044] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6044] write(3, "1000", 4) = 4 [pid 6044] close(3) = 0 [pid 6044] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6044] memfd_create("syzkaller", 0) = 3 [ 231.365323][ T6043] loop3: detected capacity change from 0 to 4096 [ 231.388162][ T6043] NILFS (loop3): invalid segment: Checksum error in segment payload [ 231.401801][ T6043] NILFS (loop3): trying rollback from an earlier position [pid 6044] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6044] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5069] <... umount2 resumed>) = 0 [pid 5069] umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6044] <... write resumed>) = 2097152 [pid 5069] lstat("./80/file0", [pid 6044] munmap(0x7fc0314e0000, 2097152 [pid 5069] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6044] <... munmap resumed>) = 0 [ 231.526447][ T6043] NILFS (loop3): recovery complete [pid 5069] umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6044] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6043] <... mount resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6044] <... openat resumed>) = 4 [pid 6043] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5069] openat(AT_FDCWD, "./80/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6044] ioctl(4, LOOP_SET_FD, 3 [pid 6043] <... openat resumed>) = 3 [pid 5069] <... openat resumed>) = 4 [pid 5069] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 6043] chdir("./file0" [pid 5069] rmdir("./80/file0" [pid 6044] <... ioctl resumed>) = 0 [pid 6043] <... chdir resumed>) = 0 [pid 6037] <... sendfile resumed>) = 1048576 [pid 6036] <... sendfile resumed>) = 1048576 [pid 5069] <... rmdir resumed>) = 0 [pid 6044] close(3 [pid 6043] ioctl(4, LOOP_CLR_FD [pid 6037] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5069] getdents64(3, [pid 6044] <... close resumed>) = 0 [pid 6043] <... ioctl resumed>) = 0 [pid 6037] <... open resumed>) = -1 EFAULT (Bad address) [pid 6036] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5069] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6044] mkdir("./file0", 0777 [pid 6043] close(4 [pid 6037] exit_group(0 [pid 6036] <... open resumed>) = -1 EFAULT (Bad address) [pid 5069] close(3 [pid 6044] <... mkdir resumed>) = 0 [pid 6043] <... close resumed>) = 0 [pid 6037] <... exit_group resumed>) = ? [pid 6036] exit_group(0 [pid 5069] <... close resumed>) = 0 [pid 6044] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6043] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6037] +++ exited with 0 +++ [pid 6036] <... exit_group resumed>) = ? [ 231.549265][ T6045] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 231.579508][ T6044] loop1: detected capacity change from 0 to 4096 [pid 5069] rmdir("./80" [pid 6043] <... open resumed>) = 4 [pid 6036] +++ exited with 0 +++ [pid 5069] <... rmdir resumed>) = 0 [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6037, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 6043] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] mkdir("./81", 0777 [pid 6043] <... open resumed>) = 5 [pid 5069] <... mkdir resumed>) = 0 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6036, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=28 /* 0.28 s */} --- [pid 6043] ftruncate(5, 33587195 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5066] umount2("./79", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6043] <... ftruncate resumed>) = 0 [pid 5069] <... openat resumed>) = 3 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6043] sendfile(4, 5, NULL, 281474978811909 [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5066] openat(AT_FDCWD, "./79", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5066] <... openat resumed>) = 3 [pid 5064] umount2("./79", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] close(3 [pid 5066] fstat(3, [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... close resumed>) = 0 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] openat(AT_FDCWD, "./79", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5066] getdents64(3, [pid 5064] <... openat resumed>) = 3 [pid 5066] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] fstat(3, [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 6046 [pid 5066] umount2("./79/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] getdents64(3, [pid 5066] lstat("./79/binderfs", [pid 5064] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] umount2("./79/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] unlink("./79/binderfs" [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 6046 attached [pid 5066] <... unlink resumed>) = 0 [pid 5064] lstat("./79/binderfs", [pid 6046] chdir("./81" [pid 5066] umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6046] <... chdir resumed>) = 0 [pid 5064] unlink("./79/binderfs" [pid 6046] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5064] <... unlink resumed>) = 0 [pid 6046] <... prctl resumed>) = 0 [pid 5064] umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6046] setpgid(0, 0) = 0 [pid 6046] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6046] write(3, "1000", 4) = 4 [pid 6046] close(3) = 0 [ 231.640855][ T6044] NILFS (loop1): invalid segment: Checksum error in segment payload [pid 6046] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6046] memfd_create("syzkaller", 0) = 3 [pid 6046] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 231.716289][ T6044] NILFS (loop1): trying rollback from an earlier position [pid 6046] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6039] <... sendfile resumed>) = 1048576 [pid 6039] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6039] exit_group(0) = ? [pid 6039] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6039, si_uid=0, si_status=0, si_utime=0, si_stime=22 /* 0.22 s */} --- [pid 5068] umount2("./80", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 231.774225][ T6044] NILFS (loop1): recovery complete [pid 5068] openat(AT_FDCWD, "./80", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6044] <... mount resumed>) = 0 [pid 5068] fstat(3, [pid 6044] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6044] <... openat resumed>) = 3 [pid 5068] getdents64(3, [pid 6044] chdir("./file0" [pid 5068] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6044] <... chdir resumed>) = 0 [pid 5068] umount2("./80/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... umount2 resumed>) = 0 [pid 6044] ioctl(4, LOOP_CLR_FD [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6044] <... ioctl resumed>) = 0 [pid 5068] lstat("./80/binderfs", [pid 6044] close(4 [pid 5068] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6044] <... close resumed>) = 0 [pid 5068] unlink("./80/binderfs" [pid 5066] umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6044] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] <... unlink resumed>) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6044] <... open resumed>) = 4 [pid 5068] umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] lstat("./79/file0", [pid 6046] <... write resumed>) = 2097152 [pid 6044] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5066] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6046] munmap(0x7fc0314e0000, 2097152 [pid 6044] <... open resumed>) = 5 [pid 5066] umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6046] <... munmap resumed>) = 0 [pid 6044] ftruncate(5, 33587195 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6046] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 6044] <... ftruncate resumed>) = 0 [ 231.831010][ T6047] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5066] openat(AT_FDCWD, "./79/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6046] <... openat resumed>) = 4 [pid 6044] sendfile(4, 5, NULL, 281474978811909 [pid 5066] <... openat resumed>) = 4 [pid 6046] ioctl(4, LOOP_SET_FD, 3 [pid 5066] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 5066] rmdir("./79/file0") = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./79") = 0 [pid 5066] mkdir("./80", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD [pid 6046] <... ioctl resumed>) = 0 [pid 5066] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5066] close(3 [pid 6046] close(3 [pid 5066] <... close resumed>) = 0 [pid 5064] <... umount2 resumed>) = 0 [pid 5064] umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./79/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6046] <... close resumed>) = 0 [pid 5064] umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 231.910550][ T6046] loop5: detected capacity change from 0 to 4096 [pid 5064] openat(AT_FDCWD, "./79/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5064] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6046] mkdir("./file0", 0777 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5064] getdents64(4, [pid 6046] <... mkdir resumed>) = 0 [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6046] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5064] close(4 [pid 5066] <... clone resumed>, child_tidptr=0x555556c965d0) = 6048 [pid 5064] <... close resumed>) = 0 [pid 5064] rmdir("./79/file0") = 0 [pid 5064] getdents64(3, ./strace-static-x86_64: Process 6048 attached 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6048] chdir("./80" [pid 5064] close(3 [pid 6048] <... chdir resumed>) = 0 [pid 5064] <... close resumed>) = 0 [pid 6048] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5064] rmdir("./79" [pid 6048] <... prctl resumed>) = 0 [pid 5064] <... rmdir resumed>) = 0 [pid 6048] setpgid(0, 0 [pid 5064] mkdir("./80", 0777 [pid 6048] <... setpgid resumed>) = 0 [pid 5064] <... mkdir resumed>) = 0 [pid 6048] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6048] <... openat resumed>) = 3 [pid 5064] <... openat resumed>) = 3 [pid 6048] write(3, "1000", 4 [pid 5064] ioctl(3, LOOP_CLR_FD [pid 6048] <... write resumed>) = 4 [pid 5064] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6048] close(3 [pid 5064] close(3 [pid 6048] <... close resumed>) = 0 [pid 5064] <... close resumed>) = 0 [pid 6048] symlink("/dev/binderfs", "./binderfs" [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6048] <... symlink resumed>) = 0 [pid 6048] memfd_create("syzkaller", 0 [pid 5064] <... clone resumed>, child_tidptr=0x555556c965d0) = 6049 [ 232.007525][ T6046] NILFS (loop5): invalid segment: Checksum error in segment payload [pid 6048] <... memfd_create resumed>) = 3 ./strace-static-x86_64: Process 6049 attached [pid 6048] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6049] chdir("./80" [pid 6048] <... mmap resumed>) = 0x7fc0314e0000 [pid 6049] <... chdir resumed>) = 0 [pid 6049] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6049] setpgid(0, 0) = 0 [pid 6049] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6049] write(3, "1000", 4) = 4 [pid 6049] close(3) = 0 [pid 6049] symlink("/dev/binderfs", "./binderfs" [pid 6048] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6049] <... symlink resumed>) = 0 [pid 6049] memfd_create("syzkaller", 0) = 3 [pid 6049] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5068] <... umount2 resumed>) = 0 [pid 6049] <... mmap resumed>) = 0x7fc0314e0000 [ 232.056447][ T6046] NILFS (loop5): trying rollback from an earlier position [pid 5068] umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./80/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6049] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5068] umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./80/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5068] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(4, [pid 6046] <... mount resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6046] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5068] getdents64(4, [pid 6049] <... write resumed>) = 2097152 [pid 6046] <... openat resumed>) = 3 [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6049] munmap(0x7fc0314e0000, 2097152 [pid 6048] <... write resumed>) = 2097152 [pid 6046] chdir("./file0" [pid 5068] close(4 [pid 6049] <... munmap resumed>) = 0 [pid 6048] munmap(0x7fc0314e0000, 2097152 [pid 6046] <... chdir resumed>) = 0 [pid 5068] <... close resumed>) = 0 [pid 6049] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6048] <... munmap resumed>) = 0 [pid 6049] <... openat resumed>) = 4 [pid 6046] ioctl(4, LOOP_CLR_FD [pid 5068] rmdir("./80/file0" [pid 6049] ioctl(4, LOOP_SET_FD, 3 [pid 6048] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6046] <... ioctl resumed>) = 0 [pid 6048] <... openat resumed>) = 4 [ 232.128137][ T6046] NILFS (loop5): recovery complete [ 232.145748][ T6050] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6046] close(4 [pid 5068] <... rmdir resumed>) = 0 [pid 6049] <... ioctl resumed>) = 0 [pid 6048] ioctl(4, LOOP_SET_FD, 3 [pid 6046] <... close resumed>) = 0 [pid 6049] close(3 [pid 6048] <... ioctl resumed>) = 0 [pid 6046] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] getdents64(3, [pid 6049] <... close resumed>) = 0 [pid 6048] close(3 [pid 6046] <... open resumed>) = 4 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6049] mkdir("./file0", 0777 [pid 6048] <... close resumed>) = 0 [pid 6046] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] close(3 [pid 6046] <... open resumed>) = 5 [pid 5068] <... close resumed>) = 0 [pid 6049] <... mkdir resumed>) = 0 [pid 6048] mkdir("./file0", 0777 [pid 6046] ftruncate(5, 33587195 [pid 5068] rmdir("./80" [pid 6049] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6046] <... ftruncate resumed>) = 0 [pid 5068] <... rmdir resumed>) = 0 [pid 6048] <... mkdir resumed>) = 0 [pid 6046] sendfile(4, 5, NULL, 281474978811909 [pid 5068] mkdir("./81", 0777) = 0 [pid 6048] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 232.195148][ T6049] loop0: detected capacity change from 0 to 4096 [ 232.218620][ T6048] loop2: detected capacity change from 0 to 4096 [pid 5068] close(3) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6051 ./strace-static-x86_64: Process 6051 attached [ 232.273703][ T6048] NILFS (loop2): invalid segment: Checksum error in segment payload [ 232.289263][ T6049] NILFS (loop0): invalid segment: Checksum error in segment payload [pid 6051] chdir("./81") = 0 [pid 6051] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6051] setpgid(0, 0) = 0 [pid 6051] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6051] write(3, "1000", 4) = 4 [pid 6051] close(3) = 0 [pid 6051] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6051] memfd_create("syzkaller", 0) = 3 [pid 6051] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 232.331034][ T6049] NILFS (loop0): trying rollback from an earlier position [ 232.349795][ T6048] NILFS (loop2): trying rollback from an earlier position [ 232.417195][ T6048] NILFS (loop2): recovery complete [ 232.440428][ T6049] NILFS (loop0): recovery complete [pid 6051] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6049] <... mount resumed>) = 0 [pid 6049] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6049] chdir("./file0") = 0 [pid 6049] ioctl(4, LOOP_CLR_FD [pid 6048] <... mount resumed>) = 0 [pid 6049] <... ioctl resumed>) = 0 [pid 6048] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6049] close(4) = 0 [pid 6048] <... openat resumed>) = 3 [pid 6049] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6048] chdir("./file0" [pid 6049] <... open resumed>) = 4 [pid 6048] <... chdir resumed>) = 0 [pid 6049] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6048] ioctl(4, LOOP_CLR_FD [pid 6049] <... open resumed>) = 5 [pid 6048] <... ioctl resumed>) = 0 [pid 6051] <... write resumed>) = 2097152 [ 232.463632][ T6053] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 232.468384][ T6052] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6049] ftruncate(5, 33587195 [pid 6048] close(4 [pid 6049] <... ftruncate resumed>) = 0 [pid 6048] <... close resumed>) = 0 [pid 6049] sendfile(4, 5, NULL, 281474978811909 [pid 6048] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6051] munmap(0x7fc0314e0000, 2097152 [pid 6048] <... open resumed>) = 4 [pid 6048] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6048] ftruncate(5, 33587195) = 0 [pid 6051] <... munmap resumed>) = 0 [pid 6048] sendfile(4, 5, NULL, 281474978811909 [pid 6051] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6051] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6051] close(3) = 0 [ 232.582207][ T6051] loop4: detected capacity change from 0 to 4096 [pid 6051] mkdir("./file0", 0777) = 0 [pid 6051] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6043] <... sendfile resumed>) = 1048576 [pid 6043] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6043] exit_group(0) = ? [ 232.694400][ T6051] NILFS (loop4): invalid segment: Checksum error in segment payload [pid 6043] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6043, si_uid=0, si_status=0, si_utime=0, si_stime=28 /* 0.28 s */} --- [pid 5067] umount2("./80", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./80", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./80/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./80/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./80/binderfs") = 0 [ 232.755865][ T6051] NILFS (loop4): trying rollback from an earlier position [ 232.827943][ T6051] NILFS (loop4): recovery complete [pid 5067] umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6051] <... mount resumed>) = 0 [pid 6051] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6051] chdir("./file0") = 0 [pid 6051] ioctl(4, LOOP_CLR_FD) = 0 [pid 6051] close(4) = 0 [pid 6051] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6051] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6051] ftruncate(5, 33587195) = 0 [ 232.880312][ T6054] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6051] sendfile(4, 5, NULL, 281474978811909 [pid 6044] <... sendfile resumed>) = 1048576 [pid 6044] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6044] exit_group(0) = ? [pid 6044] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6044, si_uid=0, si_status=0, si_utime=0, si_stime=18 /* 0.18 s */} --- [pid 5065] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5065] umount2("./79", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./79", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./79/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./79/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] unlink("./79/binderfs") = 0 [pid 5065] umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... umount2 resumed>) = 0 [pid 5067] umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./80/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./80/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./80/file0") = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./80") = 0 [pid 5067] mkdir("./81", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6055 ./strace-static-x86_64: Process 6055 attached [pid 6055] chdir("./81") = 0 [pid 6055] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6055] setpgid(0, 0) = 0 [pid 6055] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6055] write(3, "1000", 4) = 4 [pid 6055] close(3) = 0 [pid 6055] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6055] memfd_create("syzkaller", 0) = 3 [pid 6055] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6055] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5065] <... umount2 resumed>) = 0 [pid 6046] <... sendfile resumed>) = 1048576 [pid 5065] umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./79/file0", [pid 6046] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5065] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6046] <... open resumed>) = -1 EFAULT (Bad address) [pid 5065] umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6046] exit_group(0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6046] <... exit_group resumed>) = ? [pid 5065] openat(AT_FDCWD, "./79/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6046] +++ exited with 0 +++ [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6046, si_uid=0, si_status=0, si_utime=0, si_stime=22 /* 0.22 s */} --- [pid 5065] getdents64(4, [pid 5069] restart_syscall(<... resuming interrupted clone ...> [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] <... restart_syscall resumed>) = 0 [pid 5065] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] close(4 [pid 5069] umount2("./81", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... close resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] rmdir("./79/file0" [pid 5069] openat(AT_FDCWD, "./81", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] <... rmdir resumed>) = 0 [pid 6055] <... write resumed>) = 2097152 [pid 5069] <... openat resumed>) = 3 [pid 5065] getdents64(3, [pid 5069] fstat(3, [pid 5065] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] close(3 [pid 5069] getdents64(3, [pid 5065] <... close resumed>) = 0 [pid 5069] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] rmdir("./79" [pid 6055] munmap(0x7fc0314e0000, 2097152 [pid 5069] umount2("./81/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... rmdir resumed>) = 0 [pid 6055] <... munmap resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] mkdir("./80", 0777 [pid 6055] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5069] lstat("./81/binderfs", [pid 5065] <... mkdir resumed>) = 0 [pid 6055] <... openat resumed>) = 4 [pid 5069] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6055] ioctl(4, LOOP_SET_FD, 3 [pid 5069] unlink("./81/binderfs" [pid 5065] <... openat resumed>) = 3 [pid 6055] <... ioctl resumed>) = 0 [pid 5069] <... unlink resumed>) = 0 [pid 5065] ioctl(3, LOOP_CLR_FD [pid 6055] close(3 [pid 5069] umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6055] <... close resumed>) = 0 [pid 5065] close(3 [pid 6055] mkdir("./file0", 0777 [pid 5065] <... close resumed>) = 0 [pid 6055] <... mkdir resumed>) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6055] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5065] <... clone resumed>, child_tidptr=0x555556c965d0) = 6056 [ 233.405884][ T6055] loop3: detected capacity change from 0 to 4096 ./strace-static-x86_64: Process 6056 attached [pid 6056] chdir("./80") = 0 [pid 6056] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6056] setpgid(0, 0) = 0 [pid 6056] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6056] write(3, "1000", 4) = 4 [pid 6056] close(3) = 0 [pid 6056] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6056] memfd_create("syzkaller", 0) = 3 [pid 6056] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 233.489489][ T6055] NILFS (loop3): invalid segment: Checksum error in segment payload [pid 6048] <... sendfile resumed>) = 1048576 [pid 6049] <... sendfile resumed>) = 1048576 [pid 6048] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6049] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6048] <... open resumed>) = -1 EFAULT (Bad address) [pid 6056] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6049] <... open resumed>) = -1 EFAULT (Bad address) [pid 6048] exit_group(0 [pid 6049] exit_group(0 [pid 6048] <... exit_group resumed>) = ? [pid 6049] <... exit_group resumed>) = ? [pid 6049] +++ exited with 0 +++ [pid 6048] +++ exited with 0 +++ [pid 5069] <... umount2 resumed>) = 0 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6048, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} --- [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6049, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 5066] umount2("./80", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] umount2("./80", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./80", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] openat(AT_FDCWD, "./80", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] <... openat resumed>) = 3 [pid 5064] <... openat resumed>) = 3 [pid 5066] fstat(3, [pid 5064] fstat(3, [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6056] <... write resumed>) = 2097152 [pid 5069] umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] getdents64(3, [pid 5064] getdents64(3, [pid 6056] munmap(0x7fc0314e0000, 2097152 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6056] <... munmap resumed>) = 0 [pid 5069] lstat("./81/file0", [pid 5066] umount2("./80/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] umount2("./80/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6056] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5069] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 233.537046][ T6055] NILFS (loop3): trying rollback from an earlier position [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6056] <... openat resumed>) = 4 [pid 5069] umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] lstat("./80/binderfs", [pid 5064] lstat("./80/binderfs", [pid 6056] ioctl(4, LOOP_SET_FD, 3 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] unlink("./80/binderfs" [pid 5064] unlink("./80/binderfs" [pid 5066] <... unlink resumed>) = 0 [pid 5064] <... unlink resumed>) = 0 [pid 5066] umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6056] <... ioctl resumed>) = 0 [pid 5069] openat(AT_FDCWD, "./81/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6056] close(3) = 0 [pid 5069] getdents64(4, [pid 6056] mkdir("./file0", 0777) = 0 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6056] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5069] getdents64(4, [pid 6055] <... mount resumed>) = 0 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [ 233.609820][ T6055] NILFS (loop3): recovery complete [ 233.626391][ T6056] loop1: detected capacity change from 0 to 4096 [ 233.649340][ T6057] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6055] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5069] close(4 [pid 6055] <... openat resumed>) = 3 [pid 5069] <... close resumed>) = 0 [pid 6055] chdir("./file0" [pid 5069] rmdir("./81/file0" [pid 6055] <... chdir resumed>) = 0 [pid 6055] ioctl(4, LOOP_CLR_FD [pid 5069] <... rmdir resumed>) = 0 [pid 6055] <... ioctl resumed>) = 0 [pid 5069] getdents64(3, [pid 6055] close(4 [pid 5069] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6055] <... close resumed>) = 0 [pid 5069] close(3 [pid 6055] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] <... close resumed>) = 0 [pid 5069] rmdir("./81") = 0 [pid 6055] <... open resumed>) = 4 [pid 5069] mkdir("./82", 0777 [pid 6055] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] <... mkdir resumed>) = 0 [pid 6055] <... open resumed>) = 5 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 6055] ftruncate(5, 33587195 [pid 5069] <... openat resumed>) = 3 [pid 6055] <... ftruncate resumed>) = 0 [pid 5069] ioctl(3, LOOP_CLR_FD [pid 6055] sendfile(4, 5, NULL, 281474978811909 [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5069] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6058 [ 233.679912][ T6056] NILFS (loop1): invalid segment: Checksum error in segment payload ./strace-static-x86_64: Process 6058 attached [pid 6058] chdir("./82") = 0 [pid 6058] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6058] setpgid(0, 0) = 0 [pid 6058] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6058] write(3, "1000", 4) = 4 [pid 6058] close(3) = 0 [pid 6058] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6058] memfd_create("syzkaller", 0 [pid 5066] <... umount2 resumed>) = 0 [pid 6058] <... memfd_create resumed>) = 3 [ 233.726693][ T6056] NILFS (loop1): trying rollback from an earlier position [pid 6058] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5064] <... umount2 resumed>) = 0 [pid 6058] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5066] umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./80/file0", [pid 5064] lstat("./80/file0", [pid 5066] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./80/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] openat(AT_FDCWD, "./80/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] <... openat resumed>) = 4 [pid 5064] <... openat resumed>) = 4 [pid 5066] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] fstat(4, [pid 5066] getdents64(4, [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] getdents64(4, [pid 5066] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] getdents64(4, [pid 5066] close(4 [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] <... close resumed>) = 0 [pid 5066] rmdir("./80/file0" [pid 5064] close(4 [pid 5066] <... rmdir resumed>) = 0 [pid 5066] getdents64(3, [pid 5064] <... close resumed>) = 0 [pid 5066] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] close(3 [pid 5064] rmdir("./80/file0" [pid 5066] <... close resumed>) = 0 [pid 5066] rmdir("./80" [pid 5064] <... rmdir resumed>) = 0 [pid 5066] <... rmdir resumed>) = 0 [pid 5064] getdents64(3, [pid 5066] mkdir("./81", 0777 [pid 5064] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [ 233.866005][ T6056] NILFS (loop1): recovery complete [pid 5066] <... mkdir resumed>) = 0 [pid 5064] close(3 [pid 6056] <... mount resumed>) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6056] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5066] <... openat resumed>) = 3 [pid 5064] <... close resumed>) = 0 [pid 6056] <... openat resumed>) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD [pid 6058] <... write resumed>) = 2097152 [pid 6056] chdir("./file0" [pid 5066] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5064] rmdir("./80" [pid 6056] <... chdir resumed>) = 0 [pid 5066] close(3 [pid 6056] ioctl(4, LOOP_CLR_FD [pid 5064] <... rmdir resumed>) = 0 [pid 6058] munmap(0x7fc0314e0000, 2097152 [pid 5066] <... close resumed>) = 0 [pid 6056] <... ioctl resumed>) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5064] mkdir("./81", 0777 [pid 6056] close(4) = 0 [pid 6058] <... munmap resumed>) = 0 [pid 6056] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5066] <... clone resumed>, child_tidptr=0x555556c965d0) = 6060 [pid 5064] <... mkdir resumed>) = 0 [pid 6058] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 6056] <... open resumed>) = 4 ./strace-static-x86_64: Process 6060 attached [pid 6058] <... openat resumed>) = 4 [pid 6056] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6060] chdir("./81" [pid 6058] ioctl(4, LOOP_SET_FD, 3 [pid 6056] <... open resumed>) = 5 [ 233.903642][ T6059] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5064] <... openat resumed>) = 3 [pid 6060] <... chdir resumed>) = 0 [pid 6056] ftruncate(5, 33587195 [pid 5064] ioctl(3, LOOP_CLR_FD [pid 6060] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6058] <... ioctl resumed>) = 0 [pid 6056] <... ftruncate resumed>) = 0 [pid 5064] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6060] <... prctl resumed>) = 0 [pid 6058] close(3 [pid 6056] sendfile(4, 5, NULL, 281474978811909 [pid 5064] close(3 [pid 6060] setpgid(0, 0 [pid 6058] <... close resumed>) = 0 [pid 6060] <... setpgid resumed>) = 0 [pid 6058] mkdir("./file0", 0777 [pid 5064] <... close resumed>) = 0 [pid 6060] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6058] <... mkdir resumed>) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6060] <... openat resumed>) = 3 [pid 6058] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6060] write(3, "1000", 4) = 4 [pid 5064] <... clone resumed>, child_tidptr=0x555556c965d0) = 6061 [pid 6060] close(3) = 0 [pid 6060] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6060] memfd_create("syzkaller", 0) = 3 [pid 6060] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 233.964038][ T6058] loop5: detected capacity change from 0 to 4096 ./strace-static-x86_64: Process 6061 attached [pid 6061] chdir("./81") = 0 [pid 6061] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6061] setpgid(0, 0) = 0 [pid 6061] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6061] write(3, "1000", 4) = 4 [pid 6061] close(3) = 0 [pid 6061] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6061] memfd_create("syzkaller", 0) = 3 [pid 6061] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6060] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6061] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6051] <... sendfile resumed>) = 1048576 [ 234.059691][ T6058] NILFS (loop5): invalid segment: Checksum error in segment payload [ 234.092875][ T6058] NILFS (loop5): trying rollback from an earlier position [pid 6051] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6051] exit_group(0) = ? [pid 6051] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6051, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=25 /* 0.25 s */} --- [pid 5068] umount2("./81", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./81", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] umount2("./81/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./81/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] unlink("./81/binderfs") = 0 [ 234.158395][ T6058] NILFS (loop5): recovery complete [pid 5068] umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6058] <... mount resumed>) = 0 [pid 6060] <... write resumed>) = 2097152 [pid 6058] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6060] munmap(0x7fc0314e0000, 2097152 [pid 6058] <... openat resumed>) = 3 [pid 6060] <... munmap resumed>) = 0 [pid 6058] chdir("./file0" [pid 6060] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6058] <... chdir resumed>) = 0 [pid 6061] <... write resumed>) = 2097152 [pid 6060] <... openat resumed>) = 4 [pid 6058] ioctl(4, LOOP_CLR_FD [pid 6061] munmap(0x7fc0314e0000, 2097152 [pid 6060] ioctl(4, LOOP_SET_FD, 3 [pid 6058] <... ioctl resumed>) = 0 [ 234.184370][ T6062] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6058] close(4) = 0 [pid 6061] <... munmap resumed>) = 0 [pid 6058] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6061] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6060] <... ioctl resumed>) = 0 [pid 6058] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6061] <... openat resumed>) = 4 [pid 6060] close(3 [pid 6058] <... open resumed>) = 5 [pid 6058] ftruncate(5, 33587195 [pid 6061] ioctl(4, LOOP_SET_FD, 3 [pid 6058] <... ftruncate resumed>) = 0 [pid 6058] sendfile(4, 5, NULL, 281474978811909 [pid 6061] <... ioctl resumed>) = 0 [pid 6060] <... close resumed>) = 0 [pid 6060] mkdir("./file0", 0777) = 0 [pid 6061] close(3 [pid 6060] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6061] <... close resumed>) = 0 [ 234.225244][ T6060] loop2: detected capacity change from 0 to 4096 [ 234.248599][ T6061] loop0: detected capacity change from 0 to 4096 [pid 6061] mkdir("./file0", 0777) = 0 [ 234.290394][ T6060] NILFS (loop2): invalid segment: Checksum error in segment payload [pid 6061] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] <... umount2 resumed>) = 0 [pid 5068] umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./81/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./81/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5068] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [ 234.333855][ T6061] NILFS (loop0): invalid segment: Checksum error in segment payload [ 234.353367][ T6060] NILFS (loop2): trying rollback from an earlier position [ 234.362305][ T6061] NILFS (loop0): trying rollback from an earlier position [pid 5068] close(4) = 0 [pid 5068] rmdir("./81/file0") = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5068] rmdir("./81") = 0 [pid 5068] mkdir("./82", 0777) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5068] close(3) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6064 [ 234.422288][ T6060] NILFS (loop2): recovery complete [ 234.440149][ T6061] NILFS (loop0): recovery complete [pid 6060] <... mount resumed>) = 0 [pid 6060] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6060] chdir("./file0") = 0 [pid 6060] ioctl(4, LOOP_CLR_FD) = 0 [pid 6060] close(4) = 0 [pid 6060] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6060] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6060] ftruncate(5, 33587195) = 0 [pid 6060] sendfile(4, 5, NULL, 281474978811909./strace-static-x86_64: Process 6064 attached [pid 6061] <... mount resumed>) = 0 [pid 6064] chdir("./82") = 0 [pid 6064] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6061] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6064] <... prctl resumed>) = 0 [pid 6061] <... openat resumed>) = 3 [pid 6064] setpgid(0, 0 [pid 6061] chdir("./file0" [pid 6064] <... setpgid resumed>) = 0 [pid 6064] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6064] write(3, "1000", 4) = 4 [pid 6064] close(3) = 0 [pid 6064] symlink("/dev/binderfs", "./binderfs") = 0 [ 234.471379][ T6063] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 234.499849][ T6065] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6064] memfd_create("syzkaller", 0 [pid 6061] <... chdir resumed>) = 0 [pid 6064] <... memfd_create resumed>) = 3 [pid 6061] ioctl(4, LOOP_CLR_FD [pid 6064] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6061] <... ioctl resumed>) = 0 [pid 6064] <... mmap resumed>) = 0x7fc0314e0000 [pid 6061] close(4) = 0 [pid 6061] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6061] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6061] ftruncate(5, 33587195) = 0 [pid 6061] sendfile(4, 5, NULL, 281474978811909 [pid 6064] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152 [pid 6064] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6064] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6064] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6064] close(3) = 0 [pid 6064] mkdir("./file0", 0777) = 0 [pid 6064] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [ 234.777905][ T6064] loop4: detected capacity change from 0 to 4096 [pid 6055] <... sendfile resumed>) = 1048576 [pid 6055] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6055] exit_group(0) = ? [pid 6055] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6055, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 5067] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5067] umount2("./81", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./81", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./81/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./81/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./81/binderfs") = 0 [ 234.858919][ T6064] NILFS (loop4): invalid segment: Checksum error in segment payload [ 234.925224][ T6064] NILFS (loop4): trying rollback from an earlier position [pid 5067] umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6064] <... mount resumed>) = 0 [pid 6064] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6064] chdir("./file0") = 0 [pid 6064] ioctl(4, LOOP_CLR_FD) = 0 [pid 6064] close(4) = 0 [pid 6064] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [ 235.002040][ T6064] NILFS (loop4): recovery complete [pid 6064] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6064] ftruncate(5, 33587195 [pid 5067] <... umount2 resumed>) = 0 [pid 6064] <... ftruncate resumed>) = 0 [pid 6064] sendfile(4, 5, NULL, 281474978811909 [pid 5067] umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./81/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./81/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./81/file0") = 0 [ 235.054183][ T6066] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./81") = 0 [pid 5067] mkdir("./82", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6067 ./strace-static-x86_64: Process 6067 attached [pid 6056] <... sendfile resumed>) = 1048576 [pid 6067] chdir("./82" [pid 6056] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6067] <... chdir resumed>) = 0 [pid 6067] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6056] <... open resumed>) = -1 EFAULT (Bad address) [pid 6067] <... prctl resumed>) = 0 [pid 6067] setpgid(0, 0 [pid 6056] exit_group(0 [pid 6067] <... setpgid resumed>) = 0 [pid 6056] <... exit_group resumed>) = ? [pid 6067] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6056] +++ exited with 0 +++ [pid 6067] <... openat resumed>) = 3 [pid 6067] write(3, "1000", 4) = 4 [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6056, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 6067] close(3) = 0 [pid 6067] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5065] umount2("./80", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6067] memfd_create("syzkaller", 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6067] <... memfd_create resumed>) = 3 [pid 5065] openat(AT_FDCWD, "./80", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6067] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./80/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./80/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] unlink("./80/binderfs") = 0 [pid 5065] umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6058] <... sendfile resumed>) = 1048576 [pid 6058] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6067] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6058] exit_group(0) = ? [pid 6058] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6058, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} --- [pid 5069] umount2("./82", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./82", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./82/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./82/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./82/binderfs") = 0 [pid 5069] umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6067] <... write resumed>) = 2097152 [pid 6067] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6067] ioctl(4, LOOP_SET_FD, 3 [pid 5065] <... umount2 resumed>) = 0 [pid 5065] umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./80/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./80/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(4, [pid 6067] <... ioctl resumed>) = 0 [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6067] close(3 [pid 5065] getdents64(4, [pid 6067] <... close resumed>) = 0 [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6067] mkdir("./file0", 0777 [pid 5065] close(4 [pid 6067] <... mkdir resumed>) = 0 [pid 5065] <... close resumed>) = 0 [ 235.437900][ T6067] loop3: detected capacity change from 0 to 4096 [pid 6067] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5065] rmdir("./80/file0") = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 5065] rmdir("./80") = 0 [pid 5065] mkdir("./81", 0777) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5065] close(3 [pid 6060] <... sendfile resumed>) = 1048576 [pid 5069] <... umount2 resumed>) = 0 [pid 5065] <... close resumed>) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6068 [pid 6060] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5069] umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6060] <... open resumed>) = -1 EFAULT (Bad address) ./strace-static-x86_64: Process 6068 attached [pid 6068] chdir("./81" [pid 6060] exit_group(0 [pid 5069] lstat("./82/file0", [pid 6068] <... chdir resumed>) = 0 [pid 6060] <... exit_group resumed>) = ? [pid 5069] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6068] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6068] setpgid(0, 0) = 0 [pid 6068] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6068] write(3, "1000", 4) = 4 [pid 6068] close(3) = 0 [pid 6068] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6068] memfd_create("syzkaller", 0) = 3 [pid 6068] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6060] +++ exited with 0 +++ [pid 5069] umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6060, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=25 /* 0.25 s */} --- [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./82/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] umount2("./81", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] <... openat resumed>) = 4 [pid 5066] openat(AT_FDCWD, "./81", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] fstat(4, [pid 5066] <... openat resumed>) = 3 [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] fstat(3, [pid 5069] getdents64(4, [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(3, [pid 5069] getdents64(4, [pid 5066] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] umount2("./81/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] close(4 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... close resumed>) = 0 [pid 5066] lstat("./81/binderfs", [pid 5069] rmdir("./82/file0" [pid 5066] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] unlink("./81/binderfs" [pid 5069] <... rmdir resumed>) = 0 [pid 5066] <... unlink resumed>) = 0 [pid 5069] getdents64(3, [pid 5066] umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [ 235.544678][ T6067] NILFS (loop3): invalid segment: Checksum error in segment payload [ 235.552879][ T6067] NILFS (loop3): trying rollback from an earlier position [pid 6068] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5069] close(3) = 0 [pid 5069] rmdir("./82") = 0 [pid 5069] mkdir("./83", 0777) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5069] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6070 [ 235.620255][ T6067] NILFS (loop3): recovery complete [pid 6067] <... mount resumed>) = 0 [pid 6067] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6067] chdir("./file0") = 0 [pid 6067] ioctl(4, LOOP_CLR_FD) = 0 [pid 6067] close(4) = 0 [pid 6067] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6067] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6067] ftruncate(5, 33587195) = 0 [pid 6067] sendfile(4, 5, NULL, 281474978811909./strace-static-x86_64: Process 6070 attached [pid 6070] chdir("./83" [pid 6068] <... write resumed>) = 2097152 [pid 6070] <... chdir resumed>) = 0 [pid 6070] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6070] setpgid(0, 0 [pid 6068] munmap(0x7fc0314e0000, 2097152 [pid 6070] <... setpgid resumed>) = 0 [pid 6070] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6068] <... munmap resumed>) = 0 [pid 6070] <... openat resumed>) = 3 [pid 6070] write(3, "1000", 4) = 4 [pid 6070] close(3) = 0 [ 235.655868][ T6069] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6070] symlink("/dev/binderfs", "./binderfs" [pid 6068] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6070] <... symlink resumed>) = 0 [pid 6068] <... openat resumed>) = 4 [pid 6070] memfd_create("syzkaller", 0 [pid 6068] ioctl(4, LOOP_SET_FD, 3 [pid 6070] <... memfd_create resumed>) = 3 [pid 6070] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6068] <... ioctl resumed>) = 0 [pid 6068] close(3) = 0 [pid 6068] mkdir("./file0", 0777) = 0 [pid 6068] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6061] <... sendfile resumed>) = 1048576 [pid 6061] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6061] exit_group(0) = ? [pid 6061] +++ exited with 0 +++ [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6061, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=25 /* 0.25 s */} --- [ 235.732311][ T6068] loop1: detected capacity change from 0 to 4096 [pid 5064] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 6070] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5064] umount2("./81", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./81", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5064] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] <... umount2 resumed>) = 0 [pid 5064] getdents64(3, [pid 6070] <... write resumed>) = 2097152 [pid 5066] umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6070] munmap(0x7fc0314e0000, 2097152 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] umount2("./81/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6070] <... munmap resumed>) = 0 [pid 5066] lstat("./81/file0", [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6070] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5066] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] lstat("./81/binderfs", [pid 6070] <... openat resumed>) = 4 [pid 5066] umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6070] ioctl(4, LOOP_SET_FD, 3 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] unlink("./81/binderfs" [pid 6070] <... ioctl resumed>) = 0 [pid 5066] openat(AT_FDCWD, "./81/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] <... unlink resumed>) = 0 [pid 5066] <... openat resumed>) = 4 [pid 5064] umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW [ 235.846895][ T6068] NILFS (loop1): invalid segment: Checksum error in segment payload [ 235.854973][ T6068] NILFS (loop1): trying rollback from an earlier position [pid 5066] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 5066] rmdir("./81/file0" [pid 6070] close(3 [pid 5066] <... rmdir resumed>) = 0 [pid 6070] <... close resumed>) = 0 [pid 5066] getdents64(3, [pid 6070] mkdir("./file0", 0777 [pid 5066] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] close(3 [pid 6070] <... mkdir resumed>) = 0 [pid 6070] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5066] <... close resumed>) = 0 [pid 5066] rmdir("./81") = 0 [pid 5066] mkdir("./82", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5066] close(3) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6071 ./strace-static-x86_64: Process 6071 attached [pid 6071] chdir("./82") = 0 [pid 6071] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 235.888149][ T6070] loop5: detected capacity change from 0 to 4096 [pid 6071] setpgid(0, 0) = 0 [pid 6071] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6071] write(3, "1000", 4) = 4 [pid 6071] close(3) = 0 [pid 6071] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6071] memfd_create("syzkaller", 0) = 3 [pid 6071] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 235.973496][ T6070] NILFS (loop5): invalid segment: Checksum error in segment payload [ 235.982622][ T6068] NILFS (loop1): recovery complete [pid 6068] <... mount resumed>) = 0 [pid 6068] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6068] chdir("./file0") = 0 [pid 6068] ioctl(4, LOOP_CLR_FD) = 0 [pid 6068] close(4 [pid 6071] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6068] <... close resumed>) = 0 [pid 6064] <... sendfile resumed>) = 1048576 [pid 6068] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6064] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6068] <... open resumed>) = 4 [pid 6064] <... open resumed>) = -1 EFAULT (Bad address) [pid 6068] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6064] exit_group(0 [pid 6068] <... open resumed>) = 5 [pid 6064] <... exit_group resumed>) = ? [pid 6068] ftruncate(5, 33587195) = 0 [pid 6068] sendfile(4, 5, NULL, 281474978811909 [pid 6064] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6064, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [ 236.023446][ T6072] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 236.034792][ T6070] NILFS (loop5): trying rollback from an earlier position [pid 5068] umount2("./82", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./82", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6070] <... mount resumed>) = 0 [pid 5068] <... openat resumed>) = 3 [pid 5064] <... umount2 resumed>) = 0 [pid 6070] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5068] fstat(3, [pid 6070] <... openat resumed>) = 3 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6070] chdir("./file0" [pid 5068] getdents64(3, [pid 6070] <... chdir resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6071] <... write resumed>) = 2097152 [pid 6070] ioctl(4, LOOP_CLR_FD [pid 5068] umount2("./82/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] lstat("./81/file0", [pid 6071] munmap(0x7fc0314e0000, 2097152 [pid 6070] <... ioctl resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6071] <... munmap resumed>) = 0 [pid 6070] close(4 [pid 5068] lstat("./82/binderfs", [pid 5064] umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6071] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6070] <... close resumed>) = 0 [pid 5068] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6071] <... openat resumed>) = 4 [pid 6070] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] unlink("./82/binderfs" [pid 5064] openat(AT_FDCWD, "./81/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6071] ioctl(4, LOOP_SET_FD, 3 [pid 5068] <... unlink resumed>) = 0 [pid 5064] <... openat resumed>) = 4 [pid 6070] <... open resumed>) = 4 [pid 5068] umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] fstat(4, [pid 6070] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6071] <... ioctl resumed>) = 0 [pid 5064] getdents64(4, [pid 6071] close(3 [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6071] <... close resumed>) = 0 [pid 6070] <... open resumed>) = 5 [pid 5064] getdents64(4, [pid 6071] mkdir("./file0", 0777 [pid 6070] ftruncate(5, 33587195 [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6071] <... mkdir resumed>) = 0 [pid 6070] <... ftruncate resumed>) = 0 [pid 5064] close(4 [pid 6071] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6070] sendfile(4, 5, NULL, 281474978811909 [pid 5064] <... close resumed>) = 0 [pid 5064] rmdir("./81/file0") = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] close(3) = 0 [pid 5064] rmdir("./81") = 0 [ 236.088551][ T6070] NILFS (loop5): recovery complete [ 236.100104][ T6073] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 236.122919][ T6071] loop2: detected capacity change from 0 to 4096 [pid 5064] mkdir("./82", 0777) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5064] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5064] close(3) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6074 ./strace-static-x86_64: Process 6074 attached [pid 6074] chdir("./82") = 0 [pid 6074] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6074] setpgid(0, 0) = 0 [pid 6074] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6074] write(3, "1000", 4) = 4 [pid 6074] close(3) = 0 [pid 6074] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6074] memfd_create("syzkaller", 0) = 3 [pid 6074] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 236.206998][ T6071] NILFS (loop2): invalid segment: Checksum error in segment payload [ 236.298172][ T6071] NILFS (loop2): trying rollback from an earlier position [pid 6074] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5068] <... umount2 resumed>) = 0 [pid 5068] umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./82/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./82/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5068] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [ 236.394132][ T6071] NILFS (loop2): recovery complete [pid 5068] rmdir("./82/file0" [pid 6074] <... write resumed>) = 2097152 [pid 5068] <... rmdir resumed>) = 0 [pid 5068] getdents64(3, [pid 6074] munmap(0x7fc0314e0000, 2097152 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] close(3 [pid 6074] <... munmap resumed>) = 0 [pid 6071] <... mount resumed>) = 0 [pid 5068] <... close resumed>) = 0 [pid 6074] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6071] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6074] <... openat resumed>) = 4 [pid 6071] <... openat resumed>) = 3 [pid 6074] ioctl(4, LOOP_SET_FD, 3 [pid 6071] chdir("./file0") = 0 [pid 5068] rmdir("./82" [pid 6071] ioctl(4, LOOP_CLR_FD) = 0 [pid 6071] close(4) = 0 [pid 6071] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] <... rmdir resumed>) = 0 [pid 6074] <... ioctl resumed>) = 0 [pid 6074] close(3) = 0 [pid 6074] mkdir("./file0", 0777) = 0 [pid 6071] <... open resumed>) = 4 [pid 5068] mkdir("./83", 0777 [pid 6071] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6071] ftruncate(5, 33587195) = 0 [pid 5068] <... mkdir resumed>) = 0 [pid 6071] sendfile(4, 5, NULL, 281474978811909 [ 236.473145][ T6075] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 236.477785][ T6074] loop0: detected capacity change from 0 to 4096 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5068] close(3) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6076 attached [pid 6074] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 6076 [pid 6076] chdir("./83") = 0 [pid 6076] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6076] setpgid(0, 0) = 0 [pid 6076] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6076] write(3, "1000", 4) = 4 [pid 6076] close(3) = 0 [pid 6076] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6076] memfd_create("syzkaller", 0) = 3 [pid 6076] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 236.623612][ T6074] NILFS (loop0): invalid segment: Checksum error in segment payload [pid 6076] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6067] <... sendfile resumed>) = 1048576 [pid 6067] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6067] exit_group(0) = ? [pid 6067] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6067, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=26 /* 0.26 s */} --- [pid 5067] umount2("./82", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./82", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./82/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./82/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./82/binderfs") = 0 [ 236.676487][ T6074] NILFS (loop0): trying rollback from an earlier position [pid 5067] umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6074] <... mount resumed>) = 0 [pid 6074] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6074] chdir("./file0") = 0 [pid 6074] ioctl(4, LOOP_CLR_FD) = 0 [pid 6074] close(4) = 0 [pid 6074] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6074] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6074] ftruncate(5, 33587195) = 0 [ 236.734704][ T6074] NILFS (loop0): recovery complete [ 236.747204][ T6077] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6074] sendfile(4, 5, NULL, 281474978811909 [pid 6076] <... write resumed>) = 2097152 [pid 6076] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6076] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6076] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6076] close(3) = 0 [pid 6076] mkdir("./file0", 0777) = 0 [ 236.848812][ T6076] loop4: detected capacity change from 0 to 4096 [ 236.906495][ T6076] NILFS (loop4): invalid segment: Checksum error in segment payload [ 236.914587][ T6076] NILFS (loop4): trying rollback from an earlier position [pid 6076] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5067] <... umount2 resumed>) = 0 [pid 6076] <... mount resumed>) = 0 [pid 5067] umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./82/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6076] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5067] umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./82/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6076] <... openat resumed>) = 3 [pid 5067] fstat(4, [pid 6076] chdir("./file0" [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, [pid 6076] <... chdir resumed>) = 0 [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4 [pid 6076] ioctl(4, LOOP_CLR_FD [pid 5067] <... close resumed>) = 0 [pid 6076] <... ioctl resumed>) = 0 [pid 5067] rmdir("./82/file0" [pid 6076] close(4 [pid 5067] <... rmdir resumed>) = 0 [pid 6076] <... close resumed>) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./82") = 0 [pid 6076] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] mkdir("./83", 0777 [pid 6076] <... open resumed>) = 4 [pid 5067] <... mkdir resumed>) = 0 [pid 6076] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 6076] <... open resumed>) = 5 [pid 5067] ioctl(3, LOOP_CLR_FD [pid 6076] ftruncate(5, 33587195 [pid 5067] <... ioctl resumed>) = -1 ENXIO (No such device or address) [ 236.992617][ T6076] NILFS (loop4): recovery complete [ 237.007671][ T6079] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5067] close(3 [pid 6076] <... ftruncate resumed>) = 0 [pid 5067] <... close resumed>) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6076] sendfile(4, 5, NULL, 281474978811909 [pid 5067] <... clone resumed>, child_tidptr=0x555556c965d0) = 6080 ./strace-static-x86_64: Process 6080 attached [pid 6080] chdir("./83") = 0 [pid 6080] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6080] setpgid(0, 0) = 0 [pid 6080] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6080] write(3, "1000", 4) = 4 [pid 6080] close(3) = 0 [pid 6080] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6080] memfd_create("syzkaller", 0) = 3 [pid 6080] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6080] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152 [pid 6070] <... sendfile resumed>) = 1048576 [pid 6068] <... sendfile resumed>) = 1048576 [pid 6080] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6080] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6080] ioctl(4, LOOP_SET_FD, 3 [pid 6070] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6068] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6070] <... open resumed>) = -1 EFAULT (Bad address) [pid 6080] <... ioctl resumed>) = 0 [pid 6070] exit_group(0 [pid 6068] <... open resumed>) = -1 EFAULT (Bad address) [pid 6080] close(3 [pid 6070] <... exit_group resumed>) = ? [pid 6068] exit_group(0 [pid 6080] <... close resumed>) = 0 [pid 6070] +++ exited with 0 +++ [pid 6068] <... exit_group resumed>) = ? [pid 6080] mkdir("./file0", 0777 [pid 6068] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6070, si_uid=0, si_status=0, si_utime=0, si_stime=22 /* 0.22 s */} --- [pid 6080] <... mkdir resumed>) = 0 [pid 6080] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5069] umount2("./83", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6068, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=24 /* 0.24 s */} --- [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./83", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [ 237.296505][ T6080] loop3: detected capacity change from 0 to 4096 [ 237.326615][ T6080] NILFS (loop3): invalid segment: Checksum error in segment payload [pid 5065] umount2("./81", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] umount2("./83/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./81", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] lstat("./83/binderfs", [pid 5065] <... openat resumed>) = 3 [pid 5069] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] fstat(3, [pid 5069] unlink("./83/binderfs" [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] <... unlink resumed>) = 0 [pid 5065] getdents64(3, [pid 5069] umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./81/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./81/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] unlink("./81/binderfs") = 0 [ 237.343343][ T6080] NILFS (loop3): trying rollback from an earlier position [ 237.370328][ T6080] NILFS (loop3): recovery complete [pid 5065] umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6080] <... mount resumed>) = 0 [pid 6080] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6080] chdir("./file0") = 0 [pid 6080] ioctl(4, LOOP_CLR_FD) = 0 [pid 6080] close(4) = 0 [pid 6080] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6080] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6080] ftruncate(5, 33587195) = 0 [ 237.436087][ T6082] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6080] sendfile(4, 5, NULL, 281474978811909 [pid 5065] <... umount2 resumed>) = 0 [pid 5065] umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./81/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./81/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] <... umount2 resumed>) = 0 [pid 5065] close(4 [pid 5069] umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] <... close resumed>) = 0 [pid 5069] lstat("./83/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] rmdir("./81/file0" [pid 6071] <... sendfile resumed>) = 1048576 [pid 5069] openat(AT_FDCWD, "./83/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] <... rmdir resumed>) = 0 [pid 6071] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5069] <... openat resumed>) = 4 [pid 6071] <... open resumed>) = -1 EFAULT (Bad address) [pid 5069] fstat(4, [pid 6071] exit_group(0 [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, [pid 6071] <... exit_group resumed>) = ? [pid 5069] getdents64(4, [pid 6071] +++ exited with 0 +++ [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 5069] rmdir("./83/file0") = 0 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6071, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5065] close(3 [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3 [pid 5065] <... close resumed>) = 0 [pid 5069] <... close resumed>) = 0 [pid 5065] rmdir("./81" [pid 5069] rmdir("./83") = 0 [pid 5065] <... rmdir resumed>) = 0 [pid 5069] mkdir("./84", 0777) = 0 [pid 5065] mkdir("./82", 0777 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5066] umount2("./82", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... openat resumed>) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5065] <... mkdir resumed>) = 0 [pid 5069] close(3 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... close resumed>) = 0 [pid 5066] openat(AT_FDCWD, "./82", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5066] <... openat resumed>) = 3 [pid 5065] <... openat resumed>) = 3 [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 6083 [pid 5066] fstat(3, [pid 5065] ioctl(3, LOOP_CLR_FD [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5066] getdents64(3, [pid 5065] close(3./strace-static-x86_64: Process 6083 attached [pid 5066] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] <... close resumed>) = 0 [pid 6083] chdir("./84" [pid 5066] umount2("./82/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6083] <... chdir resumed>) = 0 [pid 6083] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6083] setpgid(0, 0) = 0 [pid 6083] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6083] write(3, "1000", 4) = 4 [pid 6083] close(3 [pid 5066] lstat("./82/binderfs", [pid 6083] <... close resumed>) = 0 [pid 6083] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5066] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] <... clone resumed>, child_tidptr=0x555556c965d0) = 6084 [pid 6083] memfd_create("syzkaller", 0 [pid 5066] unlink("./82/binderfs" [pid 6083] <... memfd_create resumed>) = 3 [pid 6083] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 ./strace-static-x86_64: Process 6084 attached [pid 5066] <... unlink resumed>) = 0 [pid 6084] chdir("./82" [pid 5066] umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6084] <... chdir resumed>) = 0 [pid 6084] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6084] setpgid(0, 0) = 0 [pid 6084] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6084] write(3, "1000", 4) = 4 [pid 6084] close(3) = 0 [pid 6084] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6084] memfd_create("syzkaller", 0) = 3 [pid 6084] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6083] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6084] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6083] <... write resumed>) = 2097152 [pid 6083] munmap(0x7fc0314e0000, 2097152 [pid 6084] <... write resumed>) = 2097152 [pid 6083] <... munmap resumed>) = 0 [pid 6083] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 6083] ioctl(4, LOOP_SET_FD, 3 [pid 5066] <... umount2 resumed>) = 0 [pid 5066] umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./82/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./82/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6084] munmap(0x7fc0314e0000, 2097152 [pid 6074] <... sendfile resumed>) = 1048576 [pid 5066] <... openat resumed>) = 4 [pid 6084] <... munmap resumed>) = 0 [pid 6074] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5066] fstat(4, [pid 6084] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6074] <... open resumed>) = -1 EFAULT (Bad address) [pid 6084] <... openat resumed>) = 4 [pid 6074] exit_group(0 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6084] ioctl(4, LOOP_SET_FD, 3 [pid 6083] <... ioctl resumed>) = 0 [pid 6074] <... exit_group resumed>) = ? [pid 5066] getdents64(4, [pid 6083] close(3) = 0 [pid 6083] mkdir("./file0", 0777 [pid 6074] +++ exited with 0 +++ [pid 6083] <... mkdir resumed>) = 0 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6083] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5066] getdents64(4, [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6074, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=24 /* 0.24 s */} --- [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5064] umount2("./82", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] close(4 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... close resumed>) = 0 [pid 5064] openat(AT_FDCWD, "./82", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6084] <... ioctl resumed>) = 0 [pid 5066] rmdir("./82/file0" [pid 5064] <... openat resumed>) = 3 [pid 6084] close(3 [pid 5066] <... rmdir resumed>) = 0 [pid 6084] <... close resumed>) = 0 [pid 5066] getdents64(3, [pid 6084] mkdir("./file0", 0777 [pid 5066] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] fstat(3, [pid 6084] <... mkdir resumed>) = 0 [pid 5066] close(3 [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6084] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6076] <... sendfile resumed>) = 1048576 [pid 5064] getdents64(3, [pid 6076] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5064] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6076] <... open resumed>) = -1 EFAULT (Bad address) [pid 5064] umount2("./82/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6076] exit_group(0 [pid 5066] <... close resumed>) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 237.928176][ T6083] loop5: detected capacity change from 0 to 4096 [ 237.964953][ T6084] loop1: detected capacity change from 0 to 4096 [pid 6076] <... exit_group resumed>) = ? [pid 5064] lstat("./82/binderfs", [pid 6076] +++ exited with 0 +++ [pid 5066] rmdir("./82" [pid 5064] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] unlink("./82/binderfs") = 0 [pid 5064] umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6076, si_uid=0, si_status=0, si_utime=0, si_stime=28 /* 0.28 s */} --- [pid 5066] <... rmdir resumed>) = 0 [pid 5066] mkdir("./83", 0777) = 0 [pid 5068] umount2("./83", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... openat resumed>) = 3 [pid 5068] openat(AT_FDCWD, "./83", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] ioctl(3, LOOP_CLR_FD [pid 5068] <... openat resumed>) = 3 [pid 5066] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5068] fstat(3, [pid 5066] close(3 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] <... close resumed>) = 0 [pid 5068] getdents64(3, [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] umount2("./83/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... clone resumed>, child_tidptr=0x555556c965d0) = 6085 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./83/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] unlink("./83/binderfs") = 0 [ 237.999311][ T6083] NILFS (loop5): invalid segment: Checksum error in segment payload [ 238.010501][ T6083] NILFS (loop5): trying rollback from an earlier position [ 238.034765][ T6084] NILFS (loop1): invalid segment: Checksum error in segment payload [pid 5068] umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6085 attached [pid 6085] chdir("./83") = 0 [pid 6085] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6085] setpgid(0, 0) = 0 [pid 6085] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6085] write(3, "1000", 4) = 4 [pid 6083] <... mount resumed>) = 0 [pid 6085] close(3 [pid 6083] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6085] <... close resumed>) = 0 [pid 6083] <... openat resumed>) = 3 [pid 6085] symlink("/dev/binderfs", "./binderfs" [pid 6083] chdir("./file0") = 0 [pid 6083] ioctl(4, LOOP_CLR_FD [pid 6085] <... symlink resumed>) = 0 [pid 6083] <... ioctl resumed>) = 0 [pid 6083] close(4 [pid 6085] memfd_create("syzkaller", 0 [pid 6083] <... close resumed>) = 0 [pid 6083] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6085] <... memfd_create resumed>) = 3 [pid 6085] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6083] <... open resumed>) = 4 [pid 6083] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6085] <... mmap resumed>) = 0x7fc0314e0000 [pid 6083] <... open resumed>) = 5 [ 238.061514][ T6083] NILFS (loop5): recovery complete [ 238.074107][ T6084] NILFS (loop1): trying rollback from an earlier position [ 238.099383][ T6086] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6083] ftruncate(5, 33587195) = 0 [pid 6083] sendfile(4, 5, NULL, 281474978811909 [ 238.136221][ T6084] NILFS (loop1): recovery complete [pid 6085] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6084] <... mount resumed>) = 0 [pid 6084] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6084] chdir("./file0") = 0 [pid 6084] ioctl(4, LOOP_CLR_FD) = 0 [pid 6084] close(4) = 0 [pid 6084] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6084] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6084] ftruncate(5, 33587195) = 0 [ 238.187056][ T6087] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6084] sendfile(4, 5, NULL, 281474978811909 [pid 5064] <... umount2 resumed>) = 0 [pid 5068] <... umount2 resumed>) = 0 [pid 5064] umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./82/file0", [pid 5068] umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./83/file0", [pid 5064] umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] openat(AT_FDCWD, "./82/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... openat resumed>) = 4 [pid 5068] openat(AT_FDCWD, "./83/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] fstat(4, [pid 5068] <... openat resumed>) = 4 [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] fstat(4, [pid 5064] getdents64(4, [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, [pid 5064] getdents64(4, [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] getdents64(4, [pid 5064] close(4 [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] <... close resumed>) = 0 [pid 5068] close(4 [pid 5064] rmdir("./82/file0" [pid 5068] <... close resumed>) = 0 [pid 5064] <... rmdir resumed>) = 0 [pid 5068] rmdir("./83/file0" [pid 5064] getdents64(3, [pid 5068] <... rmdir resumed>) = 0 [pid 5064] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] getdents64(3, [pid 5064] close(3 [pid 6085] <... write resumed>) = 2097152 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] <... close resumed>) = 0 [pid 6085] munmap(0x7fc0314e0000, 2097152 [pid 5068] close(3 [pid 5064] rmdir("./82" [pid 6085] <... munmap resumed>) = 0 [pid 5068] <... close resumed>) = 0 [pid 6085] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5068] rmdir("./83" [pid 5064] <... rmdir resumed>) = 0 [pid 6085] ioctl(4, LOOP_SET_FD, 3 [pid 5068] <... rmdir resumed>) = 0 [pid 5064] mkdir("./83", 0777 [pid 6085] <... ioctl resumed>) = 0 [pid 5068] mkdir("./84", 0777 [pid 6085] close(3 [pid 5064] <... mkdir resumed>) = 0 [pid 6085] <... close resumed>) = 0 [pid 6085] mkdir("./file0", 0777 [pid 5068] <... mkdir resumed>) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6085] <... mkdir resumed>) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6085] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] <... openat resumed>) = 3 [pid 5064] <... openat resumed>) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5064] ioctl(3, LOOP_CLR_FD [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5064] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5068] close(3 [pid 5064] close(3 [pid 5068] <... close resumed>) = 0 [pid 5064] <... close resumed>) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 6088 [pid 5064] <... clone resumed>, child_tidptr=0x555556c965d0) = 6089 ./strace-static-x86_64: Process 6088 attached [ 238.373885][ T6085] loop2: detected capacity change from 0 to 4096 [ 238.412057][ T6085] NILFS (loop2): invalid segment: Checksum error in segment payload [pid 6088] chdir("./84") = 0 ./strace-static-x86_64: Process 6089 attached [pid 6088] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6089] chdir("./83" [pid 6088] setpgid(0, 0 [pid 6089] <... chdir resumed>) = 0 [pid 6088] <... setpgid resumed>) = 0 [pid 6089] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6088] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6089] <... prctl resumed>) = 0 [pid 6088] <... openat resumed>) = 3 [pid 6088] write(3, "1000", 4) = 4 [pid 6088] close(3) = 0 [pid 6088] symlink("/dev/binderfs", "./binderfs" [pid 6089] setpgid(0, 0 [pid 6088] <... symlink resumed>) = 0 [pid 6089] <... setpgid resumed>) = 0 [pid 6088] memfd_create("syzkaller", 0 [pid 6089] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6088] <... memfd_create resumed>) = 3 [pid 6089] <... openat resumed>) = 3 [pid 6088] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6089] write(3, "1000", 4 [pid 6088] <... mmap resumed>) = 0x7fc0314e0000 [pid 6089] <... write resumed>) = 4 [ 238.430331][ T6085] NILFS (loop2): trying rollback from an earlier position [pid 6089] close(3) = 0 [ 238.490861][ T6085] NILFS (loop2): recovery complete [pid 6089] symlink("/dev/binderfs", "./binderfs" [pid 6085] <... mount resumed>) = 0 [pid 6085] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6085] chdir("./file0" [pid 6089] <... symlink resumed>) = 0 [pid 6085] <... chdir resumed>) = 0 [pid 6089] memfd_create("syzkaller", 0 [pid 6085] ioctl(4, LOOP_CLR_FD) = 0 [pid 6085] close(4) = 0 [pid 6089] <... memfd_create resumed>) = 3 [pid 6085] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6089] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6085] <... open resumed>) = 4 [pid 6085] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6085] ftruncate(5, 33587195) = 0 [pid 6085] sendfile(4, 5, NULL, 281474978811909 [ 238.513429][ T6091] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6088] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6089] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6080] <... sendfile resumed>) = 1048576 [pid 6080] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6080] exit_group(0) = ? [pid 6080] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6080, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5067] umount2("./83", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./83", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./83/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./83/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6089] <... write resumed>) = 2097152 [pid 6088] <... write resumed>) = 2097152 [pid 5067] unlink("./83/binderfs") = 0 [pid 6089] munmap(0x7fc0314e0000, 2097152 [pid 5067] umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6088] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6088] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6088] ioctl(4, LOOP_SET_FD, 3 [pid 6089] <... munmap resumed>) = 0 [pid 6089] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6089] ioctl(4, LOOP_SET_FD, 3 [pid 6088] <... ioctl resumed>) = 0 [pid 6088] close(3) = 0 [pid 6088] mkdir("./file0", 0777 [pid 6089] <... ioctl resumed>) = 0 [pid 6089] close(3) = 0 [pid 6089] mkdir("./file0", 0777) = 0 [pid 6088] <... mkdir resumed>) = 0 [pid 6088] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [ 238.713056][ T6088] loop4: detected capacity change from 0 to 4096 [ 238.737233][ T6089] loop0: detected capacity change from 0 to 4096 [ 238.790413][ T6088] NILFS (loop4): invalid segment: Checksum error in segment payload [ 238.808583][ T6089] NILFS (loop0): invalid segment: Checksum error in segment payload [ 238.856730][ T6088] NILFS (loop4): trying rollback from an earlier position [ 238.873826][ T6089] NILFS (loop0): trying rollback from an earlier position [pid 6089] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5067] <... umount2 resumed>) = 0 [pid 5067] umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./83/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 238.933763][ T6088] NILFS (loop4): recovery complete [pid 5067] openat(AT_FDCWD, "./83/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6088] <... mount resumed>) = 0 [pid 5067] fstat(4, [pid 6088] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6088] <... openat resumed>) = 3 [pid 5067] getdents64(4, [pid 6088] chdir("./file0" [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6088] <... chdir resumed>) = 0 [pid 5067] getdents64(4, [pid 6088] ioctl(4, LOOP_CLR_FD [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6088] <... ioctl resumed>) = 0 [pid 6088] close(4 [pid 5067] close(4 [pid 6088] <... close resumed>) = 0 [pid 6088] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] <... close resumed>) = 0 [pid 5067] rmdir("./83/file0") = 0 [pid 6088] <... open resumed>) = 4 [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6088] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] close(3 [pid 6088] <... open resumed>) = 5 [pid 5067] <... close resumed>) = 0 [pid 6088] ftruncate(5, 33587195 [pid 5067] rmdir("./83" [pid 6088] <... ftruncate resumed>) = 0 [ 238.967943][ T6094] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 238.975619][ T6089] NILFS (loop0): recovery complete [pid 6088] sendfile(4, 5, NULL, 281474978811909 [pid 5067] <... rmdir resumed>) = 0 [pid 5067] mkdir("./84", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 6089] <... mount resumed>) = 0 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] close(3) = 0 [pid 6089] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6089] <... openat resumed>) = 3 [pid 5067] <... clone resumed>, child_tidptr=0x555556c965d0) = 6097 ./strace-static-x86_64: Process 6097 attached [pid 6097] chdir("./84") = 0 [pid 6089] chdir("./file0" [pid 6097] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6089] <... chdir resumed>) = 0 [pid 6097] <... prctl resumed>) = 0 [ 239.045208][ T6095] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6089] ioctl(4, LOOP_CLR_FD [pid 6097] setpgid(0, 0 [pid 6089] <... ioctl resumed>) = 0 [pid 6097] <... setpgid resumed>) = 0 [pid 6089] close(4 [pid 6097] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6089] <... close resumed>) = 0 [pid 6097] <... openat resumed>) = 3 [pid 6097] write(3, "1000", 4) = 4 [pid 6097] close(3) = 0 [pid 6097] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6097] memfd_create("syzkaller", 0) = 3 [pid 6097] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6089] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6083] <... sendfile resumed>) = 1048576 [pid 6097] <... mmap resumed>) = 0x7fc0314e0000 [pid 6089] <... open resumed>) = 4 [pid 6083] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6089] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6083] <... open resumed>) = -1 EFAULT (Bad address) [pid 6089] <... open resumed>) = 5 [pid 6089] ftruncate(5, 33587195 [pid 6083] exit_group(0 [pid 6089] <... ftruncate resumed>) = 0 [pid 6089] sendfile(4, 5, NULL, 281474978811909 [pid 6083] <... exit_group resumed>) = ? [pid 6097] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6083] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6083, si_uid=0, si_status=0, si_utime=0, si_stime=24 /* 0.24 s */} --- [pid 5069] umount2("./84", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./84", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./84/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./84/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./84/binderfs") = 0 [pid 5069] umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6097] <... write resumed>) = 2097152 [pid 6097] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6097] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6097] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6097] close(3 [pid 6084] <... sendfile resumed>) = 1048576 [pid 6084] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6084] exit_group(0) = ? [pid 6084] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6084, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=25 /* 0.25 s */} --- [pid 5065] umount2("./82", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./82", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, [pid 6097] <... close resumed>) = 0 [pid 5065] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6097] mkdir("./file0", 0777 [pid 5065] umount2("./82/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6097] <... mkdir resumed>) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6097] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5065] lstat("./82/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] unlink("./82/binderfs") = 0 [ 239.378854][ T6097] loop3: detected capacity change from 0 to 4096 [pid 5065] umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... umount2 resumed>) = 0 [pid 5069] umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./84/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./84/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [ 239.467460][ T6097] NILFS (loop3): invalid segment: Checksum error in segment payload [pid 5069] close(4) = 0 [pid 5069] rmdir("./84/file0") = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./84") = 0 [pid 5069] mkdir("./85", 0777) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5069] close(3) = 0 [pid 6085] <... sendfile resumed>) = 1048576 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6085] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 6098 [pid 6085] exit_group(0) = ? ./strace-static-x86_64: Process 6098 attached [pid 6085] +++ exited with 0 +++ [pid 6098] chdir("./85") = 0 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6085, si_uid=0, si_status=0, si_utime=0, si_stime=28 /* 0.28 s */} --- [ 239.528280][ T6097] NILFS (loop3): trying rollback from an earlier position [pid 6098] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5066] restart_syscall(<... resuming interrupted clone ...> [pid 6098] <... prctl resumed>) = 0 [pid 5066] <... restart_syscall resumed>) = 0 [pid 5065] <... umount2 resumed>) = 0 [pid 6098] setpgid(0, 0) = 0 [pid 6098] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5066] umount2("./83", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6098] <... openat resumed>) = 3 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6098] write(3, "1000", 4 [pid 5066] openat(AT_FDCWD, "./83", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6098] <... write resumed>) = 4 [pid 5066] <... openat resumed>) = 3 [pid 5065] umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6098] close(3 [pid 5066] fstat(3, [pid 6098] <... close resumed>) = 0 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6098] symlink("/dev/binderfs", "./binderfs" [pid 5066] getdents64(3, [pid 6098] <... symlink resumed>) = 0 [pid 5066] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] lstat("./82/file0", [pid 6098] memfd_create("syzkaller", 0 [pid 5066] umount2("./83/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6098] <... memfd_create resumed>) = 3 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6098] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5066] lstat("./83/binderfs", [pid 5065] umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6098] <... mmap resumed>) = 0x7fc0314e0000 [pid 5066] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] unlink("./83/binderfs") = 0 [pid 5066] umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./82/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [ 239.631980][ T6097] NILFS (loop3): recovery complete [pid 5065] rmdir("./82/file0") = 0 [pid 6097] <... mount resumed>) = 0 [pid 6097] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5065] getdents64(3, [pid 6097] chdir("./file0") = 0 [pid 5065] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6097] ioctl(4, LOOP_CLR_FD) = 0 [pid 5065] close(3 [pid 6097] close(4 [pid 6098] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6097] <... close resumed>) = 0 [pid 5065] <... close resumed>) = 0 [pid 6097] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5065] rmdir("./82" [pid 6097] <... open resumed>) = 4 [pid 6097] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5065] <... rmdir resumed>) = 0 [pid 6097] ftruncate(5, 33587195 [pid 5065] mkdir("./83", 0777 [pid 6097] <... ftruncate resumed>) = 0 [pid 6097] sendfile(4, 5, NULL, 281474978811909 [pid 5065] <... mkdir resumed>) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5065] close(3) = 0 [ 239.680916][ T6099] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6100 ./strace-static-x86_64: Process 6100 attached [pid 6100] chdir("./83") = 0 [pid 6100] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6098] <... write resumed>) = 2097152 [pid 5066] <... umount2 resumed>) = 0 [pid 5066] umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6100] setpgid(0, 0 [pid 6098] munmap(0x7fc0314e0000, 2097152 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6100] <... setpgid resumed>) = 0 [pid 6100] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6098] <... munmap resumed>) = 0 [pid 5066] lstat("./83/file0", [pid 6100] <... openat resumed>) = 3 [pid 6098] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5066] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6100] write(3, "1000", 4 [pid 6098] <... openat resumed>) = 4 [pid 5066] umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6100] <... write resumed>) = 4 [pid 6098] ioctl(4, LOOP_SET_FD, 3 [pid 6100] close(3 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6100] <... close resumed>) = 0 [pid 6098] <... ioctl resumed>) = 0 [pid 5066] openat(AT_FDCWD, "./83/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6100] symlink("/dev/binderfs", "./binderfs" [pid 6098] close(3 [pid 5066] <... openat resumed>) = 4 [pid 6100] <... symlink resumed>) = 0 [pid 6098] <... close resumed>) = 0 [pid 5066] fstat(4, [pid 6100] memfd_create("syzkaller", 0 [pid 6098] mkdir("./file0", 0777 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6100] <... memfd_create resumed>) = 3 [pid 6098] <... mkdir resumed>) = 0 [pid 6100] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5066] getdents64(4, [pid 6100] <... mmap resumed>) = 0x7fc0314e0000 [pid 6098] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [ 239.818763][ T6098] loop5: detected capacity change from 0 to 4096 [pid 5066] getdents64(4, [pid 6100] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 5066] rmdir("./83/file0") = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./83" [pid 6100] <... write resumed>) = 2097152 [pid 5066] <... rmdir resumed>) = 0 [pid 6100] munmap(0x7fc0314e0000, 2097152 [pid 5066] mkdir("./84", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6100] <... munmap resumed>) = 0 [pid 6100] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5066] <... openat resumed>) = 3 [ 239.903304][ T6098] NILFS (loop5): invalid segment: Checksum error in segment payload [ 239.941853][ T6098] NILFS (loop5): trying rollback from an earlier position [pid 6100] <... openat resumed>) = 4 [pid 5066] ioctl(3, LOOP_CLR_FD [pid 6100] ioctl(4, LOOP_SET_FD, 3 [pid 5066] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5066] close(3 [pid 6088] <... sendfile resumed>) = 1048576 [pid 5066] <... close resumed>) = 0 [pid 6088] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6088] <... open resumed>) = -1 EFAULT (Bad address) [pid 6088] exit_group(0 [pid 5066] <... clone resumed>, child_tidptr=0x555556c965d0) = 6102 [pid 6088] <... exit_group resumed>) = ? ./strace-static-x86_64: Process 6102 attached [pid 6088] +++ exited with 0 +++ [pid 6102] chdir("./84" [pid 6100] <... ioctl resumed>) = 0 [pid 6100] close(3) = 0 [pid 6100] mkdir("./file0", 0777) = 0 [ 239.976444][ T6098] NILFS (loop5): recovery complete [ 239.978895][ T6100] loop1: detected capacity change from 0 to 4096 [pid 6100] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6102] <... chdir resumed>) = 0 [pid 6098] <... mount resumed>) = 0 [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6088, si_uid=0, si_status=0, si_utime=0, si_stime=28 /* 0.28 s */} --- [pid 6102] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6098] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5068] restart_syscall(<... resuming interrupted clone ...> [pid 6102] <... prctl resumed>) = 0 [pid 6098] <... openat resumed>) = 3 [pid 5068] <... restart_syscall resumed>) = 0 [pid 6102] setpgid(0, 0 [pid 6098] chdir("./file0" [pid 6102] <... setpgid resumed>) = 0 [pid 6098] <... chdir resumed>) = 0 [pid 6102] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6098] ioctl(4, LOOP_CLR_FD [pid 5068] umount2("./84", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6102] <... openat resumed>) = 3 [pid 6098] <... ioctl resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6102] write(3, "1000", 4 [pid 6098] close(4 [pid 5068] openat(AT_FDCWD, "./84", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6102] <... write resumed>) = 4 [pid 6098] <... close resumed>) = 0 [pid 5068] <... openat resumed>) = 3 [pid 6102] close(3 [pid 6098] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] fstat(3, [pid 6102] <... close resumed>) = 0 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6102] symlink("/dev/binderfs", "./binderfs" [pid 6098] <... open resumed>) = 4 [pid 5068] getdents64(3, [pid 6102] <... symlink resumed>) = 0 [pid 6098] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6102] memfd_create("syzkaller", 0 [pid 5068] umount2("./84/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6102] <... memfd_create resumed>) = 3 [pid 6098] <... open resumed>) = 5 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6102] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5068] lstat("./84/binderfs", [pid 6102] <... mmap resumed>) = 0x7fc0314e0000 [pid 6098] ftruncate(5, 33587195 [pid 5068] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [ 240.033786][ T6101] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6098] <... ftruncate resumed>) = 0 [pid 5068] unlink("./84/binderfs" [pid 6098] sendfile(4, 5, NULL, 281474978811909 [pid 5068] <... unlink resumed>) = 0 [pid 5068] umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW [ 240.096905][ T6100] NILFS (loop1): invalid segment: Checksum error in segment payload [ 240.104979][ T6100] NILFS (loop1): trying rollback from an earlier position [ 240.146908][ T6100] NILFS (loop1): recovery complete [pid 6102] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6100] <... mount resumed>) = 0 [pid 6100] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6102] <... write resumed>) = 2097152 [pid 6100] <... openat resumed>) = 3 [pid 6102] munmap(0x7fc0314e0000, 2097152 [pid 6100] chdir("./file0" [pid 6102] <... munmap resumed>) = 0 [pid 6100] <... chdir resumed>) = 0 [pid 6102] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6100] ioctl(4, LOOP_CLR_FD [pid 6102] <... openat resumed>) = 4 [pid 6100] <... ioctl resumed>) = 0 [pid 6102] ioctl(4, LOOP_SET_FD, 3 [ 240.196402][ T6103] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6100] close(4) = 0 [pid 6100] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6100] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6100] ftruncate(5, 33587195) = 0 [pid 6100] sendfile(4, 5, NULL, 281474978811909 [pid 6102] <... ioctl resumed>) = 0 [pid 5068] <... umount2 resumed>) = 0 [pid 6102] close(3 [pid 5068] umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6102] <... close resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6102] mkdir("./file0", 0777 [pid 5068] lstat("./84/file0", [pid 6102] <... mkdir resumed>) = 0 [pid 5068] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6102] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6089] <... sendfile resumed>) = 1048576 [ 240.263961][ T6102] loop2: detected capacity change from 0 to 4096 [pid 6089] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6089] <... open resumed>) = -1 EFAULT (Bad address) [pid 6089] exit_group(0) = ? [pid 6089] +++ exited with 0 +++ [pid 5068] openat(AT_FDCWD, "./84/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6089, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 5068] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5068] rmdir("./84/file0" [pid 5064] umount2("./83", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... rmdir resumed>) = 0 [pid 5068] getdents64(3, [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] close(3 [pid 5064] openat(AT_FDCWD, "./83", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] <... close resumed>) = 0 [pid 5064] <... openat resumed>) = 3 [pid 5068] rmdir("./84" [pid 5064] fstat(3, [pid 5068] <... rmdir resumed>) = 0 [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] mkdir("./85", 0777 [pid 5064] getdents64(3, [pid 5068] <... mkdir resumed>) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5064] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] <... openat resumed>) = 3 [pid 5064] umount2("./83/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] close(3) = 0 [pid 5064] lstat("./83/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5064] unlink("./83/binderfs"./strace-static-x86_64: Process 6104 attached [pid 6104] chdir("./85" [pid 5064] <... unlink resumed>) = 0 [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 6104 [pid 5064] umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6104] <... chdir resumed>) = 0 [pid 6104] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6104] setpgid(0, 0) = 0 [pid 6104] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6104] write(3, "1000", 4) = 4 [pid 6104] close(3) = 0 [pid 6104] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6104] memfd_create("syzkaller", 0) = 3 [pid 6104] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 240.360824][ T6102] NILFS (loop2): invalid segment: Checksum error in segment payload [ 240.369739][ T6102] NILFS (loop2): trying rollback from an earlier position [ 240.394034][ T6102] NILFS (loop2): recovery complete [pid 6102] <... mount resumed>) = 0 [pid 6102] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6102] chdir("./file0") = 0 [pid 6102] ioctl(4, LOOP_CLR_FD) = 0 [pid 6102] close(4) = 0 [pid 6102] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6102] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6102] ftruncate(5, 33587195) = 0 [ 240.479718][ T6105] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6102] sendfile(4, 5, NULL, 281474978811909 [pid 6104] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5064] <... umount2 resumed>) = 0 [pid 5064] umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./83/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./83/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5064] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] close(4) = 0 [pid 5064] rmdir("./83/file0") = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] close(3) = 0 [pid 5064] rmdir("./83") = 0 [pid 5064] mkdir("./84", 0777) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5064] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5064] close(3 [pid 6104] <... write resumed>) = 2097152 [pid 5064] <... close resumed>) = 0 [pid 6104] munmap(0x7fc0314e0000, 2097152 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6104] <... munmap resumed>) = 0 [pid 6104] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5064] <... clone resumed>, child_tidptr=0x555556c965d0) = 6106 [pid 6104] <... openat resumed>) = 4 [pid 6104] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6104] close(3) = 0 [pid 6104] mkdir("./file0", 0777) = 0 [pid 6104] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6097] <... sendfile resumed>) = 1048576 [pid 6097] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6097] exit_group(0) = ? ./strace-static-x86_64: Process 6106 attached [pid 6097] +++ exited with 0 +++ [pid 6106] chdir("./84" [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6097, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 6106] <... chdir resumed>) = 0 [pid 5067] umount2("./84", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6106] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./84", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6106] <... prctl resumed>) = 0 [pid 6106] setpgid(0, 0 [pid 5067] <... openat resumed>) = 3 [pid 6106] <... setpgid resumed>) = 0 [pid 5067] fstat(3, [pid 6106] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, [pid 6106] <... openat resumed>) = 3 [pid 5067] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6106] write(3, "1000", 4 [pid 5067] umount2("./84/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6106] <... write resumed>) = 4 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6106] close(3 [pid 5067] lstat("./84/binderfs", [pid 6106] <... close resumed>) = 0 [pid 5067] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6106] symlink("/dev/binderfs", "./binderfs" [pid 5067] unlink("./84/binderfs") = 0 [pid 6106] <... symlink resumed>) = 0 [pid 5067] umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6106] memfd_create("syzkaller", 0) = 3 [pid 6106] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 240.707516][ T6104] loop4: detected capacity change from 0 to 4096 [ 240.734890][ T6104] NILFS (loop4): invalid segment: Checksum error in segment payload [ 240.743636][ T6104] NILFS (loop4): trying rollback from an earlier position [pid 6106] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6104] <... mount resumed>) = 0 [pid 6104] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6104] chdir("./file0") = 0 [pid 6104] ioctl(4, LOOP_CLR_FD) = 0 [pid 6104] close(4 [pid 6106] <... write resumed>) = 2097152 [pid 6104] <... close resumed>) = 0 [pid 6104] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [ 240.818306][ T6104] NILFS (loop4): recovery complete [ 240.829703][ T6107] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6106] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6104] <... open resumed>) = 4 [pid 6106] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6104] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6106] <... openat resumed>) = 4 [pid 6106] ioctl(4, LOOP_SET_FD, 3 [pid 6104] <... open resumed>) = 5 [pid 6104] ftruncate(5, 33587195) = 0 [pid 6104] sendfile(4, 5, NULL, 281474978811909 [pid 6106] <... ioctl resumed>) = 0 [pid 6106] close(3) = 0 [ 240.920217][ T6106] loop0: detected capacity change from 0 to 4096 [pid 6106] mkdir("./file0", 0777) = 0 [pid 6106] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5067] <... umount2 resumed>) = 0 [pid 5067] umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./84/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./84/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./84/file0") = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./84") = 0 [pid 5067] mkdir("./85", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6108 [ 241.015977][ T6106] NILFS (loop0): invalid segment: Checksum error in segment payload [ 241.035644][ T6106] NILFS (loop0): trying rollback from an earlier position ./strace-static-x86_64: Process 6108 attached [pid 6108] chdir("./85") = 0 [pid 6108] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6108] setpgid(0, 0) = 0 [pid 6108] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6108] write(3, "1000", 4) = 4 [pid 6108] close(3) = 0 [pid 6108] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6108] memfd_create("syzkaller", 0) = 3 [pid 6108] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 241.158592][ T6106] NILFS (loop0): recovery complete [pid 6108] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6106] <... mount resumed>) = 0 [pid 6106] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6106] chdir("./file0") = 0 [pid 6106] ioctl(4, LOOP_CLR_FD) = 0 [pid 6106] close(4) = 0 [pid 6098] <... sendfile resumed>) = 1048576 [pid 6106] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [ 241.221756][ T6109] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6098] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6108] <... write resumed>) = 2097152 [pid 6106] <... open resumed>) = 4 [pid 6098] <... open resumed>) = -1 EFAULT (Bad address) [pid 6106] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6098] exit_group(0 [pid 6106] <... open resumed>) = 5 [pid 6098] <... exit_group resumed>) = ? [pid 6098] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6098, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 6106] ftruncate(5, 33587195) = 0 [pid 6106] sendfile(4, 5, NULL, 281474978811909 [pid 5069] umount2("./85", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./85", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./85/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./85/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./85/binderfs") = 0 [pid 5069] umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6108] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6108] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6108] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6108] close(3) = 0 [pid 6108] mkdir("./file0", 0777) = 0 [ 241.341654][ T6108] loop3: detected capacity change from 0 to 4096 [pid 6108] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6100] <... sendfile resumed>) = 1048576 [pid 6100] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [ 241.422686][ T6108] NILFS (loop3): invalid segment: Checksum error in segment payload [ 241.459005][ T6108] NILFS (loop3): trying rollback from an earlier position [pid 6100] exit_group(0) = ? [pid 6100] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6100, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 5065] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5065] umount2("./83", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./83", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./83/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./83/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] unlink("./83/binderfs") = 0 [ 241.476488][ T6108] NILFS (loop3): recovery complete [pid 5065] umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6108] <... mount resumed>) = 0 [pid 6108] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6108] chdir("./file0") = 0 [pid 6108] ioctl(4, LOOP_CLR_FD) = 0 [pid 6108] close(4) = 0 [pid 6108] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6108] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6108] ftruncate(5, 33587195) = 0 [ 241.527183][ T6110] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6108] sendfile(4, 5, NULL, 281474978811909 [pid 5069] <... umount2 resumed>) = 0 [pid 5069] umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./85/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./85/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 5069] rmdir("./85/file0") = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./85") = 0 [pid 5069] mkdir("./86", 0777) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5069] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5065] <... umount2 resumed>) = 0 [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 6111 ./strace-static-x86_64: Process 6111 attached [pid 6111] chdir("./86") = 0 [pid 6111] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6111] setpgid(0, 0) = 0 [pid 6111] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6111] write(3, "1000", 4 [pid 5065] umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6111] <... write resumed>) = 4 [pid 6111] close(3) = 0 [pid 6111] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6111] memfd_create("syzkaller", 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6111] <... memfd_create resumed>) = 3 [pid 6111] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5065] lstat("./83/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./83/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6102] <... sendfile resumed>) = 1048576 [pid 5065] fstat(4, [pid 6102] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6102] exit_group(0) = ? [pid 5065] getdents64(4, [pid 6102] +++ exited with 0 +++ [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6102, si_uid=0, si_status=0, si_utime=0, si_stime=36 /* 0.36 s */} --- [pid 5065] getdents64(4, [pid 5066] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5066] umount2("./84", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./84", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] umount2("./84/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./84/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] unlink("./84/binderfs" [pid 6111] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5066] <... unlink resumed>) = 0 [pid 5065] close(4 [pid 5066] umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... close resumed>) = 0 [pid 5065] rmdir("./83/file0") = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 5065] rmdir("./83") = 0 [pid 5065] mkdir("./84", 0777) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6111] <... write resumed>) = 2097152 [pid 5065] <... clone resumed>, child_tidptr=0x555556c965d0) = 6112 ./strace-static-x86_64: Process 6112 attached [pid 6112] chdir("./84") = 0 [pid 6111] munmap(0x7fc0314e0000, 2097152 [pid 6112] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6112] setpgid(0, 0) = 0 [pid 6112] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6112] write(3, "1000", 4) = 4 [pid 6111] <... munmap resumed>) = 0 [pid 6112] close(3) = 0 [pid 6112] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6112] memfd_create("syzkaller", 0) = 3 [pid 6112] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6111] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 6104] <... sendfile resumed>) = 1048576 [pid 6111] ioctl(4, LOOP_SET_FD, 3 [pid 6104] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6104] exit_group(0 [pid 6112] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6104] <... exit_group resumed>) = ? [pid 6111] <... ioctl resumed>) = 0 [pid 6111] close(3 [pid 6104] +++ exited with 0 +++ [pid 6111] <... close resumed>) = 0 [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6104, si_uid=0, si_status=0, si_utime=0, si_stime=24 /* 0.24 s */} --- [pid 6111] mkdir("./file0", 0777) = 0 [pid 6111] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] umount2("./85", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./85", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] umount2("./85/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./85/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [ 241.974409][ T6111] loop5: detected capacity change from 0 to 4096 [pid 5068] unlink("./85/binderfs") = 0 [pid 5068] umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6112] <... write resumed>) = 2097152 [pid 6112] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6112] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6112] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5066] <... umount2 resumed>) = 0 [pid 5066] umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./84/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW [ 242.064705][ T6111] NILFS (loop5): invalid segment: Checksum error in segment payload [ 242.082286][ T6112] loop1: detected capacity change from 0 to 4096 [pid 6112] close(3 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6112] <... close resumed>) = 0 [pid 5066] openat(AT_FDCWD, "./84/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6112] mkdir("./file0", 0777 [pid 5066] <... openat resumed>) = 4 [pid 5066] fstat(4, [pid 6112] <... mkdir resumed>) = 0 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6112] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5066] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 5066] rmdir("./84/file0") = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./84") = 0 [pid 5066] mkdir("./85", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5066] close(3) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6113 [ 242.116225][ T6111] NILFS (loop5): trying rollback from an earlier position ./strace-static-x86_64: Process 6113 attached [pid 6113] chdir("./85") = 0 [pid 6113] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6113] setpgid(0, 0) = 0 [pid 6113] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6113] write(3, "1000", 4) = 4 [pid 6113] close(3) = 0 [pid 6113] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6113] memfd_create("syzkaller", 0) = 3 [pid 6113] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 242.170023][ T6112] NILFS (loop1): invalid segment: Checksum error in segment payload [pid 6113] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6111] <... mount resumed>) = 0 [pid 6111] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6111] chdir("./file0") = 0 [pid 6111] ioctl(4, LOOP_CLR_FD) = 0 [pid 6111] close(4) = 0 [pid 6111] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] <... umount2 resumed>) = 0 [pid 6111] <... open resumed>) = 4 [pid 5068] umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6111] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6111] <... open resumed>) = 5 [pid 5068] lstat("./85/file0", [pid 6111] ftruncate(5, 33587195 [pid 5068] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6111] <... ftruncate resumed>) = 0 [pid 5068] umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW [ 242.239560][ T6112] NILFS (loop1): trying rollback from an earlier position [ 242.248764][ T6111] NILFS (loop5): recovery complete [ 242.276596][ T6114] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6111] sendfile(4, 5, NULL, 281474978811909 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./85/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5068] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5068] rmdir("./85/file0") = 0 [pid 5068] getdents64(3, [pid 6113] <... write resumed>) = 2097152 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6112] <... mount resumed>) = 0 [pid 5068] close(3) = 0 [pid 5068] rmdir("./85") = 0 [ 242.341039][ T6112] NILFS (loop1): recovery complete [pid 5068] mkdir("./86", 0777) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5068] close(3) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6112] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 6116 [pid 6112] chdir("./file0"./strace-static-x86_64: Process 6116 attached ) = 0 [pid 6106] <... sendfile resumed>) = 1048576 [pid 6116] chdir("./86" [pid 6112] ioctl(4, LOOP_CLR_FD [pid 6106] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6116] <... chdir resumed>) = 0 [pid 6113] munmap(0x7fc0314e0000, 2097152 [pid 6112] <... ioctl resumed>) = 0 [pid 6106] <... open resumed>) = -1 EFAULT (Bad address) [pid 6116] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6112] close(4 [pid 6106] exit_group(0 [pid 6116] <... prctl resumed>) = 0 [pid 6113] <... munmap resumed>) = 0 [pid 6112] <... close resumed>) = 0 [pid 6106] <... exit_group resumed>) = ? [pid 6116] setpgid(0, 0 [ 242.367267][ T6115] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6112] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6116] <... setpgid resumed>) = 0 [pid 6113] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6112] <... open resumed>) = 4 [pid 6106] +++ exited with 0 +++ [pid 6116] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6113] <... openat resumed>) = 4 [pid 6112] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6106, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=20 /* 0.20 s */} --- [pid 6116] <... openat resumed>) = 3 [pid 6113] ioctl(4, LOOP_SET_FD, 3 [pid 6112] <... open resumed>) = 5 [pid 5064] restart_syscall(<... resuming interrupted clone ...> [pid 6116] write(3, "1000", 4 [pid 5064] <... restart_syscall resumed>) = 0 [pid 6116] <... write resumed>) = 4 [pid 6116] close(3) = 0 [pid 5064] umount2("./84", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6116] symlink("/dev/binderfs", "./binderfs" [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6116] <... symlink resumed>) = 0 [pid 5064] openat(AT_FDCWD, "./84", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6116] memfd_create("syzkaller", 0 [pid 6113] <... ioctl resumed>) = 0 [pid 6112] ftruncate(5, 33587195 [pid 5064] <... openat resumed>) = 3 [pid 6116] <... memfd_create resumed>) = 3 [pid 6113] close(3 [pid 6112] <... ftruncate resumed>) = 0 [pid 5064] fstat(3, [pid 6116] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6113] <... close resumed>) = 0 [pid 6112] sendfile(4, 5, NULL, 281474978811909 [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6116] <... mmap resumed>) = 0x7fc0314e0000 [pid 6113] mkdir("./file0", 0777 [pid 5064] getdents64(3, [pid 6113] <... mkdir resumed>) = 0 [pid 5064] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6113] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5064] umount2("./84/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./84/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] unlink("./84/binderfs") = 0 [ 242.446355][ T6113] loop2: detected capacity change from 0 to 4096 [pid 5064] umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6116] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6108] <... sendfile resumed>) = 1048576 [pid 6108] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6108] exit_group(0) = ? [pid 6108] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6108, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} --- [ 242.516052][ T6113] NILFS (loop2): invalid segment: Checksum error in segment payload [ 242.552332][ T6113] NILFS (loop2): trying rollback from an earlier position [pid 5067] umount2("./85", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./85", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./85/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./85/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./85/binderfs" [pid 6116] <... write resumed>) = 2097152 [pid 5067] <... unlink resumed>) = 0 [pid 5067] umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6116] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6116] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6116] ioctl(4, LOOP_SET_FD, 3 [pid 6113] <... mount resumed>) = 0 [pid 6113] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6116] <... ioctl resumed>) = 0 [pid 6113] chdir("./file0" [pid 6116] close(3 [pid 6113] <... chdir resumed>) = 0 [pid 6116] <... close resumed>) = 0 [pid 6113] ioctl(4, LOOP_CLR_FD [pid 5064] <... umount2 resumed>) = 0 [pid 6116] mkdir("./file0", 0777 [pid 6113] <... ioctl resumed>) = 0 [pid 6116] <... mkdir resumed>) = 0 [ 242.628804][ T6113] NILFS (loop2): recovery complete [ 242.647277][ T6116] loop4: detected capacity change from 0 to 4096 [ 242.648145][ T6117] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6113] close(4 [pid 6116] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6113] <... close resumed>) = 0 [pid 6113] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6113] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5064] umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6113] <... open resumed>) = 5 [pid 6113] ftruncate(5, 33587195) = 0 [pid 6113] sendfile(4, 5, NULL, 281474978811909 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./84/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./84/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5064] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] close(4) = 0 [pid 5064] rmdir("./84/file0") = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] close(3) = 0 [pid 5064] rmdir("./84") = 0 [pid 5064] mkdir("./85", 0777) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5064] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 242.760904][ T6116] NILFS (loop4): invalid segment: Checksum error in segment payload [pid 5064] close(3) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6118 ./strace-static-x86_64: Process 6118 attached [pid 6118] chdir("./85") = 0 [pid 6118] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6118] setpgid(0, 0) = 0 [pid 6118] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6118] write(3, "1000", 4) = 4 [pid 6118] close(3) = 0 [pid 6118] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6118] memfd_create("syzkaller", 0) = 3 [pid 6118] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 242.816364][ T6116] NILFS (loop4): trying rollback from an earlier position [pid 5067] <... umount2 resumed>) = 0 [pid 5067] umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./85/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./85/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] fstat(4, [pid 6118] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [ 242.911460][ T6116] NILFS (loop4): recovery complete [pid 5067] close(4) = 0 [pid 5067] rmdir("./85/file0") = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./85" [pid 6116] <... mount resumed>) = 0 [pid 6116] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5067] <... rmdir resumed>) = 0 [pid 6116] <... openat resumed>) = 3 [pid 5067] mkdir("./86", 0777 [pid 6116] chdir("./file0") = 0 [pid 5067] <... mkdir resumed>) = 0 [pid 6116] ioctl(4, LOOP_CLR_FD [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6116] <... ioctl resumed>) = 0 [pid 6116] close(4 [pid 5067] <... openat resumed>) = 3 [pid 6116] <... close resumed>) = 0 [pid 5067] ioctl(3, LOOP_CLR_FD [pid 6116] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6116] <... open resumed>) = 4 [pid 5067] close(3 [pid 6118] <... write resumed>) = 2097152 [pid 6116] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] <... close resumed>) = 0 [pid 6116] <... open resumed>) = 5 [ 242.968654][ T6119] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6116] ftruncate(5, 33587195) = 0 [pid 6116] sendfile(4, 5, NULL, 281474978811909 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6120 ./strace-static-x86_64: Process 6120 attached [pid 6120] chdir("./86" [pid 6118] munmap(0x7fc0314e0000, 2097152 [pid 6120] <... chdir resumed>) = 0 [pid 6118] <... munmap resumed>) = 0 [pid 6120] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6118] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6120] <... prctl resumed>) = 0 [pid 6118] <... openat resumed>) = 4 [pid 6120] setpgid(0, 0 [pid 6118] ioctl(4, LOOP_SET_FD, 3 [pid 6120] <... setpgid resumed>) = 0 [pid 6118] <... ioctl resumed>) = 0 [pid 6120] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6120] write(3, "1000", 4) = 4 [pid 6120] close(3) = 0 [pid 6120] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6120] memfd_create("syzkaller", 0) = 3 [pid 6120] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6118] close(3) = 0 [pid 6118] mkdir("./file0", 0777) = 0 [ 243.117605][ T6118] loop0: detected capacity change from 0 to 4096 [pid 6118] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [ 243.196265][ T6118] NILFS (loop0): invalid segment: Checksum error in segment payload [ 243.224158][ T6118] NILFS (loop0): trying rollback from an earlier position [pid 6120] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152 [ 243.303425][ T6118] NILFS (loop0): recovery complete [pid 6120] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6118] <... mount resumed>) = 0 [pid 6118] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6118] chdir("./file0") = 0 [pid 6118] ioctl(4, LOOP_CLR_FD) = 0 [pid 6120] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6118] close(4 [pid 6120] <... openat resumed>) = 4 [pid 6118] <... close resumed>) = 0 [pid 6118] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6120] ioctl(4, LOOP_SET_FD, 3 [pid 6118] <... open resumed>) = 4 [pid 6118] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6118] ftruncate(5, 33587195) = 0 [pid 6118] sendfile(4, 5, NULL, 281474978811909 [pid 6120] <... ioctl resumed>) = 0 [pid 6120] close(3) = 0 [pid 6120] mkdir("./file0", 0777) = 0 [ 243.327550][ T6121] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 243.363481][ T6120] loop3: detected capacity change from 0 to 4096 [ 243.400062][ T6120] NILFS (loop3): invalid segment: Checksum error in segment payload [ 243.411728][ T6120] NILFS (loop3): trying rollback from an earlier position [pid 6120] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6111] <... sendfile resumed>) = 1048576 [pid 6111] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6111] exit_group(0) = ? [pid 6111] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6111, si_uid=0, si_status=0, si_utime=0, si_stime=31 /* 0.31 s */} --- [pid 5069] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 6112] <... sendfile resumed>) = 1048576 [pid 5069] umount2("./86", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6112] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6112] <... open resumed>) = -1 EFAULT (Bad address) [ 243.488497][ T6120] NILFS (loop3): recovery complete [pid 5069] openat(AT_FDCWD, "./86", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6120] <... mount resumed>) = 0 [pid 6112] exit_group(0 [pid 5069] <... openat resumed>) = 3 [pid 6120] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6112] <... exit_group resumed>) = ? [pid 5069] fstat(3, [pid 6120] <... openat resumed>) = 3 [pid 6112] +++ exited with 0 +++ [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6120] chdir("./file0" [pid 5069] getdents64(3, [pid 6120] <... chdir resumed>) = 0 [pid 5069] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6112, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=29 /* 0.29 s */} --- [pid 6120] ioctl(4, LOOP_CLR_FD [pid 5069] umount2("./86/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6120] <... ioctl resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6120] close(4 [pid 5069] lstat("./86/binderfs", [pid 6120] <... close resumed>) = 0 [pid 5069] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6120] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] unlink("./86/binderfs" [pid 6120] <... open resumed>) = 4 [pid 5069] <... unlink resumed>) = 0 [pid 6120] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] umount2("./84", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6120] <... open resumed>) = 5 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6120] ftruncate(5, 33587195 [pid 5065] openat(AT_FDCWD, "./84", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6120] <... ftruncate resumed>) = 0 [pid 6120] sendfile(4, 5, NULL, 281474978811909 [pid 5065] <... openat resumed>) = 3 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./84/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./84/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] unlink("./84/binderfs") = 0 [ 243.518760][ T6122] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5065] umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6113] <... sendfile resumed>) = 1048576 [pid 6113] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6113] exit_group(0) = ? [pid 6113] +++ exited with 0 +++ [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6113, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=19 /* 0.19 s */} --- [pid 5066] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5066] umount2("./85", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./85", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5066] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] umount2("./85/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./85/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] unlink("./85/binderfs") = 0 [pid 5066] umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... umount2 resumed>) = 0 [pid 5069] umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./86/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./86/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] <... umount2 resumed>) = 0 [pid 5069] getdents64(4, [pid 5065] umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./84/file0", [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4 [pid 5065] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] <... close resumed>) = 0 [pid 5069] rmdir("./86/file0") = 0 [pid 5065] openat(AT_FDCWD, "./84/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5065] <... openat resumed>) = 4 [pid 5069] rmdir("./86" [pid 5065] fstat(4, [pid 5069] <... rmdir resumed>) = 0 [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] mkdir("./87", 0777 [pid 5065] getdents64(4, [pid 5069] <... mkdir resumed>) = 0 [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5065] getdents64(4, [pid 5069] <... openat resumed>) = 3 [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5065] close(4 [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5065] <... close resumed>) = 0 [pid 5069] close(3 [pid 5065] rmdir("./84/file0" [pid 5069] <... close resumed>) = 0 [pid 5065] <... rmdir resumed>) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] close(3 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5065] <... close resumed>) = 0 [pid 5065] rmdir("./84") = 0 [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 6123 [pid 5065] mkdir("./85", 0777) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 6123 attached ) = -1 ENXIO (No such device or address) [pid 6123] chdir("./87" [pid 5065] close(3 [pid 6123] <... chdir resumed>) = 0 [pid 5065] <... close resumed>) = 0 [pid 6123] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6123] <... prctl resumed>) = 0 [pid 6123] setpgid(0, 0 [pid 5065] <... clone resumed>, child_tidptr=0x555556c965d0) = 6124 ./strace-static-x86_64: Process 6124 attached [pid 6123] <... setpgid resumed>) = 0 [pid 6116] <... sendfile resumed>) = 1048576 [pid 6124] chdir("./85" [pid 6123] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6116] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6123] <... openat resumed>) = 3 [pid 6116] <... open resumed>) = -1 EFAULT (Bad address) [pid 6124] <... chdir resumed>) = 0 [pid 6123] write(3, "1000", 4 [pid 6116] exit_group(0 [pid 6123] <... write resumed>) = 4 [pid 6116] <... exit_group resumed>) = ? [pid 6123] close(3 [pid 6116] +++ exited with 0 +++ [pid 6123] <... close resumed>) = 0 [pid 6123] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6124] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6123] memfd_create("syzkaller", 0 [pid 6124] <... prctl resumed>) = 0 [pid 6123] <... memfd_create resumed>) = 3 [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6116, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 6124] setpgid(0, 0 [pid 6123] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5068] umount2("./86", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6124] <... setpgid resumed>) = 0 [pid 6123] <... mmap resumed>) = 0x7fc0314e0000 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6124] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5068] openat(AT_FDCWD, "./86", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6124] <... openat resumed>) = 3 [pid 5068] <... openat resumed>) = 3 [pid 6124] write(3, "1000", 4 [pid 5068] fstat(3, [pid 5066] <... umount2 resumed>) = 0 [pid 6124] <... write resumed>) = 4 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6124] close(3 [pid 5068] getdents64(3, [pid 6124] <... close resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6124] symlink("/dev/binderfs", "./binderfs" [pid 5068] umount2("./86/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] lstat("./85/file0", [pid 6124] <... symlink resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6124] memfd_create("syzkaller", 0 [pid 5068] lstat("./86/binderfs", [pid 5066] umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6124] <... memfd_create resumed>) = 3 [pid 5068] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6124] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5068] unlink("./86/binderfs" [pid 5066] openat(AT_FDCWD, "./85/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6124] <... mmap resumed>) = 0x7fc0314e0000 [pid 5068] <... unlink resumed>) = 0 [pid 5066] <... openat resumed>) = 4 [pid 5068] umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] close(4 [pid 6123] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5066] <... close resumed>) = 0 [pid 6124] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5066] rmdir("./85/file0") = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./85") = 0 [pid 5066] mkdir("./86", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5066] close(3) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6125 ./strace-static-x86_64: Process 6125 attached [pid 6125] chdir("./86") = 0 [pid 6125] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6125] setpgid(0, 0) = 0 [pid 6125] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6125] write(3, "1000", 4) = 4 [pid 6125] close(3) = 0 [pid 6125] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6125] memfd_create("syzkaller", 0) = 3 [pid 6125] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6123] <... write resumed>) = 2097152 [pid 6124] <... write resumed>) = 2097152 [pid 6123] munmap(0x7fc0314e0000, 2097152 [pid 6124] munmap(0x7fc0314e0000, 2097152 [pid 6123] <... munmap resumed>) = 0 [pid 6123] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 6124] <... munmap resumed>) = 0 [pid 6123] <... openat resumed>) = 4 [pid 6124] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6123] ioctl(4, LOOP_SET_FD, 3 [pid 6124] <... openat resumed>) = 4 [pid 6124] ioctl(4, LOOP_SET_FD, 3 [pid 6125] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6124] <... ioctl resumed>) = 0 [pid 6123] <... ioctl resumed>) = 0 [pid 6124] close(3 [pid 6123] close(3 [pid 6124] <... close resumed>) = 0 [pid 6123] <... close resumed>) = 0 [pid 6124] mkdir("./file0", 0777 [pid 6123] mkdir("./file0", 0777) = 0 [pid 6124] <... mkdir resumed>) = 0 [ 244.150028][ T6123] loop5: detected capacity change from 0 to 4096 [ 244.157601][ T6124] loop1: detected capacity change from 0 to 4096 [pid 6123] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6124] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] <... umount2 resumed>) = 0 [pid 5068] umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6125] <... write resumed>) = 2097152 [ 244.224258][ T6123] NILFS (loop5): invalid segment: Checksum error in segment payload [ 244.230653][ T6124] NILFS (loop1): invalid segment: Checksum error in segment payload [pid 5068] lstat("./86/file0", [pid 6125] munmap(0x7fc0314e0000, 2097152 [pid 5068] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6125] <... munmap resumed>) = 0 [pid 5068] umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6125] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6125] <... openat resumed>) = 4 [pid 5068] openat(AT_FDCWD, "./86/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6125] ioctl(4, LOOP_SET_FD, 3 [pid 5068] <... openat resumed>) = 4 [pid 5068] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5068] rmdir("./86/file0" [pid 6125] <... ioctl resumed>) = 0 [pid 5068] <... rmdir resumed>) = 0 [pid 6125] close(3 [pid 5068] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] close(3 [pid 6125] <... close resumed>) = 0 [pid 6125] mkdir("./file0", 0777 [pid 5068] <... close resumed>) = 0 [pid 5068] rmdir("./86") = 0 [pid 5068] mkdir("./87", 0777 [pid 6125] <... mkdir resumed>) = 0 [pid 6125] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] <... mkdir resumed>) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 244.264552][ T6124] NILFS (loop1): trying rollback from an earlier position [ 244.278046][ T6123] NILFS (loop5): trying rollback from an earlier position [ 244.290083][ T6125] loop2: detected capacity change from 0 to 4096 [pid 5068] close(3) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6127 [ 244.337230][ T6124] NILFS (loop1): recovery complete [pid 6124] <... mount resumed>) = 0 [pid 6124] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6124] chdir("./file0") = 0 [pid 6124] ioctl(4, LOOP_CLR_FD) = 0 [pid 6124] close(4) = 0 [pid 6124] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6124] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6124] ftruncate(5, 33587195) = 0 ./strace-static-x86_64: Process 6127 attached [ 244.359242][ T6125] NILFS (loop2): invalid segment: Checksum error in segment payload [ 244.368254][ T6126] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 244.383026][ T6125] NILFS (loop2): trying rollback from an earlier position [ 244.386633][ T6123] NILFS (loop5): recovery complete [pid 6124] sendfile(4, 5, NULL, 281474978811909 [pid 6127] chdir("./87" [pid 6123] <... mount resumed>) = 0 [pid 6127] <... chdir resumed>) = 0 [pid 6127] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6123] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6127] <... prctl resumed>) = 0 [pid 6123] <... openat resumed>) = 3 [pid 6127] setpgid(0, 0 [pid 6123] chdir("./file0" [pid 6127] <... setpgid resumed>) = 0 [pid 6123] <... chdir resumed>) = 0 [pid 6127] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6123] ioctl(4, LOOP_CLR_FD [pid 6127] <... openat resumed>) = 3 [pid 6123] <... ioctl resumed>) = 0 [pid 6127] write(3, "1000", 4 [pid 6123] close(4 [pid 6127] <... write resumed>) = 4 [pid 6123] <... close resumed>) = 0 [ 244.428877][ T6128] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6118] <... sendfile resumed>) = 1048576 [pid 6127] close(3 [pid 6123] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6118] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6127] <... close resumed>) = 0 [pid 6118] <... open resumed>) = -1 EFAULT (Bad address) [pid 6123] <... open resumed>) = 4 [pid 6127] symlink("/dev/binderfs", "./binderfs" [pid 6123] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6118] exit_group(0 [pid 6127] <... symlink resumed>) = 0 [pid 6127] memfd_create("syzkaller", 0 [pid 6123] <... open resumed>) = 5 [pid 6118] <... exit_group resumed>) = ? [pid 6127] <... memfd_create resumed>) = 3 [pid 6123] ftruncate(5, 33587195 [pid 6118] +++ exited with 0 +++ [pid 6127] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6123] <... ftruncate resumed>) = 0 [pid 6127] <... mmap resumed>) = 0x7fc0314e0000 [pid 6123] sendfile(4, 5, NULL, 281474978811909 [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6118, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=25 /* 0.25 s */} --- [pid 5064] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5064] umount2("./85", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./85", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5064] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] umount2("./85/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./85/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] unlink("./85/binderfs") = 0 [ 244.509633][ T6125] NILFS (loop2): recovery complete [pid 5064] umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6127] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6125] <... mount resumed>) = 0 [pid 6125] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6125] chdir("./file0") = 0 [pid 6125] ioctl(4, LOOP_CLR_FD) = 0 [pid 6125] close(4 [pid 6120] <... sendfile resumed>) = 1048576 [pid 6125] <... close resumed>) = 0 [pid 6120] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6125] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6120] <... open resumed>) = -1 EFAULT (Bad address) [pid 6120] exit_group(0) = ? [pid 6125] <... open resumed>) = 4 [pid 6120] +++ exited with 0 +++ [ 244.593055][ T6129] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6125] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6120, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=23 /* 0.23 s */} --- [pid 6125] <... open resumed>) = 5 [pid 5067] restart_syscall(<... resuming interrupted clone ...> [pid 6125] ftruncate(5, 33587195 [pid 5067] <... restart_syscall resumed>) = 0 [pid 6125] <... ftruncate resumed>) = 0 [pid 5064] <... umount2 resumed>) = 0 [pid 6127] <... write resumed>) = 2097152 [pid 6125] sendfile(4, 5, NULL, 281474978811909 [pid 6127] munmap(0x7fc0314e0000, 2097152 [pid 5067] umount2("./86", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./86", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6127] <... munmap resumed>) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6127] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5067] <... openat resumed>) = 3 [pid 5064] lstat("./85/file0", [pid 6127] <... openat resumed>) = 4 [pid 5067] fstat(3, [pid 6127] ioctl(4, LOOP_SET_FD, 3 [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, [pid 5064] umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./86/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6127] <... ioctl resumed>) = 0 [pid 5067] lstat("./86/binderfs", [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6127] close(3 [pid 5067] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] openat(AT_FDCWD, "./85/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6127] <... close resumed>) = 0 [pid 5067] unlink("./86/binderfs" [pid 5064] <... openat resumed>) = 4 [pid 6127] mkdir("./file0", 0777 [pid 5064] fstat(4, [pid 6127] <... mkdir resumed>) = 0 [pid 5067] <... unlink resumed>) = 0 [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6127] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5067] umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] close(4) = 0 [pid 5064] rmdir("./85/file0") = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] close(3) = 0 [pid 5064] rmdir("./85") = 0 [pid 5064] mkdir("./86", 0777) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5064] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5064] close(3) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6130 ./strace-static-x86_64: Process 6130 attached [pid 6130] chdir("./86") = 0 [pid 6130] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6130] setpgid(0, 0) = 0 [ 244.710966][ T6127] loop4: detected capacity change from 0 to 4096 [pid 6130] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6130] write(3, "1000", 4) = 4 [pid 6130] close(3) = 0 [pid 6130] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6130] memfd_create("syzkaller", 0) = 3 [pid 6130] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 244.775751][ T6127] NILFS (loop4): invalid segment: Checksum error in segment payload [ 244.783816][ T6127] NILFS (loop4): trying rollback from an earlier position [ 244.861068][ T6127] NILFS (loop4): recovery complete [pid 6130] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5067] <... umount2 resumed>) = 0 [pid 6127] <... mount resumed>) = 0 [pid 5067] umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6127] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6127] chdir("./file0") = 0 [pid 6127] ioctl(4, LOOP_CLR_FD [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6127] <... ioctl resumed>) = 0 [pid 5067] lstat("./86/file0", [pid 6127] close(4 [pid 5067] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6127] <... close resumed>) = 0 [pid 6127] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6130] <... write resumed>) = 2097152 [pid 6127] <... open resumed>) = 4 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6127] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] openat(AT_FDCWD, "./86/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6127] <... open resumed>) = 5 [pid 5067] <... openat resumed>) = 4 [pid 6127] ftruncate(5, 33587195 [pid 5067] fstat(4, [pid 6127] <... ftruncate resumed>) = 0 [ 244.910128][ T6131] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6127] sendfile(4, 5, NULL, 281474978811909 [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./86/file0") = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3 [pid 6130] munmap(0x7fc0314e0000, 2097152 [pid 5067] <... close resumed>) = 0 [pid 5067] rmdir("./86") = 0 [pid 5067] mkdir("./87", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6130] <... munmap resumed>) = 0 [pid 5067] <... openat resumed>) = 3 [pid 6130] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5067] ioctl(3, LOOP_CLR_FD [pid 6130] ioctl(4, LOOP_SET_FD, 3 [pid 5067] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6130] <... ioctl resumed>) = 0 [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6130] close(3 [pid 5067] <... clone resumed>, child_tidptr=0x555556c965d0) = 6132 [pid 6130] <... close resumed>) = 0 [pid 6130] mkdir("./file0", 0777) = 0 ./strace-static-x86_64: Process 6132 attached [pid 6130] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6132] chdir("./87") = 0 [ 245.067921][ T6130] loop0: detected capacity change from 0 to 4096 [pid 6132] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6132] setpgid(0, 0) = 0 [pid 6132] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6132] write(3, "1000", 4) = 4 [pid 6132] close(3) = 0 [pid 6132] symlink("/dev/binderfs", "./binderfs") = 0 [ 245.120126][ T6130] NILFS (loop0): invalid segment: Checksum error in segment payload [pid 6132] memfd_create("syzkaller", 0) = 3 [pid 6132] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6130] <... mount resumed>) = 0 [pid 6130] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6130] chdir("./file0") = 0 [pid 6130] ioctl(4, LOOP_CLR_FD) = 0 [ 245.162406][ T6130] NILFS (loop0): trying rollback from an earlier position [ 245.179035][ T6130] NILFS (loop0): recovery complete [ 245.191436][ T6133] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6130] close(4 [pid 6132] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6130] <... close resumed>) = 0 [pid 6130] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6130] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6130] ftruncate(5, 33587195) = 0 [pid 6130] sendfile(4, 5, NULL, 281474978811909 [pid 6132] <... write resumed>) = 2097152 [pid 6132] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6132] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6132] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6132] close(3 [pid 6124] <... sendfile resumed>) = 1048576 [pid 6132] <... close resumed>) = 0 [pid 6124] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6132] mkdir("./file0", 0777) = 0 [pid 6124] <... open resumed>) = -1 EFAULT (Bad address) [pid 6132] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6124] exit_group(0) = ? [pid 6124] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6124, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} --- [ 245.401975][ T6132] loop3: detected capacity change from 0 to 4096 [pid 5065] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5065] umount2("./85", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./85", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6123] <... sendfile resumed>) = 1048576 [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./85/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./85/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] unlink("./85/binderfs" [pid 6123] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5065] <... unlink resumed>) = 0 [pid 5065] umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6123] <... open resumed>) = -1 EFAULT (Bad address) [pid 6123] exit_group(0) = ? [pid 6123] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6123, si_uid=0, si_status=0, si_utime=0, si_stime=20 /* 0.20 s */} --- [ 245.488100][ T6132] NILFS (loop3): invalid segment: Checksum error in segment payload [ 245.496325][ T6132] NILFS (loop3): trying rollback from an earlier position [ 245.526939][ T6132] NILFS (loop3): recovery complete [pid 6132] <... mount resumed>) = 0 [pid 6132] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5069] umount2("./87", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6132] <... openat resumed>) = 3 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6132] chdir("./file0" [pid 5069] openat(AT_FDCWD, "./87", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6132] <... chdir resumed>) = 0 [pid 5069] <... openat resumed>) = 3 [pid 6132] ioctl(4, LOOP_CLR_FD [pid 5069] fstat(3, [pid 6132] <... ioctl resumed>) = 0 [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6132] close(4 [pid 5069] getdents64(3, [pid 6132] <... close resumed>) = 0 [pid 5069] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6132] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] umount2("./87/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./87/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./87/binderfs") = 0 [pid 6132] <... open resumed>) = 4 [pid 5069] umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6132] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6132] ftruncate(5, 33587195) = 0 [ 245.536362][ T6134] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6132] sendfile(4, 5, NULL, 281474978811909 [pid 5065] <... umount2 resumed>) = 0 [pid 5065] umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./85/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./85/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(4, [pid 6125] <... sendfile resumed>) = 1048576 [pid 6125] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6125] <... open resumed>) = -1 EFAULT (Bad address) [pid 5065] getdents64(4, [pid 6125] exit_group(0 [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6125] <... exit_group resumed>) = ? [pid 6125] +++ exited with 0 +++ [pid 5065] close(4 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6125, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 5065] <... close resumed>) = 0 [pid 5065] rmdir("./85/file0" [pid 5066] umount2("./86", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] <... rmdir resumed>) = 0 [pid 5066] openat(AT_FDCWD, "./86", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] getdents64(3, [pid 5066] <... openat resumed>) = 3 [pid 5065] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] close(3 [pid 5066] getdents64(3, [pid 5065] <... close resumed>) = 0 [pid 5066] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] rmdir("./85" [pid 5066] umount2("./86/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... umount2 resumed>) = 0 [pid 5069] umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... rmdir resumed>) = 0 [pid 5066] lstat("./86/binderfs", [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] mkdir("./86", 0777 [pid 5069] lstat("./87/file0", [pid 5066] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] unlink("./86/binderfs" [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... mkdir resumed>) = 0 [pid 5069] openat(AT_FDCWD, "./87/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] <... unlink resumed>) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5069] <... openat resumed>) = 4 [pid 5066] umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] fstat(4, [pid 5065] <... openat resumed>) = 3 [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(4, [pid 5065] ioctl(3, LOOP_CLR_FD [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, [pid 5065] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4 [pid 5065] close(3 [pid 5069] <... close resumed>) = 0 [pid 5065] <... close resumed>) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6135 [pid 5069] rmdir("./87/file0") = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./87") = 0 [pid 5069] mkdir("./88", 0777) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 ./strace-static-x86_64: Process 6135 attached [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5069] close(3 [pid 6135] chdir("./86" [pid 5069] <... close resumed>) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6135] <... chdir resumed>) = 0 [pid 6135] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6135] setpgid(0, 0 [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 6136 [pid 6135] <... setpgid resumed>) = 0 [pid 6135] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6135] write(3, "1000", 4) = 4 ./strace-static-x86_64: Process 6136 attached [pid 6135] close(3 [pid 6136] chdir("./88" [pid 6135] <... close resumed>) = 0 [pid 6135] symlink("/dev/binderfs", "./binderfs" [pid 6136] <... chdir resumed>) = 0 [pid 6136] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6135] <... symlink resumed>) = 0 [pid 6136] <... prctl resumed>) = 0 [pid 6135] memfd_create("syzkaller", 0 [pid 6136] setpgid(0, 0 [pid 6135] <... memfd_create resumed>) = 3 [pid 6136] <... setpgid resumed>) = 0 [pid 6135] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6136] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6135] <... mmap resumed>) = 0x7fc0314e0000 [pid 6136] <... openat resumed>) = 3 [pid 6136] write(3, "1000", 4) = 4 [pid 6136] close(3) = 0 [pid 6136] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6136] memfd_create("syzkaller", 0) = 3 [pid 6136] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6135] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6136] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152 [pid 6135] <... write resumed>) = 2097152 [pid 5066] <... umount2 resumed>) = 0 [pid 6136] munmap(0x7fc0314e0000, 2097152 [pid 6135] munmap(0x7fc0314e0000, 2097152 [pid 5066] umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6136] <... munmap resumed>) = 0 [pid 6135] <... munmap resumed>) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6136] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 6135] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5066] lstat("./86/file0", [pid 6136] <... openat resumed>) = 4 [pid 6135] <... openat resumed>) = 4 [pid 5066] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6136] ioctl(4, LOOP_SET_FD, 3 [pid 6127] <... sendfile resumed>) = 1048576 [pid 6127] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6127] exit_group(0) = ? [pid 6135] ioctl(4, LOOP_SET_FD, 3 [pid 6127] +++ exited with 0 +++ [pid 5066] umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6127, si_uid=0, si_status=0, si_utime=0, si_stime=29 /* 0.29 s */} --- [pid 5066] openat(AT_FDCWD, "./86/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5066] <... openat resumed>) = 4 [pid 5066] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] umount2("./87", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] getdents64(4, [pid 6136] <... ioctl resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6136] close(3 [pid 5068] openat(AT_FDCWD, "./87", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] getdents64(4, [pid 6136] <... close resumed>) = 0 [pid 5068] <... openat resumed>) = 3 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6136] mkdir("./file0", 0777 [pid 5068] fstat(3, [pid 5066] close(4 [pid 6136] <... mkdir resumed>) = 0 [pid 6135] <... ioctl resumed>) = 0 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] <... close resumed>) = 0 [pid 6136] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6135] close(3 [pid 5068] getdents64(3, [pid 5066] rmdir("./86/file0" [pid 6135] <... close resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [ 246.112593][ T6135] loop1: detected capacity change from 0 to 4096 [ 246.116549][ T6136] loop5: detected capacity change from 0 to 4096 [pid 5066] <... rmdir resumed>) = 0 [pid 6135] mkdir("./file0", 0777 [pid 5068] umount2("./87/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] getdents64(3, [pid 6135] <... mkdir resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6135] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] lstat("./87/binderfs", [pid 5066] close(3 [pid 5068] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] <... close resumed>) = 0 [pid 5068] unlink("./87/binderfs" [pid 5066] rmdir("./86" [pid 5068] <... unlink resumed>) = 0 [pid 5068] umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... rmdir resumed>) = 0 [pid 5066] mkdir("./87", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 246.161556][ T6136] NILFS (loop5): invalid segment: Checksum error in segment payload [ 246.175758][ T6136] NILFS (loop5): trying rollback from an earlier position [pid 5066] close(3) = 0 [ 246.205736][ T6135] NILFS (loop1): invalid segment: Checksum error in segment payload [ 246.214227][ T6135] NILFS (loop1): trying rollback from an earlier position [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6137 attached [pid 6137] chdir("./87") = 0 [pid 6137] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6137] setpgid(0, 0) = 0 [pid 6137] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6137] write(3, "1000", 4) = 4 [pid 5066] <... clone resumed>, child_tidptr=0x555556c965d0) = 6137 [pid 6137] close(3) = 0 [pid 6137] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6137] memfd_create("syzkaller", 0) = 3 [pid 6137] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 246.256334][ T6136] NILFS (loop5): recovery complete [ 246.266913][ T6135] NILFS (loop1): recovery complete [pid 6136] <... mount resumed>) = 0 [pid 6135] <... mount resumed>) = 0 [pid 6136] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6135] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6136] <... openat resumed>) = 3 [pid 6135] <... openat resumed>) = 3 [pid 6136] chdir("./file0" [pid 6135] chdir("./file0" [pid 6136] <... chdir resumed>) = 0 [pid 6135] <... chdir resumed>) = 0 [pid 6136] ioctl(4, LOOP_CLR_FD [pid 6135] ioctl(4, LOOP_CLR_FD [pid 6136] <... ioctl resumed>) = 0 [pid 6135] <... ioctl resumed>) = 0 [ 246.300621][ T6139] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 246.313123][ T6138] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6136] close(4 [pid 6135] close(4 [pid 6137] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6136] <... close resumed>) = 0 [pid 6135] <... close resumed>) = 0 [pid 6130] <... sendfile resumed>) = 1048576 [pid 5068] <... umount2 resumed>) = 0 [pid 6130] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6130] exit_group(0) = ? [pid 6136] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6135] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6130] +++ exited with 0 +++ [pid 5068] umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6136] <... open resumed>) = 4 [pid 6135] <... open resumed>) = 4 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6136] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6135] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] lstat("./87/file0", [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6130, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 6136] <... open resumed>) = 5 [pid 6135] <... open resumed>) = 5 [pid 5064] umount2("./86", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6135] ftruncate(5, 33587195 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6135] <... ftruncate resumed>) = 0 [pid 5064] openat(AT_FDCWD, "./86", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6136] ftruncate(5, 33587195 [pid 6135] sendfile(4, 5, NULL, 281474978811909 [pid 5068] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] <... openat resumed>) = 3 [pid 6136] <... ftruncate resumed>) = 0 [pid 5064] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6136] sendfile(4, 5, NULL, 281474978811909 [pid 5064] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] umount2("./86/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6137] <... write resumed>) = 2097152 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./86/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] unlink("./86/binderfs" [pid 6137] munmap(0x7fc0314e0000, 2097152 [pid 5068] openat(AT_FDCWD, "./87/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] <... unlink resumed>) = 0 [pid 6137] <... munmap resumed>) = 0 [pid 5068] <... openat resumed>) = 4 [pid 5064] umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6137] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5068] fstat(4, [pid 6137] <... openat resumed>) = 4 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6137] ioctl(4, LOOP_SET_FD, 3 [pid 5068] getdents64(4, [pid 6137] <... ioctl resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, [pid 6137] close(3 [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6137] <... close resumed>) = 0 [pid 5068] close(4) = 0 [pid 6137] mkdir("./file0", 0777) = 0 [pid 5068] rmdir("./87/file0" [pid 6137] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] <... rmdir resumed>) = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5068] rmdir("./87") = 0 [ 246.467161][ T6137] loop2: detected capacity change from 0 to 4096 [pid 5068] mkdir("./88", 0777) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5068] close(3) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6140 ./strace-static-x86_64: Process 6140 attached [pid 6140] chdir("./88") = 0 [pid 6140] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6140] setpgid(0, 0) = 0 [pid 6140] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6140] write(3, "1000", 4) = 4 [pid 6140] close(3) = 0 [pid 6140] symlink("/dev/binderfs", "./binderfs") = 0 [ 246.536907][ T6137] NILFS (loop2): invalid segment: Checksum error in segment payload [ 246.545007][ T6137] NILFS (loop2): trying rollback from an earlier position [pid 6140] memfd_create("syzkaller", 0) = 3 [pid 6140] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6132] <... sendfile resumed>) = 1048576 [pid 6132] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6132] exit_group(0 [pid 5064] <... umount2 resumed>) = 0 [pid 6132] <... exit_group resumed>) = ? [pid 6132] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6132, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=28 /* 0.28 s */} --- [pid 5067] umount2("./87", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./87", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6140] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./87/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./87/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./87/binderfs") = 0 [pid 5067] umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./86/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./86/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5064] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] close(4) = 0 [pid 5064] rmdir("./86/file0") = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] close(3) = 0 [pid 5064] rmdir("./86") = 0 [pid 5064] mkdir("./87", 0777) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5064] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5064] close(3) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6141 ./strace-static-x86_64: Process 6141 attached [pid 6141] chdir("./87") = 0 [pid 6141] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6141] setpgid(0, 0) = 0 [pid 6140] <... write resumed>) = 2097152 [ 246.741792][ T6137] NILFS (loop2): recovery complete [pid 6141] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6141] write(3, "1000", 4) = 4 [pid 6141] close(3) = 0 [pid 6141] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6141] memfd_create("syzkaller", 0 [pid 6140] munmap(0x7fc0314e0000, 2097152 [pid 6141] <... memfd_create resumed>) = 3 [pid 6140] <... munmap resumed>) = 0 [pid 6141] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6140] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6137] <... mount resumed>) = 0 [pid 6140] ioctl(4, LOOP_SET_FD, 3 [pid 6137] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6137] chdir("./file0") = 0 [pid 6137] ioctl(4, LOOP_CLR_FD [pid 6140] <... ioctl resumed>) = 0 [pid 6137] <... ioctl resumed>) = 0 [pid 6137] close(4) = 0 [pid 6137] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6137] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6140] close(3) = 0 [pid 6140] mkdir("./file0", 0777 [pid 6137] <... open resumed>) = 5 [pid 6137] ftruncate(5, 33587195) = 0 [ 246.781842][ T6142] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 246.808405][ T6140] loop4: detected capacity change from 0 to 4096 [pid 6141] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6140] <... mkdir resumed>) = 0 [pid 6137] sendfile(4, 5, NULL, 281474978811909 [pid 6140] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5067] <... umount2 resumed>) = 0 [pid 5067] umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./87/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./87/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6141] <... write resumed>) = 2097152 [pid 5067] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./87/file0") = 0 [ 246.872666][ T6140] NILFS (loop4): invalid segment: Checksum error in segment payload [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./87") = 0 [pid 5067] mkdir("./88", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6143 ./strace-static-x86_64: Process 6143 attached [pid 6143] chdir("./88" [pid 6141] munmap(0x7fc0314e0000, 2097152 [pid 6143] <... chdir resumed>) = 0 [pid 6141] <... munmap resumed>) = 0 [pid 6143] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6141] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6143] <... prctl resumed>) = 0 [pid 6141] <... openat resumed>) = 4 [pid 6143] setpgid(0, 0 [pid 6141] ioctl(4, LOOP_SET_FD, 3 [pid 6143] <... setpgid resumed>) = 0 [ 246.941897][ T6140] NILFS (loop4): trying rollback from an earlier position [pid 6143] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6143] write(3, "1000", 4) = 4 [pid 6143] close(3) = 0 [pid 6143] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6143] memfd_create("syzkaller", 0) = 3 [pid 6143] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6141] <... ioctl resumed>) = 0 [pid 6141] close(3) = 0 [pid 6141] mkdir("./file0", 0777) = 0 [ 246.987203][ T6141] loop0: detected capacity change from 0 to 4096 [ 247.026925][ T6140] NILFS (loop4): recovery complete [pid 6141] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6143] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6140] <... mount resumed>) = 0 [pid 6140] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6140] chdir("./file0") = 0 [pid 6140] ioctl(4, LOOP_CLR_FD) = 0 [pid 6140] close(4) = 0 [pid 6140] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6140] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6140] ftruncate(5, 33587195) = 0 [ 247.057656][ T6141] NILFS (loop0): invalid segment: Checksum error in segment payload [ 247.085621][ T6144] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 247.090479][ T6141] NILFS (loop0): trying rollback from an earlier position [pid 6140] sendfile(4, 5, NULL, 281474978811909 [pid 6143] <... write resumed>) = 2097152 [pid 6143] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6143] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6143] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6143] close(3) = 0 [pid 6143] mkdir("./file0", 0777) = 0 [ 247.179470][ T6141] NILFS (loop0): recovery complete [ 247.186115][ T6143] loop3: detected capacity change from 0 to 4096 [pid 6143] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6141] <... mount resumed>) = 0 [pid 6141] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6141] chdir("./file0") = 0 [pid 6141] ioctl(4, LOOP_CLR_FD) = 0 [pid 6141] close(4) = 0 [pid 6141] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6141] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6141] ftruncate(5, 33587195) = 0 [ 247.231917][ T6145] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 247.291605][ T6143] NILFS (loop3): invalid segment: Checksum error in segment payload [ 247.323389][ T6143] NILFS (loop3): trying rollback from an earlier position [ 247.438748][ T6143] NILFS (loop3): recovery complete [pid 6141] sendfile(4, 5, NULL, 281474978811909 [pid 6135] <... sendfile resumed>) = 1048576 [pid 6135] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6143] <... mount resumed>) = 0 [pid 6135] <... open resumed>) = -1 EFAULT (Bad address) [pid 6143] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6135] exit_group(0 [pid 6143] <... openat resumed>) = 3 [pid 6135] <... exit_group resumed>) = ? [pid 6143] chdir("./file0") = 0 [pid 6135] +++ exited with 0 +++ [pid 6143] ioctl(4, LOOP_CLR_FD [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6135, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=24 /* 0.24 s */} --- [pid 6143] <... ioctl resumed>) = 0 [pid 6143] close(4) = 0 [pid 5065] umount2("./86", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6143] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6143] <... open resumed>) = 4 [pid 5065] openat(AT_FDCWD, "./86", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6143] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5065] <... openat resumed>) = 3 [pid 6143] <... open resumed>) = 5 [pid 5065] fstat(3, [pid 6143] ftruncate(5, 33587195 [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6143] <... ftruncate resumed>) = 0 [pid 5065] getdents64(3, [pid 6143] sendfile(4, 5, NULL, 281474978811909 [pid 5065] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./86/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./86/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] unlink("./86/binderfs") = 0 [ 247.489785][ T6146] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5065] umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6136] <... sendfile resumed>) = 1048576 [pid 6136] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6136] exit_group(0) = ? [pid 6136] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6136, si_uid=0, si_status=0, si_utime=0, si_stime=24 /* 0.24 s */} --- [pid 5069] umount2("./88", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./88", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./88/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./88/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./88/binderfs") = 0 [pid 5069] umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... umount2 resumed>) = 0 [pid 5065] umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./86/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./86/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [pid 5065] rmdir("./86/file0") = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 5065] rmdir("./86") = 0 [pid 5065] mkdir("./87", 0777) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6147 ./strace-static-x86_64: Process 6147 attached [pid 6147] chdir("./87") = 0 [pid 6147] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6147] setpgid(0, 0) = 0 [pid 6147] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6147] write(3, "1000", 4) = 4 [pid 6147] close(3) = 0 [pid 6147] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6147] memfd_create("syzkaller", 0) = 3 [pid 6147] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6147] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5069] <... umount2 resumed>) = 0 [pid 5069] umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./88/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./88/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 6147] <... write resumed>) = 2097152 [pid 5069] rmdir("./88/file0") = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./88") = 0 [pid 5069] mkdir("./89", 0777 [pid 6137] <... sendfile resumed>) = 1048576 [pid 5069] <... mkdir resumed>) = 0 [pid 6137] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 6137] exit_group(0) = ? [pid 6137] +++ exited with 0 +++ [pid 6147] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6147] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6147] ioctl(4, LOOP_SET_FD, 3 [pid 5069] <... openat resumed>) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6137, si_uid=0, si_status=0, si_utime=0, si_stime=30 /* 0.30 s */} --- [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5066] umount2("./87", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] close(3 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... close resumed>) = 0 [pid 6147] <... ioctl resumed>) = 0 [pid 6147] close(3 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5066] openat(AT_FDCWD, "./87", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 6148 [pid 5066] <... openat resumed>) = 3 [pid 5066] fstat(3, [pid 6147] <... close resumed>) = 0 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] umount2("./87/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./87/binderfs", [pid 6147] mkdir("./file0", 0777 [pid 5066] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] unlink("./87/binderfs" [pid 6147] <... mkdir resumed>) = 0 [pid 5066] <... unlink resumed>) = 0 [pid 5066] umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6147] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, ""./strace-static-x86_64: Process 6148 attached [ 248.024984][ T6147] loop1: detected capacity change from 0 to 4096 [pid 6148] chdir("./89") = 0 [pid 6148] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6148] setpgid(0, 0) = 0 [pid 6148] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6148] write(3, "1000", 4) = 4 [pid 6148] close(3) = 0 [pid 6148] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6148] memfd_create("syzkaller", 0) = 3 [pid 6148] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 248.099911][ T6147] NILFS (loop1): invalid segment: Checksum error in segment payload [ 248.146551][ T6147] NILFS (loop1): trying rollback from an earlier position [pid 6148] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5066] <... umount2 resumed>) = 0 [pid 5066] umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./87/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./87/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 248.246099][ T6147] NILFS (loop1): recovery complete [pid 6148] <... write resumed>) = 2097152 [pid 5066] getdents64(4, [pid 6147] <... mount resumed>) = 0 [pid 6147] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6148] munmap(0x7fc0314e0000, 2097152 [pid 6147] <... openat resumed>) = 3 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6148] <... munmap resumed>) = 0 [pid 6147] chdir("./file0" [pid 6141] <... sendfile resumed>) = 1048576 [pid 5066] getdents64(4, [pid 6148] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 6147] <... chdir resumed>) = 0 [pid 6141] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6148] <... openat resumed>) = 4 [pid 6147] ioctl(4, LOOP_CLR_FD [pid 6141] <... open resumed>) = -1 EFAULT (Bad address) [pid 5066] close(4 [pid 6148] ioctl(4, LOOP_SET_FD, 3 [pid 6147] <... ioctl resumed>) = 0 [pid 6141] exit_group(0 [pid 5066] <... close resumed>) = 0 [pid 6147] close(4 [pid 6141] <... exit_group resumed>) = ? [pid 5066] rmdir("./87/file0" [pid 6148] <... ioctl resumed>) = 0 [pid 6147] <... close resumed>) = 0 [pid 6141] +++ exited with 0 +++ [pid 6140] <... sendfile resumed>) = 1048576 [pid 5066] <... rmdir resumed>) = 0 [pid 6148] close(3 [pid 6147] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6140] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5066] getdents64(3, [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6141, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} --- [pid 6148] <... close resumed>) = 0 [pid 6140] <... open resumed>) = -1 EFAULT (Bad address) [pid 5066] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6148] mkdir("./file0", 0777 [pid 6147] <... open resumed>) = 4 [pid 6140] exit_group(0 [pid 5066] close(3 [pid 5064] restart_syscall(<... resuming interrupted clone ...> [pid 6148] <... mkdir resumed>) = 0 [pid 6147] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6140] <... exit_group resumed>) = ? [pid 5066] <... close resumed>) = 0 [pid 5064] <... restart_syscall resumed>) = 0 [pid 6148] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6147] <... open resumed>) = 5 [pid 5066] rmdir("./87" [pid 6147] ftruncate(5, 33587195 [pid 6140] +++ exited with 0 +++ [pid 5066] <... rmdir resumed>) = 0 [pid 6147] <... ftruncate resumed>) = 0 [pid 5066] mkdir("./88", 0777 [pid 6147] sendfile(4, 5, NULL, 281474978811909 [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6140, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=25 /* 0.25 s */} --- [pid 5066] <... mkdir resumed>) = 0 [ 248.285007][ T6149] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 248.320814][ T6148] loop5: detected capacity change from 0 to 4096 [pid 5064] umount2("./87", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5068] umount2("./88", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] ioctl(3, LOOP_CLR_FD [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5064] openat(AT_FDCWD, "./87", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] openat(AT_FDCWD, "./88", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] close(3 [pid 5068] <... openat resumed>) = 3 [pid 5066] <... close resumed>) = 0 [pid 5064] <... openat resumed>) = 3 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] fstat(3, [pid 5064] fstat(3, [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] <... clone resumed>, child_tidptr=0x555556c965d0) = 6150 [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(3, [pid 5064] getdents64(3, [pid 5068] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] umount2("./88/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] umount2("./87/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] lstat("./88/binderfs", ./strace-static-x86_64: Process 6150 attached {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] unlink("./88/binderfs" [pid 5064] lstat("./87/binderfs", [pid 6150] chdir("./88" [pid 5068] <... unlink resumed>) = 0 [pid 6150] <... chdir resumed>) = 0 [pid 5068] umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6150] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5064] unlink("./87/binderfs") = 0 [pid 6150] <... prctl resumed>) = 0 [pid 5064] umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6150] setpgid(0, 0) = 0 [pid 6150] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6150] write(3, "1000", 4) = 4 [pid 6150] close(3) = 0 [pid 6150] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6150] memfd_create("syzkaller", 0) = 3 [pid 6150] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 248.387233][ T6148] NILFS (loop5): invalid segment: Checksum error in segment payload [ 248.423566][ T6148] NILFS (loop5): trying rollback from an earlier position [pid 6143] <... sendfile resumed>) = 1048576 [pid 6143] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6143] exit_group(0) = ? [pid 6143] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6143, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=25 /* 0.25 s */} --- [pid 6150] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5067] umount2("./88", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./88", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./88/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./88/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./88/binderfs") = 0 [ 248.488299][ T6148] NILFS (loop5): recovery complete [pid 5067] umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6148] <... mount resumed>) = 0 [pid 6148] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6148] chdir("./file0") = 0 [pid 6148] ioctl(4, LOOP_CLR_FD) = 0 [pid 6148] close(4) = 0 [pid 6148] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6148] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6148] ftruncate(5, 33587195) = 0 [ 248.527771][ T6151] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6148] sendfile(4, 5, NULL, 281474978811909 [pid 5064] <... umount2 resumed>) = 0 [pid 5064] umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./87/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6150] <... write resumed>) = 2097152 [pid 5068] <... umount2 resumed>) = 0 [pid 5064] umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./88/file0", [pid 5064] openat(AT_FDCWD, "./87/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... openat resumed>) = 4 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./88/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] fstat(4, [pid 5068] <... openat resumed>) = 4 [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] fstat(4, [pid 5064] getdents64(4, [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, [pid 5064] getdents64(4, [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] getdents64(4, [pid 5064] close(4 [pid 6150] munmap(0x7fc0314e0000, 2097152 [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] <... umount2 resumed>) = 0 [pid 5064] <... close resumed>) = 0 [pid 5068] close(4 [pid 5067] umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] rmdir("./87/file0" [pid 5068] <... close resumed>) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... rmdir resumed>) = 0 [pid 5068] rmdir("./88/file0" [pid 5067] lstat("./88/file0", [pid 5064] getdents64(3, [pid 5068] <... rmdir resumed>) = 0 [pid 5067] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] getdents64(3, [pid 5067] umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] close(3 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... close resumed>) = 0 [pid 5068] close(3 [pid 5067] openat(AT_FDCWD, "./88/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] rmdir("./87" [pid 5068] <... close resumed>) = 0 [pid 5067] <... openat resumed>) = 4 [pid 5064] <... rmdir resumed>) = 0 [pid 5068] rmdir("./88" [pid 5067] fstat(4, [pid 5064] mkdir("./88", 0777 [pid 5068] <... rmdir resumed>) = 0 [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] <... mkdir resumed>) = 0 [pid 5068] mkdir("./89", 0777 [pid 5067] getdents64(4, [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5068] <... mkdir resumed>) = 0 [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] <... openat resumed>) = 3 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5067] getdents64(4, [pid 5064] ioctl(3, LOOP_CLR_FD [pid 6150] <... munmap resumed>) = 0 [pid 5068] <... openat resumed>) = 3 [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6150] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5067] close(4 [pid 5064] close(3 [pid 6150] <... openat resumed>) = 4 [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5067] <... close resumed>) = 0 [pid 5064] <... close resumed>) = 0 [pid 6150] ioctl(4, LOOP_SET_FD, 3 [pid 5068] close(3 [pid 5067] rmdir("./88/file0" [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] <... close resumed>) = 0 [pid 5067] <... rmdir resumed>) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5067] getdents64(3, [pid 5064] <... clone resumed>, child_tidptr=0x555556c965d0) = 6152 [pid 5067] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 6153 [pid 5067] close(3) = 0 [pid 5067] rmdir("./88") = 0 [pid 5067] mkdir("./89", 0777./strace-static-x86_64: Process 6152 attached ) = 0 ./strace-static-x86_64: Process 6153 attached [pid 6152] chdir("./88" [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6153] chdir("./89" [pid 6152] <... chdir resumed>) = 0 [pid 6150] <... ioctl resumed>) = 0 [pid 5067] <... openat resumed>) = 3 [pid 6153] <... chdir resumed>) = 0 [pid 6152] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5067] ioctl(3, LOOP_CLR_FD [pid 6153] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6152] <... prctl resumed>) = 0 [pid 6150] close(3 [pid 5067] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6153] <... prctl resumed>) = 0 [pid 6152] setpgid(0, 0 [pid 6150] <... close resumed>) = 0 [pid 5067] close(3 [pid 6153] setpgid(0, 0 [pid 6152] <... setpgid resumed>) = 0 [pid 6150] mkdir("./file0", 0777 [pid 5067] <... close resumed>) = 0 [pid 6153] <... setpgid resumed>) = 0 [pid 6152] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6153] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6152] <... openat resumed>) = 3 [pid 6150] <... mkdir resumed>) = 0 [pid 6153] <... openat resumed>) = 3 [pid 6152] write(3, "1000", 4 [pid 6150] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5067] <... clone resumed>, child_tidptr=0x555556c965d0) = 6154 [pid 6153] write(3, "1000", 4 [pid 6152] <... write resumed>) = 4 [pid 6153] <... write resumed>) = 4 [pid 6152] close(3 [pid 6153] close(3 [pid 6152] <... close resumed>) = 0 ./strace-static-x86_64: Process 6154 attached [pid 6153] <... close resumed>) = 0 [pid 6152] symlink("/dev/binderfs", "./binderfs" [pid 6154] chdir("./89" [pid 6153] symlink("/dev/binderfs", "./binderfs" [pid 6152] <... symlink resumed>) = 0 [pid 6154] <... chdir resumed>) = 0 [pid 6153] <... symlink resumed>) = 0 [pid 6152] memfd_create("syzkaller", 0 [pid 6154] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6153] memfd_create("syzkaller", 0 [pid 6152] <... memfd_create resumed>) = 3 [pid 6154] <... prctl resumed>) = 0 [pid 6153] <... memfd_create resumed>) = 3 [pid 6152] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6154] setpgid(0, 0 [pid 6153] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6152] <... mmap resumed>) = 0x7fc0314e0000 [ 248.694220][ T6150] loop2: detected capacity change from 0 to 4096 [pid 6154] <... setpgid resumed>) = 0 [pid 6153] <... mmap resumed>) = 0x7fc0314e0000 [pid 6154] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6154] write(3, "1000", 4) = 4 [pid 6154] close(3) = 0 [pid 6154] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6154] memfd_create("syzkaller", 0) = 3 [pid 6154] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6153] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [ 248.797206][ T6150] NILFS (loop2): invalid segment: Checksum error in segment payload [ 248.807791][ T6150] NILFS (loop2): trying rollback from an earlier position [pid 6152] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [ 248.869298][ T6150] NILFS (loop2): recovery complete [pid 6154] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6150] <... mount resumed>) = 0 [pid 6154] <... write resumed>) = 2097152 [pid 6153] <... write resumed>) = 2097152 [pid 6152] <... write resumed>) = 2097152 [pid 6150] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6152] munmap(0x7fc0314e0000, 2097152 [pid 6150] <... openat resumed>) = 3 [pid 6150] chdir("./file0" [pid 6152] <... munmap resumed>) = 0 [pid 6150] <... chdir resumed>) = 0 [pid 6153] munmap(0x7fc0314e0000, 2097152 [pid 6152] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6150] ioctl(4, LOOP_CLR_FD [pid 6153] <... munmap resumed>) = 0 [pid 6152] ioctl(4, LOOP_SET_FD, 3 [pid 6153] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6150] <... ioctl resumed>) = 0 [pid 6153] <... openat resumed>) = 4 [pid 6150] close(4 [pid 6154] munmap(0x7fc0314e0000, 2097152 [pid 6153] ioctl(4, LOOP_SET_FD, 3 [pid 6152] <... ioctl resumed>) = 0 [pid 6150] <... close resumed>) = 0 [pid 6154] <... munmap resumed>) = 0 [ 248.910750][ T6155] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 248.943817][ T6152] loop0: detected capacity change from 0 to 4096 [pid 6150] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6154] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6153] <... ioctl resumed>) = 0 [pid 6152] close(3 [pid 6150] <... open resumed>) = 4 [pid 6154] <... openat resumed>) = 4 [pid 6153] close(3 [pid 6152] <... close resumed>) = 0 [pid 6150] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6154] ioctl(4, LOOP_SET_FD, 3 [pid 6153] <... close resumed>) = 0 [pid 6152] mkdir("./file0", 0777 [pid 6150] <... open resumed>) = 5 [pid 6154] <... ioctl resumed>) = 0 [pid 6153] mkdir("./file0", 0777 [pid 6152] <... mkdir resumed>) = 0 [pid 6150] ftruncate(5, 33587195 [pid 6154] close(3 [pid 6153] <... mkdir resumed>) = 0 [pid 6152] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6150] <... ftruncate resumed>) = 0 [ 248.966900][ T6153] loop4: detected capacity change from 0 to 4096 [ 249.001001][ T6154] loop3: detected capacity change from 0 to 4096 [pid 6154] <... close resumed>) = 0 [pid 6153] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6150] sendfile(4, 5, NULL, 281474978811909 [pid 6154] mkdir("./file0", 0777) = 0 [ 249.038025][ T6152] NILFS (loop0): invalid segment: Checksum error in segment payload [ 249.079058][ T6152] NILFS (loop0): trying rollback from an earlier position [ 249.086644][ T6153] NILFS (loop4): invalid segment: Checksum error in segment payload [ 249.098650][ T6153] NILFS (loop4): trying rollback from an earlier position [ 249.109665][ T6154] NILFS (loop3): invalid segment: Checksum error in segment payload [ 249.144926][ T6154] NILFS (loop3): trying rollback from an earlier position [ 249.156997][ T6152] NILFS (loop0): recovery complete [ 249.163786][ T6153] NILFS (loop4): recovery complete [pid 6154] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6153] <... mount resumed>) = 0 [pid 6153] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6152] <... mount resumed>) = 0 [pid 6153] <... openat resumed>) = 3 [pid 6152] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6153] chdir("./file0" [pid 6152] <... openat resumed>) = 3 [pid 6154] <... mount resumed>) = 0 [pid 6152] chdir("./file0") = 0 [pid 6152] ioctl(4, LOOP_CLR_FD) = 0 [pid 6152] close(4 [pid 6153] <... chdir resumed>) = 0 [ 249.190125][ T6156] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 249.191750][ T6157] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 249.217668][ T6154] NILFS (loop3): recovery complete [pid 6152] <... close resumed>) = 0 [pid 6152] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6153] ioctl(4, LOOP_CLR_FD [pid 6152] <... open resumed>) = 4 [pid 6154] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6153] <... ioctl resumed>) = 0 [pid 6152] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6154] <... openat resumed>) = 3 [pid 6153] close(4 [pid 6152] <... open resumed>) = 5 [pid 6154] chdir("./file0" [pid 6153] <... close resumed>) = 0 [pid 6152] ftruncate(5, 33587195 [pid 6154] <... chdir resumed>) = 0 [pid 6153] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6152] <... ftruncate resumed>) = 0 [pid 6154] ioctl(4, LOOP_CLR_FD [pid 6152] sendfile(4, 5, NULL, 281474978811909 [pid 6154] <... ioctl resumed>) = 0 [pid 6153] <... open resumed>) = 4 [pid 6154] close(4 [pid 6153] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6154] <... close resumed>) = 0 [pid 6153] <... open resumed>) = 5 [ 249.237704][ T6158] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6154] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6153] ftruncate(5, 33587195) = 0 [pid 6154] <... open resumed>) = 4 [pid 6153] sendfile(4, 5, NULL, 281474978811909 [pid 6154] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6154] ftruncate(5, 33587195) = 0 [pid 6154] sendfile(4, 5, NULL, 281474978811909 [pid 6147] <... sendfile resumed>) = 1048576 [pid 6147] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6147] exit_group(0) = ? [pid 6147] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6147, si_uid=0, si_status=0, si_utime=0, si_stime=22 /* 0.22 s */} --- [pid 5065] umount2("./87", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./87", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./87/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./87/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] unlink("./87/binderfs") = 0 [ 249.477720][ T6158] NILFS (loop3): nilfs_direct_assign (ino=6): invalid key: 130 [ 249.502746][ T6158] NILFS error (device loop3): nilfs_bmap_assign: broken bmap (inode number=6) [pid 5065] umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6154] <... sendfile resumed>) = 65536 [pid 6154] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6154] exit_group(0) = ? [pid 6154] +++ exited with 0 +++ [pid 6148] <... sendfile resumed>) = 1048576 [pid 6148] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6154, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=10 /* 0.10 s */} --- [pid 6148] <... open resumed>) = -1 EFAULT (Bad address) [pid 5067] restart_syscall(<... resuming interrupted clone ...> [pid 6148] exit_group(0 [pid 5067] <... restart_syscall resumed>) = 0 [pid 6148] <... exit_group resumed>) = ? [pid 6148] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6148, si_uid=0, si_status=0, si_utime=0, si_stime=19 /* 0.19 s */} --- [pid 5069] umount2("./89", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./89", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] fstat(3, [pid 5067] umount2("./89", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] getdents64(3, [pid 5067] openat(AT_FDCWD, "./89", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./89/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... openat resumed>) = 3 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 249.551985][ T6158] Remounting filesystem read-only [pid 5067] fstat(3, [pid 5069] lstat("./89/binderfs", [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./89/binderfs" [pid 5067] getdents64(3, [pid 5069] <... unlink resumed>) = 0 [pid 5069] umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./89/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./89/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./89/binderfs") = 0 [pid 5067] umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5065] <... umount2 resumed>) = 0 [pid 5065] umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./87/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./87/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] fstat(4, [pid 5067] umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] <... umount2 resumed>) = 0 [pid 5065] getdents64(4, [pid 5069] umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] getdents64(4, [pid 5069] lstat("./89/file0", [pid 5067] lstat("./89/file0", [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] close(4 [pid 5069] umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... close resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] rmdir("./87/file0" [pid 5069] openat(AT_FDCWD, "./89/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] <... rmdir resumed>) = 0 [pid 5069] fstat(4, [pid 5065] getdents64(3, [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] getdents64(4, [pid 5065] close(3 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] <... close resumed>) = 0 [pid 5069] getdents64(4, [pid 5065] rmdir("./87" [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] <... rmdir resumed>) = 0 [pid 5069] close(4 [pid 5065] mkdir("./88", 0777 [pid 5069] <... close resumed>) = 0 [pid 5065] <... mkdir resumed>) = 0 [pid 5069] rmdir("./89/file0" [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5069] <... rmdir resumed>) = 0 [pid 5065] <... openat resumed>) = 3 [pid 5069] getdents64(3, [pid 5065] ioctl(3, LOOP_CLR_FD [pid 5069] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5069] close(3 [pid 5065] close(3 [pid 5069] <... close resumed>) = 0 [pid 5065] <... close resumed>) = 0 [pid 5069] rmdir("./89" [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5069] <... rmdir resumed>) = 0 [pid 5069] mkdir("./90", 0777 [pid 5067] umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... clone resumed>, child_tidptr=0x555556c965d0) = 6159 [pid 5069] <... mkdir resumed>) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5069] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6160 ./strace-static-x86_64: Process 6159 attached [pid 6159] chdir("./88") = 0 [pid 6159] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 6160 attached [pid 6159] <... prctl resumed>) = 0 [pid 6160] chdir("./90" [pid 6159] setpgid(0, 0 [pid 5067] openat(AT_FDCWD, "./89/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6160] <... chdir resumed>) = 0 [pid 6159] <... setpgid resumed>) = 0 [pid 6160] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6159] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5067] <... openat resumed>) = 4 [pid 6160] <... prctl resumed>) = 0 [pid 6159] <... openat resumed>) = 3 [pid 5067] fstat(4, [pid 6160] setpgid(0, 0 [pid 6159] write(3, "1000", 4 [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6160] <... setpgid resumed>) = 0 [pid 6159] <... write resumed>) = 4 [pid 5067] getdents64(4, [pid 6160] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6159] close(3 [pid 6160] <... openat resumed>) = 3 [pid 6159] <... close resumed>) = 0 [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6160] write(3, "1000", 4 [pid 6159] symlink("/dev/binderfs", "./binderfs" [pid 5067] getdents64(4, [pid 6160] <... write resumed>) = 4 [pid 6159] <... symlink resumed>) = 0 [pid 6160] close(3 [pid 6159] memfd_create("syzkaller", 0 [pid 6160] <... close resumed>) = 0 [pid 6159] <... memfd_create resumed>) = 3 [pid 6160] symlink("/dev/binderfs", "./binderfs" [pid 6159] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6160] <... symlink resumed>) = 0 [pid 6159] <... mmap resumed>) = 0x7fc0314e0000 [pid 5067] close(4 [pid 6160] memfd_create("syzkaller", 0 [pid 5067] <... close resumed>) = 0 [pid 6160] <... memfd_create resumed>) = 3 [pid 5067] rmdir("./89/file0") = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 6160] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5067] rmdir("./89" [pid 6160] <... mmap resumed>) = 0x7fc0314e0000 [pid 5067] <... rmdir resumed>) = 0 [pid 5067] mkdir("./90", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6161 ./strace-static-x86_64: Process 6161 attached [pid 6161] chdir("./90" [pid 6159] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6161] <... chdir resumed>) = 0 [pid 6160] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6161] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6161] setpgid(0, 0) = 0 [pid 6161] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6161] write(3, "1000", 4) = 4 [pid 6161] close(3) = 0 [pid 6161] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6161] memfd_create("syzkaller", 0) = 3 [pid 6161] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6161] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6159] <... write resumed>) = 2097152 [pid 6159] munmap(0x7fc0314e0000, 2097152 [pid 6160] <... write resumed>) = 2097152 [pid 6159] <... munmap resumed>) = 0 [pid 6160] munmap(0x7fc0314e0000, 2097152 [pid 6159] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6150] <... sendfile resumed>) = 1048576 [pid 6160] <... munmap resumed>) = 0 [pid 6159] <... openat resumed>) = 4 [pid 6150] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6160] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 6159] ioctl(4, LOOP_SET_FD, 3 [pid 6150] <... open resumed>) = -1 EFAULT (Bad address) [pid 6160] <... openat resumed>) = 4 [pid 6150] exit_group(0 [pid 6160] ioctl(4, LOOP_SET_FD, 3 [pid 6159] <... ioctl resumed>) = 0 [pid 6150] <... exit_group resumed>) = ? [pid 6159] close(3 [pid 6150] +++ exited with 0 +++ [pid 6159] <... close resumed>) = 0 [pid 6160] <... ioctl resumed>) = 0 [pid 6159] mkdir("./file0", 0777 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6150, si_uid=0, si_status=0, si_utime=0, si_stime=28 /* 0.28 s */} --- [pid 6160] close(3 [pid 6159] <... mkdir resumed>) = 0 [pid 6160] <... close resumed>) = 0 [pid 6159] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6160] mkdir("./file0", 0777) = 0 [pid 5066] umount2("./88", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6160] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./88", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5066] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] umount2("./88/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./88/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] unlink("./88/binderfs") = 0 [pid 6161] <... write resumed>) = 2097152 [ 250.063902][ T6159] loop1: detected capacity change from 0 to 4096 [ 250.072098][ T6160] loop5: detected capacity change from 0 to 4096 [pid 5066] umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6161] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6161] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6161] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6161] close(3) = 0 [pid 6161] mkdir("./file0", 0777) = 0 [ 250.129183][ T6159] NILFS (loop1): invalid segment: Checksum error in segment payload [ 250.147794][ T6161] loop3: detected capacity change from 0 to 4096 [ 250.156847][ T6160] NILFS (loop5): invalid segment: Checksum error in segment payload [ 250.165014][ T6160] NILFS (loop5): trying rollback from an earlier position [pid 6161] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5066] <... umount2 resumed>) = 0 [ 250.190913][ T6159] NILFS (loop1): trying rollback from an earlier position [ 250.217637][ T6160] NILFS (loop5): recovery complete [pid 5066] umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6160] <... mount resumed>) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6160] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5066] lstat("./88/file0", [pid 6160] <... openat resumed>) = 3 [pid 6159] <... mount resumed>) = 0 [pid 5066] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6160] chdir("./file0" [pid 6159] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5066] umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6160] <... chdir resumed>) = 0 [pid 6159] <... openat resumed>) = 3 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6160] ioctl(4, LOOP_CLR_FD [pid 6159] chdir("./file0" [pid 5066] openat(AT_FDCWD, "./88/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6160] <... ioctl resumed>) = 0 [pid 6159] <... chdir resumed>) = 0 [ 250.253347][ T6162] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 250.264140][ T6159] NILFS (loop1): recovery complete [ 250.266450][ T6161] NILFS (loop3): invalid segment: Checksum error in segment payload [ 250.279998][ T6163] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6160] close(4 [pid 6159] ioctl(4, LOOP_CLR_FD [pid 5066] <... openat resumed>) = 4 [pid 6160] <... close resumed>) = 0 [pid 6159] <... ioctl resumed>) = 0 [pid 5066] fstat(4, [pid 6160] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6159] close(4 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6159] <... close resumed>) = 0 [pid 5066] getdents64(4, [pid 6159] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 5066] rmdir("./88/file0") = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./88") = 0 [pid 5066] mkdir("./89", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5066] close(3) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6164 [pid 6160] <... open resumed>) = 4 [pid 6159] <... open resumed>) = 4 [pid 6160] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6159] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6160] <... open resumed>) = 5 [pid 6159] <... open resumed>) = 5 [pid 6160] ftruncate(5, 33587195 [pid 6159] ftruncate(5, 33587195 [pid 6160] <... ftruncate resumed>) = 0 [pid 6159] <... ftruncate resumed>) = 0 [pid 6161] <... mount resumed>) = 0 [ 250.304741][ T6161] NILFS (loop3): trying rollback from an earlier position [ 250.340427][ T6161] NILFS (loop3): recovery complete [pid 6160] sendfile(4, 5, NULL, 281474978811909 [pid 6159] sendfile(4, 5, NULL, 281474978811909 [pid 6161] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6161] chdir("./file0"./strace-static-x86_64: Process 6164 attached ) = 0 [pid 6164] chdir("./89" [pid 6161] ioctl(4, LOOP_CLR_FD [pid 6152] <... sendfile resumed>) = 1048576 [pid 6164] <... chdir resumed>) = 0 [pid 6161] <... ioctl resumed>) = 0 [pid 6164] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6161] close(4 [pid 6164] <... prctl resumed>) = 0 [ 250.359233][ T6165] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6161] <... close resumed>) = 0 [pid 6152] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6164] setpgid(0, 0 [pid 6161] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6164] <... setpgid resumed>) = 0 [pid 6161] <... open resumed>) = 4 [pid 6152] <... open resumed>) = -1 EFAULT (Bad address) [pid 6164] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6161] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6152] exit_group(0 [pid 6164] <... openat resumed>) = 3 [pid 6161] <... open resumed>) = 5 [pid 6152] <... exit_group resumed>) = ? [pid 6164] write(3, "1000", 4 [pid 6161] ftruncate(5, 33587195 [pid 6164] <... write resumed>) = 4 [pid 6161] <... ftruncate resumed>) = 0 [pid 6164] close(3 [pid 6161] sendfile(4, 5, NULL, 281474978811909 [pid 6164] <... close resumed>) = 0 [pid 6152] +++ exited with 0 +++ [pid 6164] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6152, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} --- [pid 6164] memfd_create("syzkaller", 0 [pid 5064] restart_syscall(<... resuming interrupted clone ...> [pid 6164] <... memfd_create resumed>) = 3 [pid 5064] <... restart_syscall resumed>) = 0 [pid 6164] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5064] umount2("./88", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./88", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5064] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6164] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5064] getdents64(3, [pid 6153] <... sendfile resumed>) = 1048576 [pid 5064] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] umount2("./88/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6153] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6153] <... open resumed>) = -1 EFAULT (Bad address) [pid 5064] lstat("./88/binderfs", [pid 6153] exit_group(0) = ? [pid 5064] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] unlink("./88/binderfs") = 0 [pid 5064] umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6153] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6153, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5068] umount2("./89", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./89", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] umount2("./89/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./89/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] unlink("./89/binderfs") = 0 [pid 5068] umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6164] <... write resumed>) = 2097152 [pid 6164] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6164] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6164] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6164] close(3) = 0 [pid 6164] mkdir("./file0", 0777) = 0 [ 250.638259][ T6164] loop2: detected capacity change from 0 to 4096 [ 250.710338][ T6164] NILFS (loop2): invalid segment: Checksum error in segment payload [pid 6164] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5064] <... umount2 resumed>) = 0 [pid 5064] umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./88/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... umount2 resumed>) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./89/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./89/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5064] openat(AT_FDCWD, "./88/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] <... openat resumed>) = 4 [pid 5068] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] fstat(4, [pid 5068] close(4) = 0 [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] rmdir("./89/file0" [pid 5064] getdents64(4, [pid 5068] <... rmdir resumed>) = 0 [pid 5068] getdents64(3, [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] close(3 [pid 5064] getdents64(4, [pid 5068] <... close resumed>) = 0 [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] rmdir("./89") = 0 [ 250.776735][ T6164] NILFS (loop2): trying rollback from an earlier position [pid 5064] close(4 [pid 5068] mkdir("./90", 0777) = 0 [pid 5064] <... close resumed>) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5064] rmdir("./88/file0" [pid 5068] <... openat resumed>) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5064] <... rmdir resumed>) = 0 [pid 5068] close(3) = 0 [pid 5064] getdents64(3, [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5064] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 6166 [pid 5064] close(3) = 0 [pid 5064] rmdir("./88"./strace-static-x86_64: Process 6166 attached ) = 0 [pid 6166] chdir("./90") = 0 [pid 5064] mkdir("./89", 0777 [pid 6166] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5064] <... mkdir resumed>) = 0 [pid 6166] <... prctl resumed>) = 0 [ 250.853920][ T6164] NILFS (loop2): recovery complete [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6166] setpgid(0, 0) = 0 [pid 6164] <... mount resumed>) = 0 [pid 5064] <... openat resumed>) = 3 [pid 6166] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6164] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6164] chdir("./file0") = 0 [pid 6164] ioctl(4, LOOP_CLR_FD) = 0 [pid 5064] ioctl(3, LOOP_CLR_FD [pid 6164] close(4 [pid 6166] <... openat resumed>) = 3 [pid 6164] <... close resumed>) = 0 [pid 5064] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6166] write(3, "1000", 4 [pid 6164] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6166] <... write resumed>) = 4 [pid 6164] <... open resumed>) = 4 [pid 5064] close(3 [pid 6166] close(3 [pid 6164] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6166] <... close resumed>) = 0 [pid 6164] <... open resumed>) = 5 [pid 5064] <... close resumed>) = 0 [pid 6166] symlink("/dev/binderfs", "./binderfs" [pid 6164] ftruncate(5, 33587195 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6166] <... symlink resumed>) = 0 [pid 6164] <... ftruncate resumed>) = 0 [pid 6164] sendfile(4, 5, NULL, 281474978811909 [pid 6166] memfd_create("syzkaller", 0) = 3 [ 250.903697][ T6167] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5064] <... clone resumed>, child_tidptr=0x555556c965d0) = 6168 [pid 6166] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 ./strace-static-x86_64: Process 6168 attached [pid 6168] chdir("./89") = 0 [pid 6168] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6168] setpgid(0, 0 [pid 6166] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6168] <... setpgid resumed>) = 0 [pid 6168] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6168] write(3, "1000", 4) = 4 [pid 6168] close(3) = 0 [pid 6168] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6168] memfd_create("syzkaller", 0) = 3 [pid 6168] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6168] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6166] <... write resumed>) = 2097152 [pid 6166] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6166] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6166] ioctl(4, LOOP_SET_FD, 3 [pid 6168] <... write resumed>) = 2097152 [pid 6166] <... ioctl resumed>) = 0 [pid 6166] close(3) = 0 [pid 6166] mkdir("./file0", 0777) = 0 [pid 6166] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6168] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6168] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 251.181343][ T6166] loop4: detected capacity change from 0 to 4096 [ 251.213759][ T6168] loop0: detected capacity change from 0 to 4096 [pid 6168] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6168] close(3) = 0 [pid 6168] mkdir("./file0", 0777) = 0 [ 251.250070][ T6166] NILFS (loop4): invalid segment: Checksum error in segment payload [ 251.304051][ T6166] NILFS (loop4): trying rollback from an earlier position [ 251.331014][ T6168] NILFS (loop0): invalid segment: Checksum error in segment payload [ 251.349655][ T6168] NILFS (loop0): trying rollback from an earlier position [ 251.365429][ T6166] NILFS (loop4): recovery complete [pid 6168] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6166] <... mount resumed>) = 0 [pid 6166] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6166] chdir("./file0") = 0 [pid 6166] ioctl(4, LOOP_CLR_FD) = 0 [pid 6166] close(4) = 0 [pid 6159] <... sendfile resumed>) = 1048576 [pid 6159] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6166] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6166] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6159] <... open resumed>) = -1 EFAULT (Bad address) [ 251.415674][ T6168] NILFS (loop0): recovery complete [ 251.423130][ T6169] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6168] <... mount resumed>) = 0 [pid 6166] ftruncate(5, 33587195 [pid 6160] <... sendfile resumed>) = 1048576 [pid 6159] exit_group(0 [pid 6168] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6160] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6168] <... openat resumed>) = 3 [pid 6160] <... open resumed>) = -1 EFAULT (Bad address) [pid 6168] chdir("./file0" [pid 6160] exit_group(0 [pid 6168] <... chdir resumed>) = 0 [pid 6166] <... ftruncate resumed>) = 0 [pid 6160] <... exit_group resumed>) = ? [pid 6159] <... exit_group resumed>) = ? [pid 6168] ioctl(4, LOOP_CLR_FD [pid 6160] +++ exited with 0 +++ [pid 6168] <... ioctl resumed>) = 0 [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6160, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=17 /* 0.17 s */} --- [pid 6159] +++ exited with 0 +++ [pid 6168] close(4 [pid 6166] sendfile(4, 5, NULL, 281474978811909 [pid 6168] <... close resumed>) = 0 [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6159, si_uid=0, si_status=0, si_utime=0, si_stime=29 /* 0.29 s */} --- [pid 6168] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6161] <... sendfile resumed>) = 1048576 [pid 5069] umount2("./90", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] umount2("./88", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6168] <... open resumed>) = 4 [pid 6161] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6168] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6161] <... open resumed>) = -1 EFAULT (Bad address) [pid 5069] openat(AT_FDCWD, "./90", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] openat(AT_FDCWD, "./88", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6168] <... open resumed>) = 5 [pid 6161] exit_group(0 [pid 5069] <... openat resumed>) = 3 [pid 5065] <... openat resumed>) = 3 [pid 6168] ftruncate(5, 33587195 [pid 6161] <... exit_group resumed>) = ? [pid 5069] fstat(3, [pid 5065] fstat(3, [pid 6168] <... ftruncate resumed>) = 0 [pid 6161] +++ exited with 0 +++ [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6168] sendfile(4, 5, NULL, 281474978811909 [pid 5069] getdents64(3, [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6161, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [ 251.457308][ T6170] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5065] getdents64(3, [pid 5069] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] restart_syscall(<... resuming interrupted clone ...> [pid 5065] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./90/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... restart_syscall resumed>) = 0 [pid 5065] umount2("./88/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./90/binderfs", [pid 5065] lstat("./88/binderfs", [pid 5069] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] umount2("./90", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./90/binderfs" [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] unlink("./88/binderfs" [pid 5069] <... unlink resumed>) = 0 [pid 5067] openat(AT_FDCWD, "./90", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] <... unlink resumed>) = 0 [pid 5069] umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... openat resumed>) = 3 [pid 5065] umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./90/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./90/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./90/binderfs") = 0 [pid 5067] umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5069] <... umount2 resumed>) = 0 [pid 5069] umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./90/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./90/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] close(4) = 0 [pid 5067] lstat("./90/file0", [pid 5069] rmdir("./90/file0") = 0 [pid 5067] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, [pid 5067] umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... umount2 resumed>) = 0 [pid 5069] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... close resumed>) = 0 [pid 5069] rmdir("./90" [pid 5067] openat(AT_FDCWD, "./90/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] <... rmdir resumed>) = 0 [pid 5069] mkdir("./91", 0777 [pid 5067] <... openat resumed>) = 4 [pid 5069] <... mkdir resumed>) = 0 [pid 5067] fstat(4, [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] getdents64(4, [pid 5069] close(3 [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] <... close resumed>) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5067] getdents64(4, [pid 5065] umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 6171 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./88/file0", [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] close(4 [pid 5065] openat(AT_FDCWD, "./88/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 6171 attached [pid 5067] <... close resumed>) = 0 [pid 6171] chdir("./91" [pid 5067] rmdir("./90/file0" [pid 5065] <... openat resumed>) = 4 [pid 6171] <... chdir resumed>) = 0 [pid 5065] fstat(4, [pid 6171] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6171] <... prctl resumed>) = 0 [pid 5067] <... rmdir resumed>) = 0 [pid 5065] getdents64(4, [pid 6171] setpgid(0, 0 [pid 5067] getdents64(3, [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6171] <... setpgid resumed>) = 0 [pid 5067] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] getdents64(4, [pid 6171] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5067] close(3 [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6171] <... openat resumed>) = 3 [pid 5067] <... close resumed>) = 0 [pid 5065] close(4 [pid 6171] write(3, "1000", 4 [pid 5067] rmdir("./90" [pid 5065] <... close resumed>) = 0 [pid 6171] <... write resumed>) = 4 [pid 5065] rmdir("./88/file0" [pid 6171] close(3 [pid 5067] <... rmdir resumed>) = 0 [pid 5065] <... rmdir resumed>) = 0 [pid 6171] <... close resumed>) = 0 [pid 5067] mkdir("./91", 0777 [pid 5065] getdents64(3, [pid 6171] symlink("/dev/binderfs", "./binderfs" [pid 5065] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6171] <... symlink resumed>) = 0 [pid 5067] <... mkdir resumed>) = 0 [pid 5065] close(3 [pid 6171] memfd_create("syzkaller", 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5065] <... close resumed>) = 0 [pid 6171] <... memfd_create resumed>) = 3 [pid 5067] <... openat resumed>) = 3 [pid 5065] rmdir("./88" [pid 6171] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5067] ioctl(3, LOOP_CLR_FD [pid 5065] <... rmdir resumed>) = 0 [pid 6171] <... mmap resumed>) = 0x7fc0314e0000 [pid 5067] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5065] mkdir("./89", 0777 [pid 5067] close(3 [pid 5065] <... mkdir resumed>) = 0 [pid 5067] <... close resumed>) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5065] <... openat resumed>) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5067] <... clone resumed>, child_tidptr=0x555556c965d0) = 6172 [pid 5065] <... clone resumed>, child_tidptr=0x555556c965d0) = 6173 ./strace-static-x86_64: Process 6172 attached ./strace-static-x86_64: Process 6173 attached [pid 6173] chdir("./89" [pid 6172] chdir("./91" [pid 6173] <... chdir resumed>) = 0 [pid 6172] <... chdir resumed>) = 0 [pid 6173] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6172] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6173] <... prctl resumed>) = 0 [pid 6172] <... prctl resumed>) = 0 [pid 6173] setpgid(0, 0 [pid 6172] setpgid(0, 0 [pid 6173] <... setpgid resumed>) = 0 [pid 6172] <... setpgid resumed>) = 0 [pid 6173] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6172] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6173] <... openat resumed>) = 3 [pid 6172] <... openat resumed>) = 3 [pid 6171] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6173] write(3, "1000", 4 [pid 6172] write(3, "1000", 4 [pid 6173] <... write resumed>) = 4 [pid 6172] <... write resumed>) = 4 [pid 6173] close(3 [pid 6172] close(3 [pid 6173] <... close resumed>) = 0 [pid 6172] <... close resumed>) = 0 [pid 6173] symlink("/dev/binderfs", "./binderfs" [pid 6172] symlink("/dev/binderfs", "./binderfs" [pid 6173] <... symlink resumed>) = 0 [pid 6172] <... symlink resumed>) = 0 [pid 6173] memfd_create("syzkaller", 0 [pid 6172] memfd_create("syzkaller", 0 [pid 6173] <... memfd_create resumed>) = 3 [pid 6172] <... memfd_create resumed>) = 3 [pid 6173] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6172] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6173] <... mmap resumed>) = 0x7fc0314e0000 [pid 6172] <... mmap resumed>) = 0x7fc0314e0000 [pid 6173] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6172] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6164] <... sendfile resumed>) = 1048576 [pid 6164] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6164] exit_group(0) = ? [pid 6164] +++ exited with 0 +++ [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6164, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 6171] <... write resumed>) = 2097152 [pid 6171] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6173] <... write resumed>) = 2097152 [pid 6171] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5066] umount2("./89", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6172] <... write resumed>) = 2097152 [pid 6171] <... openat resumed>) = 4 [pid 6171] ioctl(4, LOOP_SET_FD, 3 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./89", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6171] <... ioctl resumed>) = 0 [pid 6171] close(3) = 0 [pid 5066] <... openat resumed>) = 3 [pid 5066] fstat(3, [pid 6171] mkdir("./file0", 0777 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] umount2("./89/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./89/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] unlink("./89/binderfs") = 0 [pid 5066] umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6171] <... mkdir resumed>) = 0 [pid 6171] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6172] munmap(0x7fc0314e0000, 2097152 [pid 6173] munmap(0x7fc0314e0000, 2097152 [pid 6172] <... munmap resumed>) = 0 [pid 6173] <... munmap resumed>) = 0 [pid 6172] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6173] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6172] <... openat resumed>) = 4 [pid 6173] <... openat resumed>) = 4 [pid 6172] ioctl(4, LOOP_SET_FD, 3 [pid 6173] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6172] <... ioctl resumed>) = 0 [pid 6172] close(3) = 0 [ 252.086516][ T6171] loop5: detected capacity change from 0 to 4096 [ 252.114500][ T6171] NILFS (loop5): invalid segment: Checksum error in segment payload [ 252.129582][ T6172] loop3: detected capacity change from 0 to 4096 [pid 6172] mkdir("./file0", 0777 [pid 6173] close(3) = 0 [pid 6173] mkdir("./file0", 0777) = 0 [pid 6172] <... mkdir resumed>) = 0 [pid 6173] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [ 252.136808][ T6173] loop1: detected capacity change from 0 to 4096 [ 252.175435][ T6171] NILFS (loop5): trying rollback from an earlier position [ 252.190914][ T6172] NILFS (loop3): invalid segment: Checksum error in segment payload [ 252.201083][ T6173] NILFS (loop1): invalid segment: Checksum error in segment payload [ 252.213680][ T6172] NILFS (loop3): trying rollback from an earlier position [ 252.224046][ T6171] NILFS (loop5): recovery complete [ 252.230725][ T6173] NILFS (loop1): trying rollback from an earlier position [pid 6172] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6171] <... mount resumed>) = 0 [pid 6171] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6171] chdir("./file0") = 0 [pid 6171] ioctl(4, LOOP_CLR_FD) = 0 [pid 6171] close(4) = 0 [pid 6171] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6171] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6171] ftruncate(5, 33587195) = 0 [pid 6171] sendfile(4, 5, NULL, 281474978811909 [pid 5066] <... umount2 resumed>) = 0 [ 252.251142][ T6174] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5066] umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./89/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./89/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 252.321121][ T6172] NILFS (loop3): recovery complete [pid 5066] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [ 252.351231][ T6173] NILFS (loop1): recovery complete [pid 5066] rmdir("./89/file0") = 0 [pid 5066] getdents64(3, [pid 6173] <... mount resumed>) = 0 [pid 5066] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6173] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6172] <... mount resumed>) = 0 [pid 5066] close(3 [pid 6173] chdir("./file0" [pid 6172] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5066] <... close resumed>) = 0 [pid 6173] <... chdir resumed>) = 0 [pid 6172] <... openat resumed>) = 3 [pid 5066] rmdir("./89" [pid 6173] ioctl(4, LOOP_CLR_FD [pid 6172] chdir("./file0" [pid 6173] <... ioctl resumed>) = 0 [pid 6172] <... chdir resumed>) = 0 [pid 5066] <... rmdir resumed>) = 0 [pid 6173] close(4 [pid 6172] ioctl(4, LOOP_CLR_FD [pid 5066] mkdir("./90", 0777 [pid 6173] <... close resumed>) = 0 [pid 6172] <... ioctl resumed>) = 0 [pid 6173] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6172] close(4 [pid 6173] <... open resumed>) = 4 [pid 6172] <... close resumed>) = 0 [pid 6173] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6172] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6173] <... open resumed>) = 5 [pid 6172] <... open resumed>) = 4 [pid 6173] ftruncate(5, 33587195 [pid 6172] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6173] <... ftruncate resumed>) = 0 [pid 6172] <... open resumed>) = 5 [pid 6173] sendfile(4, 5, NULL, 281474978811909 [pid 6172] ftruncate(5, 33587195) = 0 [pid 5066] <... mkdir resumed>) = 0 [pid 6172] sendfile(4, 5, NULL, 281474978811909 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5066] close(3) = 0 [ 252.376953][ T6176] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 252.393155][ T6175] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6177 ./strace-static-x86_64: Process 6177 attached [pid 6177] chdir("./90") = 0 [pid 6177] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6177] setpgid(0, 0) = 0 [pid 6177] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6177] write(3, "1000", 4 [pid 6166] <... sendfile resumed>) = 1048576 [pid 6177] <... write resumed>) = 4 [pid 6166] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6177] close(3 [pid 6166] <... open resumed>) = -1 EFAULT (Bad address) [pid 6177] <... close resumed>) = 0 [pid 6177] symlink("/dev/binderfs", "./binderfs" [pid 6166] exit_group(0 [pid 6177] <... symlink resumed>) = 0 [pid 6166] <... exit_group resumed>) = ? [pid 6177] memfd_create("syzkaller", 0) = 3 [pid 6177] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6166] +++ exited with 0 +++ [pid 6177] <... mmap resumed>) = 0x7fc0314e0000 [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6166, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=29 /* 0.29 s */} --- [pid 5068] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5068] umount2("./90", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./90", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6177] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5068] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] umount2("./90/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./90/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] unlink("./90/binderfs") = 0 [pid 5068] umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6177] <... write resumed>) = 2097152 [pid 6168] <... sendfile resumed>) = 1048576 [pid 6168] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6168] exit_group(0) = ? [pid 6168] +++ exited with 0 +++ [pid 6177] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6177] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6168, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=22 /* 0.22 s */} --- [pid 6177] <... openat resumed>) = 4 [pid 5064] restart_syscall(<... resuming interrupted clone ...> [pid 6177] ioctl(4, LOOP_SET_FD, 3 [pid 5064] <... restart_syscall resumed>) = 0 [pid 6177] <... ioctl resumed>) = 0 [pid 6177] close(3 [pid 5068] <... umount2 resumed>) = 0 [pid 6177] <... close resumed>) = 0 [pid 6177] mkdir("./file0", 0777 [pid 5064] umount2("./89", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6177] <... mkdir resumed>) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6177] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] openat(AT_FDCWD, "./89", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5064] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] getdents64(3, [pid 5068] lstat("./90/file0", [pid 5064] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [ 252.776104][ T6177] loop2: detected capacity change from 0 to 4096 [pid 5064] umount2("./89/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./89/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] unlink("./89/binderfs") = 0 [pid 5064] umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./90/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5068] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5068] rmdir("./90/file0") = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5068] rmdir("./90") = 0 [pid 5068] mkdir("./91", 0777) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5068] close(3) = 0 [ 252.816714][ T6177] NILFS (loop2): invalid segment: Checksum error in segment payload [ 252.826292][ T6177] NILFS (loop2): trying rollback from an earlier position [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6178 ./strace-static-x86_64: Process 6178 attached [pid 6178] chdir("./91") = 0 [pid 6178] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6178] setpgid(0, 0) = 0 [pid 6178] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6178] write(3, "1000", 4) = 4 [pid 6178] close(3) = 0 [pid 6178] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6178] memfd_create("syzkaller", 0) = 3 [pid 6178] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 252.938832][ T6177] NILFS (loop2): recovery complete [pid 6178] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6177] <... mount resumed>) = 0 [pid 6177] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6177] chdir("./file0") = 0 [pid 6177] ioctl(4, LOOP_CLR_FD) = 0 [pid 6177] close(4) = 0 [ 252.975871][ T6179] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6177] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5064] <... umount2 resumed>) = 0 [pid 6177] <... open resumed>) = 4 [pid 6177] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6177] ftruncate(5, 33587195) = 0 [pid 6177] sendfile(4, 5, NULL, 281474978811909 [pid 5064] umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./89/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./89/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5064] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] close(4) = 0 [pid 6178] <... write resumed>) = 2097152 [pid 5064] rmdir("./89/file0" [pid 6178] munmap(0x7fc0314e0000, 2097152 [pid 5064] <... rmdir resumed>) = 0 [pid 6178] <... munmap resumed>) = 0 [pid 5064] getdents64(3, [pid 6178] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5064] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6178] <... openat resumed>) = 4 [pid 5064] close(3 [pid 6178] ioctl(4, LOOP_SET_FD, 3 [pid 5064] <... close resumed>) = 0 [pid 5064] rmdir("./89") = 0 [pid 5064] mkdir("./90", 0777) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5064] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5064] close(3) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6180 ./strace-static-x86_64: Process 6180 attached [pid 6180] chdir("./90" [pid 6178] <... ioctl resumed>) = 0 [pid 6180] <... chdir resumed>) = 0 [pid 6178] close(3 [pid 6180] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6178] <... close resumed>) = 0 [pid 6180] <... prctl resumed>) = 0 [pid 6178] mkdir("./file0", 0777 [pid 6180] setpgid(0, 0 [pid 6178] <... mkdir resumed>) = 0 [pid 6180] <... setpgid resumed>) = 0 [pid 6178] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6180] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6180] write(3, "1000", 4) = 4 [pid 6180] close(3) = 0 [ 253.124555][ T6178] loop4: detected capacity change from 0 to 4096 [pid 6180] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6180] memfd_create("syzkaller", 0) = 3 [pid 6180] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 253.226791][ T6178] NILFS (loop4): invalid segment: Checksum error in segment payload [pid 6180] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152 [ 253.267955][ T6178] NILFS (loop4): trying rollback from an earlier position [ 253.307920][ T6178] NILFS (loop4): recovery complete [pid 6180] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6180] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6180] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6178] <... mount resumed>) = 0 [pid 6178] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6180] close(3 [pid 6178] <... openat resumed>) = 3 [pid 6180] <... close resumed>) = 0 [pid 6178] chdir("./file0") = 0 [pid 6180] mkdir("./file0", 0777 [pid 6178] ioctl(4, LOOP_CLR_FD) = 0 [pid 6180] <... mkdir resumed>) = 0 [pid 6178] close(4 [pid 6180] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6178] <... close resumed>) = 0 [ 253.368525][ T6180] loop0: detected capacity change from 0 to 4096 [ 253.369326][ T6181] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6178] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6178] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6178] ftruncate(5, 33587195) = 0 [pid 6171] <... sendfile resumed>) = 1048576 [pid 6171] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6178] sendfile(4, 5, NULL, 281474978811909 [pid 6171] <... open resumed>) = -1 EFAULT (Bad address) [pid 6171] exit_group(0) = ? [pid 6171] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6171, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=26 /* 0.26 s */} --- [pid 5069] umount2("./91", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./91", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./91/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./91/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./91/binderfs") = 0 [pid 6173] <... sendfile resumed>) = 1048576 [pid 5069] umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6173] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6173] exit_group(0) = ? [pid 6173] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6173, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 5065] umount2("./89", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./89", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./89/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 253.446650][ T6180] NILFS (loop0): invalid segment: Checksum error in segment payload [ 253.457166][ T6180] NILFS (loop0): trying rollback from an earlier position [ 253.486113][ T6180] NILFS (loop0): recovery complete [pid 5065] lstat("./89/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6180] <... mount resumed>) = 0 [pid 5065] unlink("./89/binderfs" [pid 6180] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5065] <... unlink resumed>) = 0 [pid 6180] chdir("./file0" [pid 6172] <... sendfile resumed>) = 1048576 [pid 5065] umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6180] <... chdir resumed>) = 0 [pid 6172] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6180] ioctl(4, LOOP_CLR_FD [pid 6172] <... open resumed>) = -1 EFAULT (Bad address) [pid 6180] <... ioctl resumed>) = 0 [pid 6172] exit_group(0 [pid 6180] close(4 [pid 6172] <... exit_group resumed>) = ? [pid 6180] <... close resumed>) = 0 [pid 6172] +++ exited with 0 +++ [pid 6180] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6172, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=23 /* 0.23 s */} --- [pid 6180] <... open resumed>) = 4 [pid 5067] restart_syscall(<... resuming interrupted clone ...> [pid 6180] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] <... restart_syscall resumed>) = 0 [pid 6180] <... open resumed>) = 5 [pid 6180] ftruncate(5, 33587195) = 0 [pid 5067] umount2("./91", MNT_DETACH|UMOUNT_NOFOLLOW [ 253.516206][ T6182] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6180] sendfile(4, 5, NULL, 281474978811909 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./91", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] <... umount2 resumed>) = 0 [pid 5069] umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./91/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./91/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] umount2("./91/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 5069] rmdir("./91/file0") = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... close resumed>) = 0 [pid 5067] lstat("./91/binderfs", [pid 5069] rmdir("./91" [pid 5067] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] <... rmdir resumed>) = 0 [pid 5067] unlink("./91/binderfs" [pid 5069] mkdir("./92", 0777) = 0 [pid 5067] <... unlink resumed>) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5067] umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... openat resumed>) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5069] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6183 ./strace-static-x86_64: Process 6183 attached [pid 6183] chdir("./92") = 0 [pid 6183] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6183] setpgid(0, 0) = 0 [pid 6183] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6183] write(3, "1000", 4) = 4 [pid 6183] close(3) = 0 [pid 6183] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6183] memfd_create("syzkaller", 0) = 3 [pid 6183] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6183] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5065] <... umount2 resumed>) = 0 [pid 5065] umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./89/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./89/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6183] <... write resumed>) = 2097152 [pid 5065] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [pid 5065] rmdir("./89/file0") = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 5065] rmdir("./89" [pid 6183] munmap(0x7fc0314e0000, 2097152 [pid 5065] <... rmdir resumed>) = 0 [pid 5065] mkdir("./90", 0777 [pid 6183] <... munmap resumed>) = 0 [pid 5065] <... mkdir resumed>) = 0 [pid 5067] <... umount2 resumed>) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6183] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5067] umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... openat resumed>) = 3 [pid 6183] <... openat resumed>) = 4 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] ioctl(3, LOOP_CLR_FD [pid 6183] ioctl(4, LOOP_SET_FD, 3 [pid 5067] lstat("./91/file0", [pid 5065] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5067] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] close(3 [pid 5067] umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... close resumed>) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5067] openat(AT_FDCWD, "./91/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] fstat(4, [pid 5065] <... clone resumed>, child_tidptr=0x555556c965d0) = 6184 [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4 [pid 6183] <... ioctl resumed>) = 0 [pid 6183] close(3) = 0 [pid 5067] <... close resumed>) = 0 [pid 6183] mkdir("./file0", 0777 [pid 5067] rmdir("./91/file0" [pid 6183] <... mkdir resumed>) = 0 [pid 5067] <... rmdir resumed>) = 0 [ 253.919885][ T6183] loop5: detected capacity change from 0 to 4096 [pid 6183] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, ""./strace-static-x86_64: Process 6184 attached [pid 5067] getdents64(3, [pid 6184] chdir("./90" [pid 5067] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6184] <... chdir resumed>) = 0 [pid 5067] close(3 [pid 6184] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5067] <... close resumed>) = 0 [pid 6184] <... prctl resumed>) = 0 [pid 5067] rmdir("./91" [pid 6184] setpgid(0, 0 [pid 5067] <... rmdir resumed>) = 0 [pid 6184] <... setpgid resumed>) = 0 [pid 5067] mkdir("./92", 0777 [pid 6184] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5067] <... mkdir resumed>) = 0 [pid 6184] <... openat resumed>) = 3 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6184] write(3, "1000", 4 [pid 5067] <... openat resumed>) = 3 [pid 6184] <... write resumed>) = 4 [pid 5067] ioctl(3, LOOP_CLR_FD [pid 6184] close(3 [pid 5067] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6184] <... close resumed>) = 0 [pid 5067] close(3 [pid 6184] symlink("/dev/binderfs", "./binderfs" [pid 5067] <... close resumed>) = 0 [pid 6184] <... symlink resumed>) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6184] memfd_create("syzkaller", 0) = 3 [pid 5067] <... clone resumed>, child_tidptr=0x555556c965d0) = 6185 [pid 6184] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 ./strace-static-x86_64: Process 6185 attached [pid 6185] chdir("./92" [pid 6184] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6185] <... chdir resumed>) = 0 [pid 6185] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6185] setpgid(0, 0) = 0 [pid 6185] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6185] write(3, "1000", 4) = 4 [pid 6185] close(3) = 0 [pid 6185] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6185] memfd_create("syzkaller", 0) = 3 [pid 6185] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 254.015887][ T6183] NILFS (loop5): invalid segment: Checksum error in segment payload [ 254.026154][ T6183] NILFS (loop5): trying rollback from an earlier position [pid 6185] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6183] <... mount resumed>) = 0 [pid 6183] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6184] <... write resumed>) = 2097152 [pid 6183] chdir("./file0") = 0 [pid 6184] munmap(0x7fc0314e0000, 2097152 [pid 6183] ioctl(4, LOOP_CLR_FD [pid 6184] <... munmap resumed>) = 0 [ 254.127605][ T6183] NILFS (loop5): recovery complete [ 254.141700][ T6186] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6183] <... ioctl resumed>) = 0 [pid 6177] <... sendfile resumed>) = 1048576 [pid 6185] <... write resumed>) = 2097152 [pid 6184] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6183] close(4 [pid 6177] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6184] ioctl(4, LOOP_SET_FD, 3 [pid 6183] <... close resumed>) = 0 [pid 6177] <... open resumed>) = -1 EFAULT (Bad address) [pid 6183] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6177] exit_group(0) = ? [pid 6183] <... open resumed>) = 4 [pid 6184] <... ioctl resumed>) = 0 [pid 6184] close(3 [pid 6183] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6177] +++ exited with 0 +++ [pid 6183] <... open resumed>) = 5 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6177, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=19 /* 0.19 s */} --- [pid 6183] ftruncate(5, 33587195) = 0 [pid 6183] sendfile(4, 5, NULL, 281474978811909 [pid 5066] umount2("./90", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./90", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6184] <... close resumed>) = 0 [pid 5066] <... openat resumed>) = 3 [pid 6184] mkdir("./file0", 0777 [pid 5066] fstat(3, [pid 6184] <... mkdir resumed>) = 0 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6184] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5066] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] umount2("./90/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6185] munmap(0x7fc0314e0000, 2097152 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6185] <... munmap resumed>) = 0 [pid 5066] lstat("./90/binderfs", [pid 6185] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5066] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6185] <... openat resumed>) = 4 [ 254.222767][ T6184] loop1: detected capacity change from 0 to 4096 [pid 5066] unlink("./90/binderfs" [pid 6185] ioctl(4, LOOP_SET_FD, 3 [pid 5066] <... unlink resumed>) = 0 [pid 5066] umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6185] <... ioctl resumed>) = 0 [pid 6185] close(3) = 0 [pid 6185] mkdir("./file0", 0777) = 0 [ 254.274749][ T6184] NILFS (loop1): invalid segment: Checksum error in segment payload [ 254.286223][ T6185] loop3: detected capacity change from 0 to 4096 [ 254.352305][ T6184] NILFS (loop1): trying rollback from an earlier position [ 254.369161][ T6185] NILFS (loop3): invalid segment: Checksum error in segment payload [pid 6185] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6180] <... sendfile resumed>) = 1048576 [pid 6180] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6180] exit_group(0) = ? [pid 6178] <... sendfile resumed>) = 1048576 [pid 6178] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6180] +++ exited with 0 +++ [pid 6178] exit_group(0) = ? [pid 6178] +++ exited with 0 +++ [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6180, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=20 /* 0.20 s */} --- [ 254.401947][ T6185] NILFS (loop3): trying rollback from an earlier position [ 254.423030][ T6184] NILFS (loop1): recovery complete [pid 5064] restart_syscall(<... resuming interrupted clone ...> [pid 6184] <... mount resumed>) = 0 [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6178, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5064] <... restart_syscall resumed>) = 0 [pid 6184] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6184] chdir("./file0" [pid 5068] umount2("./91", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] umount2("./90", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6184] <... chdir resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6184] ioctl(4, LOOP_CLR_FD [pid 5068] openat(AT_FDCWD, "./91", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] openat(AT_FDCWD, "./90", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6184] <... ioctl resumed>) = 0 [pid 5068] <... openat resumed>) = 3 [pid 5064] <... openat resumed>) = 3 [pid 6184] close(4 [pid 5068] fstat(3, [pid 5064] fstat(3, [pid 6184] <... close resumed>) = 0 [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6184] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5064] getdents64(3, [pid 6184] <... open resumed>) = 4 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6184] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] getdents64(3, [pid 5064] umount2("./90/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6184] <... open resumed>) = 5 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6184] ftruncate(5, 33587195 [pid 5068] umount2("./91/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] lstat("./90/binderfs", [pid 6184] <... ftruncate resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6184] sendfile(4, 5, NULL, 281474978811909 [pid 5068] lstat("./91/binderfs", [pid 5064] unlink("./90/binderfs" [pid 5068] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] <... unlink resumed>) = 0 [pid 5068] unlink("./91/binderfs" [ 254.462239][ T6185] NILFS (loop3): recovery complete [ 254.468096][ T6187] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5064] umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6185] <... mount resumed>) = 0 [pid 5068] <... unlink resumed>) = 0 [pid 6185] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5068] umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6185] <... openat resumed>) = 3 [pid 6185] chdir("./file0") = 0 [pid 6185] ioctl(4, LOOP_CLR_FD) = 0 [pid 6185] close(4) = 0 [pid 6185] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6185] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [ 254.515261][ T6188] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6185] ftruncate(5, 33587195) = 0 [pid 5066] <... umount2 resumed>) = 0 [pid 6185] sendfile(4, 5, NULL, 281474978811909 [pid 5066] umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./90/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./90/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 5066] rmdir("./90/file0") = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./90") = 0 [pid 5066] mkdir("./91", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5066] close(3) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6189 ./strace-static-x86_64: Process 6189 attached [pid 6189] chdir("./91") = 0 [pid 6189] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6189] setpgid(0, 0) = 0 [pid 6189] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6189] write(3, "1000", 4) = 4 [pid 6189] close(3) = 0 [pid 6189] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6189] memfd_create("syzkaller", 0) = 3 [pid 6189] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5068] <... umount2 resumed>) = 0 [pid 6189] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5064] <... umount2 resumed>) = 0 [pid 5064] umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./90/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] lstat("./91/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./90/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] openat(AT_FDCWD, "./91/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5064] <... openat resumed>) = 4 [pid 5068] fstat(4, [pid 5064] fstat(4, [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(4, [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, [pid 5064] getdents64(4, [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4 [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] <... close resumed>) = 0 [pid 5064] getdents64(4, [pid 5068] rmdir("./91/file0" [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6189] <... write resumed>) = 2097152 [pid 5068] <... rmdir resumed>) = 0 [pid 5064] close(4 [pid 6189] munmap(0x7fc0314e0000, 2097152 [pid 5064] <... close resumed>) = 0 [pid 6189] <... munmap resumed>) = 0 [pid 5064] rmdir("./90/file0" [pid 6189] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5064] <... rmdir resumed>) = 0 [pid 6189] <... openat resumed>) = 4 [pid 5064] getdents64(3, [pid 6189] ioctl(4, LOOP_SET_FD, 3 [pid 5064] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] getdents64(3, [pid 5064] close(3 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] <... close resumed>) = 0 [pid 5068] close(3 [pid 5064] rmdir("./90" [pid 5068] <... close resumed>) = 0 [pid 5064] <... rmdir resumed>) = 0 [pid 5068] rmdir("./91" [pid 5064] mkdir("./91", 0777 [pid 5068] <... rmdir resumed>) = 0 [pid 5064] <... mkdir resumed>) = 0 [pid 6189] <... ioctl resumed>) = 0 [pid 5068] mkdir("./92", 0777 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5068] <... mkdir resumed>) = 0 [pid 5064] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5064] close(3 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6189] close(3 [pid 5068] <... openat resumed>) = 3 [pid 5064] <... close resumed>) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6190 [pid 6189] <... close resumed>) = 0 [pid 6189] mkdir("./file0", 0777) = 0 [pid 6189] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5068] close(3) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6191 ./strace-static-x86_64: Process 6191 attached ./strace-static-x86_64: Process 6190 attached [pid 6191] chdir("./92" [pid 6190] chdir("./91") = 0 [pid 6190] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6190] setpgid(0, 0) = 0 [pid 6190] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 254.830319][ T6189] loop2: detected capacity change from 0 to 4096 [pid 6191] <... chdir resumed>) = 0 [pid 6190] write(3, "1000", 4) = 4 [pid 6190] close(3) = 0 [pid 6190] symlink("/dev/binderfs", "./binderfs" [pid 6191] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6190] <... symlink resumed>) = 0 [pid 6191] <... prctl resumed>) = 0 [pid 6191] setpgid(0, 0) = 0 [pid 6190] memfd_create("syzkaller", 0) = 3 [pid 6190] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6191] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6191] write(3, "1000", 4) = 4 [pid 6191] close(3) = 0 [pid 6191] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6191] memfd_create("syzkaller", 0) = 3 [ 254.868209][ T6189] NILFS (loop2): invalid segment: Checksum error in segment payload [ 254.916750][ T6189] NILFS (loop2): trying rollback from an earlier position [pid 6191] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 254.997252][ T6189] NILFS (loop2): recovery complete [pid 6190] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6191] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6190] <... write resumed>) = 2097152 [pid 6189] <... mount resumed>) = 0 [pid 6189] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6189] chdir("./file0") = 0 [pid 6189] ioctl(4, LOOP_CLR_FD) = 0 [pid 6189] close(4) = 0 [pid 6189] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6189] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6190] munmap(0x7fc0314e0000, 2097152 [pid 6189] <... open resumed>) = 5 [pid 6190] <... munmap resumed>) = 0 [pid 6189] ftruncate(5, 33587195 [pid 6190] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6189] <... ftruncate resumed>) = 0 [pid 6189] sendfile(4, 5, NULL, 281474978811909 [pid 6190] <... openat resumed>) = 4 [ 255.022343][ T6192] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6190] ioctl(4, LOOP_SET_FD, 3 [pid 6191] <... write resumed>) = 2097152 [pid 6190] <... ioctl resumed>) = 0 [pid 6191] munmap(0x7fc0314e0000, 2097152 [pid 6190] close(3 [pid 6191] <... munmap resumed>) = 0 [pid 6190] <... close resumed>) = 0 [pid 6191] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6190] mkdir("./file0", 0777 [pid 6191] <... openat resumed>) = 4 [pid 6190] <... mkdir resumed>) = 0 [ 255.090677][ T6190] loop0: detected capacity change from 0 to 4096 [pid 6191] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6190] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6191] close(3) = 0 [pid 6191] mkdir("./file0", 0777) = 0 [ 255.135431][ T6191] loop4: detected capacity change from 0 to 4096 [ 255.177297][ T6190] NILFS (loop0): invalid segment: Checksum error in segment payload [ 255.201224][ T6190] NILFS (loop0): trying rollback from an earlier position [ 255.216916][ T6191] NILFS (loop4): invalid segment: Checksum error in segment payload [ 255.235873][ T6190] NILFS (loop0): recovery complete [ 255.255230][ T6191] NILFS (loop4): trying rollback from an earlier position [pid 6191] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6190] <... mount resumed>) = 0 [pid 6190] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6190] chdir("./file0") = 0 [pid 6190] ioctl(4, LOOP_CLR_FD) = 0 [pid 6190] close(4) = 0 [pid 6190] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6190] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6190] ftruncate(5, 33587195) = 0 [pid 6190] sendfile(4, 5, NULL, 281474978811909 [pid 6183] <... sendfile resumed>) = 1048576 [ 255.287844][ T6193] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6183] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6183] exit_group(0) = ? [pid 6183] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6183, si_uid=0, si_status=0, si_utime=0, si_stime=32 /* 0.32 s */} --- [pid 5069] umount2("./92", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./92", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./92/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./92/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./92/binderfs") = 0 [ 255.432593][ T6191] NILFS (loop4): recovery complete [pid 5069] umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6191] <... mount resumed>) = 0 [pid 6191] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6191] chdir("./file0") = 0 [pid 6191] ioctl(4, LOOP_CLR_FD) = 0 [pid 6191] close(4) = 0 [pid 6191] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6191] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6191] ftruncate(5, 33587195) = 0 [ 255.472871][ T6194] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6191] sendfile(4, 5, NULL, 281474978811909 [pid 6184] <... sendfile resumed>) = 1048576 [pid 6184] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6184] exit_group(0) = ? [pid 6184] +++ exited with 0 +++ [pid 5069] <... umount2 resumed>) = 0 [pid 5069] umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6184, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=20 /* 0.20 s */} --- [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./92/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./90", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./90", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] openat(AT_FDCWD, "./92/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] <... openat resumed>) = 3 [pid 5069] <... openat resumed>) = 4 [pid 5065] fstat(3, [pid 5069] fstat(4, [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, [pid 5069] getdents64(4, [pid 5065] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] umount2("./90/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] getdents64(4, [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] lstat("./90/binderfs", [pid 5069] close(4 [pid 5065] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] <... close resumed>) = 0 [pid 5065] unlink("./90/binderfs" [pid 5069] rmdir("./92/file0" [pid 5065] <... unlink resumed>) = 0 [pid 5069] <... rmdir resumed>) = 0 [pid 5065] umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./92") = 0 [pid 5069] mkdir("./93", 0777) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5069] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6195 ./strace-static-x86_64: Process 6195 attached [pid 6195] chdir("./93") = 0 [pid 6195] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6195] setpgid(0, 0) = 0 [pid 6195] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6195] write(3, "1000", 4) = 4 [pid 6195] close(3) = 0 [pid 6195] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6195] memfd_create("syzkaller", 0) = 3 [pid 6195] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6195] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5065] <... umount2 resumed>) = 0 [pid 6185] <... sendfile resumed>) = 1048576 [pid 6195] <... write resumed>) = 2097152 [pid 6185] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5065] umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6195] munmap(0x7fc0314e0000, 2097152 [pid 6185] <... open resumed>) = -1 EFAULT (Bad address) [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6195] <... munmap resumed>) = 0 [pid 6185] exit_group(0 [pid 5065] lstat("./90/file0", [pid 6195] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 6185] <... exit_group resumed>) = ? [pid 5065] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6195] <... openat resumed>) = 4 [pid 6185] +++ exited with 0 +++ [pid 5065] umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6195] ioctl(4, LOOP_SET_FD, 3 [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6185, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6195] <... ioctl resumed>) = 0 [pid 5065] openat(AT_FDCWD, "./90/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6195] close(3) = 0 [pid 5065] <... openat resumed>) = 4 [pid 6195] mkdir("./file0", 0777 [pid 5065] fstat(4, [pid 5067] umount2("./92", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6195] <... mkdir resumed>) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] getdents64(4, [pid 6195] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5067] openat(AT_FDCWD, "./92", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] <... openat resumed>) = 3 [pid 5065] getdents64(4, [pid 5067] fstat(3, [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] close(4 [pid 5067] getdents64(3, [pid 5065] <... close resumed>) = 0 [pid 5067] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] rmdir("./90/file0" [pid 5067] umount2("./92/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... rmdir resumed>) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] getdents64(3, [pid 5067] lstat("./92/binderfs", [pid 5065] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] close(3 [pid 5067] unlink("./92/binderfs" [pid 5065] <... close resumed>) = 0 [pid 5067] <... unlink resumed>) = 0 [pid 5065] rmdir("./90" [ 255.907091][ T6195] loop5: detected capacity change from 0 to 4096 [pid 5067] umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... rmdir resumed>) = 0 [pid 5065] mkdir("./91", 0777) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6196 ./strace-static-x86_64: Process 6196 attached [pid 6196] chdir("./91") = 0 [pid 6196] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 255.970357][ T6195] NILFS (loop5): invalid segment: Checksum error in segment payload [pid 6196] setpgid(0, 0) = 0 [pid 6196] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6196] write(3, "1000", 4) = 4 [pid 6196] close(3) = 0 [pid 6196] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6196] memfd_create("syzkaller", 0) = 3 [pid 6189] <... sendfile resumed>) = 1048576 [pid 6196] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6189] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6196] <... mmap resumed>) = 0x7fc0314e0000 [pid 6189] <... open resumed>) = -1 EFAULT (Bad address) [pid 6189] exit_group(0) = ? [pid 6189] +++ exited with 0 +++ [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6189, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=16 /* 0.16 s */} --- [pid 5066] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5066] umount2("./91", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./91", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6195] <... mount resumed>) = 0 [ 256.025624][ T6195] NILFS (loop5): trying rollback from an earlier position [ 256.063481][ T6195] NILFS (loop5): recovery complete [pid 5066] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6195] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5066] getdents64(3, [pid 6195] <... openat resumed>) = 3 [pid 6195] chdir("./file0" [pid 5066] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6195] <... chdir resumed>) = 0 [pid 5066] umount2("./91/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6195] ioctl(4, LOOP_CLR_FD [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6196] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6195] <... ioctl resumed>) = 0 [pid 5066] lstat("./91/binderfs", [pid 6195] close(4) = 0 [pid 5066] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6195] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5066] unlink("./91/binderfs") = 0 [pid 6195] <... open resumed>) = 4 [pid 5066] umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6195] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [ 256.087473][ T6197] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6195] ftruncate(5, 33587195 [pid 5067] <... umount2 resumed>) = 0 [pid 6195] <... ftruncate resumed>) = 0 [pid 5067] umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6195] sendfile(4, 5, NULL, 281474978811909 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./92/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./92/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./92/file0") = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./92") = 0 [pid 5067] mkdir("./93", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 6196] <... write resumed>) = 2097152 [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6196] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6196] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6196] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 6198 attached [pid 5067] <... clone resumed>, child_tidptr=0x555556c965d0) = 6198 [pid 6198] chdir("./93") = 0 [pid 6198] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6198] setpgid(0, 0) = 0 [pid 6196] <... ioctl resumed>) = 0 [pid 6196] close(3) = 0 [pid 6196] mkdir("./file0", 0777) = 0 [pid 6196] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6198] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6198] write(3, "1000", 4) = 4 [pid 6198] close(3) = 0 [pid 6198] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6198] memfd_create("syzkaller", 0) = 3 [pid 6198] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 256.271174][ T6196] loop1: detected capacity change from 0 to 4096 [pid 5066] <... umount2 resumed>) = 0 [pid 6198] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5066] umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./91/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./91/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 256.366978][ T6196] NILFS (loop1): invalid segment: Checksum error in segment payload [pid 5066] fstat(4, [pid 6198] <... write resumed>) = 2097152 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 5066] rmdir("./91/file0") = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./91") = 0 [pid 5066] mkdir("./92", 0777 [pid 6190] <... sendfile resumed>) = 1048576 [pid 6190] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5066] <... mkdir resumed>) = 0 [pid 6190] <... open resumed>) = -1 EFAULT (Bad address) [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6190] exit_group(0) = ? [pid 5066] <... openat resumed>) = 3 [pid 6198] munmap(0x7fc0314e0000, 2097152 [pid 6190] +++ exited with 0 +++ [pid 5066] ioctl(3, LOOP_CLR_FD [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6190, si_uid=0, si_status=0, si_utime=0, si_stime=28 /* 0.28 s */} --- [pid 5066] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5064] restart_syscall(<... resuming interrupted clone ...> [pid 6198] <... munmap resumed>) = 0 [pid 5066] close(3 [ 256.415079][ T6196] NILFS (loop1): trying rollback from an earlier position [pid 5064] <... restart_syscall resumed>) = 0 [pid 6198] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5066] <... close resumed>) = 0 [pid 6198] <... openat resumed>) = 4 [pid 6198] ioctl(4, LOOP_SET_FD, 3 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5064] umount2("./91", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./91", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5064] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] umount2("./91/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./91/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] unlink("./91/binderfs"./strace-static-x86_64: Process 6199 attached [pid 6198] <... ioctl resumed>) = 0 [pid 5064] <... unlink resumed>) = 0 [pid 5066] <... clone resumed>, child_tidptr=0x555556c965d0) = 6199 [pid 5064] umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6198] close(3 [pid 6199] chdir("./92" [pid 6198] <... close resumed>) = 0 [pid 6199] <... chdir resumed>) = 0 [pid 6198] mkdir("./file0", 0777 [pid 6199] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6198] <... mkdir resumed>) = 0 [pid 6196] <... mount resumed>) = 0 [pid 6199] <... prctl resumed>) = 0 [pid 6198] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [ 256.504087][ T6196] NILFS (loop1): recovery complete [ 256.512563][ T6198] loop3: detected capacity change from 0 to 4096 [ 256.535991][ T6200] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6196] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6199] setpgid(0, 0 [pid 6196] <... openat resumed>) = 3 [pid 6199] <... setpgid resumed>) = 0 [pid 6199] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6196] chdir("./file0" [pid 6199] <... openat resumed>) = 3 [pid 6199] write(3, "1000", 4 [pid 6196] <... chdir resumed>) = 0 [pid 6199] <... write resumed>) = 4 [pid 6196] ioctl(4, LOOP_CLR_FD [pid 6199] close(3 [pid 6196] <... ioctl resumed>) = 0 [pid 6199] <... close resumed>) = 0 [pid 6196] close(4 [pid 6199] symlink("/dev/binderfs", "./binderfs" [pid 6196] <... close resumed>) = 0 [pid 6199] <... symlink resumed>) = 0 [pid 6199] memfd_create("syzkaller", 0) = 3 [pid 6199] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6196] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [ 256.557997][ T6198] NILFS (loop3): invalid segment: Checksum error in segment payload [pid 6196] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6196] ftruncate(5, 33587195) = 0 [pid 6196] sendfile(4, 5, NULL, 281474978811909 [ 256.599800][ T6198] NILFS (loop3): trying rollback from an earlier position [pid 6199] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152 [pid 6199] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6191] <... sendfile resumed>) = 1048576 [pid 6199] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6191] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6199] <... openat resumed>) = 4 [pid 6191] <... open resumed>) = -1 EFAULT (Bad address) [ 256.701061][ T6198] NILFS (loop3): recovery complete [pid 6199] ioctl(4, LOOP_SET_FD, 3 [pid 6191] exit_group(0 [pid 6199] <... ioctl resumed>) = 0 [pid 6191] <... exit_group resumed>) = ? [pid 6198] <... mount resumed>) = 0 [pid 6191] +++ exited with 0 +++ [pid 6199] close(3 [pid 6198] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6191, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} --- [pid 6199] <... close resumed>) = 0 [pid 6199] mkdir("./file0", 0777 [pid 6198] <... openat resumed>) = 3 [pid 6198] chdir("./file0") = 0 [pid 6199] <... mkdir resumed>) = 0 [pid 6198] ioctl(4, LOOP_CLR_FD [pid 6199] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6198] <... ioctl resumed>) = 0 [pid 6198] close(4 [pid 5068] umount2("./92", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6198] <... close resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6198] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] openat(AT_FDCWD, "./92", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6198] <... open resumed>) = 4 [pid 5068] <... openat resumed>) = 3 [pid 6198] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] fstat(3, [pid 6198] <... open resumed>) = 5 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6198] ftruncate(5, 33587195 [pid 5068] getdents64(3, [pid 6198] <... ftruncate resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6198] sendfile(4, 5, NULL, 281474978811909 [pid 5068] umount2("./92/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./92/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] unlink("./92/binderfs") = 0 [pid 5068] umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... umount2 resumed>) = 0 [ 256.725090][ T6199] loop2: detected capacity change from 0 to 4096 [ 256.746049][ T6201] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5064] umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./91/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./91/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5064] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] close(4) = 0 [pid 5064] rmdir("./91/file0") = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] close(3) = 0 [pid 5064] rmdir("./91") = 0 [pid 5064] mkdir("./92", 0777) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5064] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5064] close(3) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6202 ./strace-static-x86_64: Process 6202 attached [pid 6202] chdir("./92") = 0 [pid 6202] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6202] setpgid(0, 0) = 0 [pid 6202] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6202] write(3, "1000", 4) = 4 [ 256.826543][ T6199] NILFS (loop2): invalid segment: Checksum error in segment payload [pid 6202] close(3) = 0 [pid 6202] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6202] memfd_create("syzkaller", 0) = 3 [pid 6202] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 256.867558][ T6199] NILFS (loop2): trying rollback from an earlier position [ 256.937412][ T6199] NILFS (loop2): recovery complete [pid 6202] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6199] <... mount resumed>) = 0 [pid 6199] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6199] chdir("./file0") = 0 [pid 6199] ioctl(4, LOOP_CLR_FD) = 0 [pid 6199] close(4) = 0 [pid 6199] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6199] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6199] ftruncate(5, 33587195) = 0 [ 256.959502][ T6203] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6199] sendfile(4, 5, NULL, 281474978811909 [pid 5068] <... umount2 resumed>) = 0 [pid 5068] umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6202] <... write resumed>) = 2097152 [pid 6202] munmap(0x7fc0314e0000, 2097152) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6202] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5068] lstat("./92/file0", [pid 6202] <... openat resumed>) = 4 [pid 5068] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6202] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5068] umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./92/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5068] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5068] rmdir("./92/file0") = 0 [pid 6202] close(3 [pid 5068] getdents64(3, [pid 6202] <... close resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6202] mkdir("./file0", 0777) = 0 [pid 5068] close(3 [pid 6202] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] <... close resumed>) = 0 [pid 5068] rmdir("./92") = 0 [pid 6195] <... sendfile resumed>) = 1048576 [pid 5068] mkdir("./93", 0777 [pid 6195] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5068] <... mkdir resumed>) = 0 [pid 6195] exit_group(0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6195] <... exit_group resumed>) = ? [pid 5068] <... openat resumed>) = 3 [pid 6195] +++ exited with 0 +++ [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6195, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=30 /* 0.30 s */} --- [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [ 257.117267][ T6202] loop0: detected capacity change from 0 to 4096 [pid 5068] close(3) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5069] umount2("./93", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 6204 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./93", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./93/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 6204 attached [pid 5069] lstat("./93/binderfs", [pid 6204] chdir("./93" [pid 5069] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6204] <... chdir resumed>) = 0 [pid 5069] unlink("./93/binderfs" [pid 6204] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5069] <... unlink resumed>) = 0 [pid 6204] <... prctl resumed>) = 0 [pid 5069] umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6204] setpgid(0, 0) = 0 [pid 6204] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6204] write(3, "1000", 4) = 4 [pid 6204] close(3) = 0 [pid 6204] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6204] memfd_create("syzkaller", 0) = 3 [pid 6204] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 257.227623][ T6202] NILFS (loop0): invalid segment: Checksum error in segment payload [ 257.238474][ T6202] NILFS (loop0): trying rollback from an earlier position [pid 6204] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152 [pid 6202] <... mount resumed>) = 0 [pid 6202] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6202] chdir("./file0") = 0 [pid 6202] ioctl(4, LOOP_CLR_FD) = 0 [pid 6202] close(4) = 0 [pid 6202] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6202] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6204] munmap(0x7fc0314e0000, 2097152 [pid 6202] <... open resumed>) = 5 [pid 6202] ftruncate(5, 33587195 [pid 6204] <... munmap resumed>) = 0 [pid 6202] <... ftruncate resumed>) = 0 [pid 6202] sendfile(4, 5, NULL, 281474978811909 [pid 6204] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 257.307816][ T6202] NILFS (loop0): recovery complete [ 257.345936][ T6205] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6204] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6204] close(3) = 0 [pid 6204] mkdir("./file0", 0777) = 0 [pid 6204] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5069] <... umount2 resumed>) = 0 [pid 5069] umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./93/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./93/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 257.394978][ T6204] loop4: detected capacity change from 0 to 4096 [pid 5069] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 5069] rmdir("./93/file0") = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./93") = 0 [pid 5069] mkdir("./94", 0777) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5069] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6206 [ 257.477971][ T6204] NILFS (loop4): invalid segment: Checksum error in segment payload [ 257.497182][ T6204] NILFS (loop4): trying rollback from an earlier position ./strace-static-x86_64: Process 6206 attached [pid 6206] chdir("./94") = 0 [pid 6206] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6206] setpgid(0, 0) = 0 [pid 6206] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6206] write(3, "1000", 4) = 4 [ 257.579750][ T6204] NILFS (loop4): recovery complete [pid 6206] close(3 [pid 6204] <... mount resumed>) = 0 [pid 6206] <... close resumed>) = 0 [pid 6206] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6204] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6206] memfd_create("syzkaller", 0) = 3 [pid 6206] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6204] <... openat resumed>) = 3 [pid 6204] chdir("./file0") = 0 [pid 6204] ioctl(4, LOOP_CLR_FD) = 0 [ 257.613564][ T6207] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6204] close(4) = 0 [pid 6204] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6204] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6204] ftruncate(5, 33587195) = 0 [pid 6204] sendfile(4, 5, NULL, 281474978811909 [pid 6206] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6196] <... sendfile resumed>) = 1048576 [pid 6196] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6196] exit_group(0) = ? [pid 6196] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6196, si_uid=0, si_status=0, si_utime=0, si_stime=32 /* 0.32 s */} --- [pid 5065] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5065] umount2("./91", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./91", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6198] <... sendfile resumed>) = 1048576 [pid 5065] <... openat resumed>) = 3 [pid 6198] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5065] fstat(3, [pid 6206] <... write resumed>) = 2097152 [pid 6198] <... open resumed>) = -1 EFAULT (Bad address) [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6198] exit_group(0 [pid 5065] getdents64(3, [pid 6198] <... exit_group resumed>) = ? [pid 5065] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./91/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6198] +++ exited with 0 +++ [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6206] munmap(0x7fc0314e0000, 2097152 [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6198, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5065] lstat("./91/binderfs", [pid 6206] <... munmap resumed>) = 0 [pid 5067] restart_syscall(<... resuming interrupted clone ...> [pid 5065] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6206] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5067] <... restart_syscall resumed>) = 0 [pid 5065] unlink("./91/binderfs" [pid 6206] <... openat resumed>) = 4 [pid 5065] <... unlink resumed>) = 0 [pid 6206] ioctl(4, LOOP_SET_FD, 3 [pid 5065] umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] umount2("./93", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./93", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./93/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./93/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./93/binderfs") = 0 [pid 5067] umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6206] <... ioctl resumed>) = 0 [pid 6206] close(3) = 0 [pid 6206] mkdir("./file0", 0777) = 0 [ 257.833808][ T6206] loop5: detected capacity change from 0 to 4096 [ 257.893344][ T6206] NILFS (loop5): invalid segment: Checksum error in segment payload [ 257.928723][ T6206] NILFS (loop5): trying rollback from an earlier position [ 257.978498][ T6206] NILFS (loop5): recovery complete [pid 6206] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0 [pid 6206] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6206] chdir("./file0") = 0 [pid 6206] ioctl(4, LOOP_CLR_FD) = 0 [pid 6206] close(4) = 0 [pid 6206] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6206] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6206] ftruncate(5, 33587195) = 0 [ 258.014227][ T6208] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6206] sendfile(4, 5, NULL, 281474978811909 [pid 5065] <... umount2 resumed>) = 0 [pid 5065] umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./91/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./91/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [pid 5065] rmdir("./91/file0") = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 5065] rmdir("./91") = 0 [pid 5067] <... umount2 resumed>) = 0 [pid 5065] mkdir("./92", 0777) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD [pid 5067] umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... clone resumed>, child_tidptr=0x555556c965d0) = 6209 [pid 5067] lstat("./93/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 ./strace-static-x86_64: Process 6209 attached [pid 6199] <... sendfile resumed>) = 1048576 [pid 6209] chdir("./92" [pid 6199] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5067] umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6209] <... chdir resumed>) = 0 [pid 6199] <... open resumed>) = -1 EFAULT (Bad address) [pid 6209] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6199] exit_group(0 [pid 6209] <... prctl resumed>) = 0 [pid 6199] <... exit_group resumed>) = ? [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6209] setpgid(0, 0 [pid 6199] +++ exited with 0 +++ [pid 6209] <... setpgid resumed>) = 0 [pid 5067] openat(AT_FDCWD, "./93/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6199, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=25 /* 0.25 s */} --- [pid 6209] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6209] write(3, "1000", 4) = 4 [pid 6209] close(3) = 0 [pid 6209] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5067] <... openat resumed>) = 4 [pid 6209] memfd_create("syzkaller", 0 [pid 5067] fstat(4, [pid 6209] <... memfd_create resumed>) = 3 [pid 6209] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] umount2("./92", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6209] <... mmap resumed>) = 0x7fc0314e0000 [pid 5067] getdents64(4, [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] openat(AT_FDCWD, "./92", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5067] getdents64(4, [pid 5066] <... openat resumed>) = 3 [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] fstat(3, [pid 5067] close(4 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] <... close resumed>) = 0 [pid 5067] rmdir("./93/file0") = 0 [pid 5066] getdents64(3, [pid 5067] getdents64(3, [pid 5066] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] umount2("./92/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] close(3 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] <... close resumed>) = 0 [pid 5067] rmdir("./93" [pid 5066] lstat("./92/binderfs", [pid 5067] <... rmdir resumed>) = 0 [pid 5066] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] mkdir("./94", 0777 [pid 5066] unlink("./92/binderfs") = 0 [pid 5067] <... mkdir resumed>) = 0 [pid 5066] umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6209] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6209] <... write resumed>) = 2097152 [pid 5067] <... clone resumed>, child_tidptr=0x555556c965d0) = 6210 ./strace-static-x86_64: Process 6210 attached [pid 6210] chdir("./94") = 0 [pid 6210] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6210] setpgid(0, 0) = 0 [pid 6210] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6210] write(3, "1000", 4) = 4 [pid 6210] close(3) = 0 [pid 6210] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6210] memfd_create("syzkaller", 0) = 3 [pid 6210] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6209] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6209] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6209] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6209] close(3) = 0 [pid 6209] mkdir("./file0", 0777) = 0 [ 258.341045][ T6209] loop1: detected capacity change from 0 to 4096 [pid 6209] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6210] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6202] <... sendfile resumed>) = 1048576 [pid 6202] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6202] exit_group(0) = ? [pid 6202] +++ exited with 0 +++ [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6202, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=25 /* 0.25 s */} --- [pid 5064] umount2("./92", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./92", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5064] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] umount2("./92/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./92/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] unlink("./92/binderfs") = 0 [pid 5064] umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW [ 258.409962][ T6209] NILFS (loop1): invalid segment: Checksum error in segment payload [pid 5066] <... umount2 resumed>) = 0 [pid 5066] umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./92/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./92/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 6210] <... write resumed>) = 2097152 [pid 5066] rmdir("./92/file0" [pid 6210] munmap(0x7fc0314e0000, 2097152) = 0 [pid 5066] <... rmdir resumed>) = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] close(3 [pid 6210] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5066] <... close resumed>) = 0 [pid 5066] rmdir("./92" [pid 6210] <... openat resumed>) = 4 [pid 5066] <... rmdir resumed>) = 0 [pid 5066] mkdir("./93", 0777 [pid 6210] ioctl(4, LOOP_SET_FD, 3 [pid 5066] <... mkdir resumed>) = 0 [pid 6209] <... mount resumed>) = 0 [ 258.455238][ T6209] NILFS (loop1): trying rollback from an earlier position [ 258.489589][ T6209] NILFS (loop1): recovery complete [pid 6209] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6209] chdir("./file0") = 0 [pid 6209] ioctl(4, LOOP_CLR_FD) = 0 [pid 6209] close(4) = 0 [pid 6209] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6209] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6209] ftruncate(5, 33587195) = 0 [pid 5066] <... openat resumed>) = 3 [pid 6209] sendfile(4, 5, NULL, 281474978811909 [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5066] close(3) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6212 [pid 6210] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 6212 attached [pid 6212] chdir("./93" [pid 6210] close(3 [pid 6212] <... chdir resumed>) = 0 [pid 6210] <... close resumed>) = 0 [pid 6212] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6212] setpgid(0, 0 [pid 6210] mkdir("./file0", 0777 [pid 6212] <... setpgid resumed>) = 0 [pid 6210] <... mkdir resumed>) = 0 [ 258.530227][ T6210] loop3: detected capacity change from 0 to 4096 [ 258.538793][ T6211] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6212] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6210] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6212] <... openat resumed>) = 3 [pid 6212] write(3, "1000", 4) = 4 [pid 6212] close(3) = 0 [pid 6212] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6212] memfd_create("syzkaller", 0) = 3 [pid 6212] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5064] <... umount2 resumed>) = 0 [pid 6212] <... mmap resumed>) = 0x7fc0314e0000 [pid 5064] umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./92/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW [ 258.628969][ T6210] NILFS (loop3): invalid segment: Checksum error in segment payload [pid 6212] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./92/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5064] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] close(4) = 0 [pid 5064] rmdir("./92/file0") = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] close(3) = 0 [pid 5064] rmdir("./92") = 0 [pid 5064] mkdir("./93", 0777) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5064] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 258.676842][ T6210] NILFS (loop3): trying rollback from an earlier position [pid 6212] <... write resumed>) = 2097152 [pid 5064] close(3 [pid 6212] munmap(0x7fc0314e0000, 2097152 [pid 5064] <... close resumed>) = 0 [pid 6212] <... munmap resumed>) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6212] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6212] ioctl(4, LOOP_SET_FD, 3 [pid 5064] <... clone resumed>, child_tidptr=0x555556c965d0) = 6213 [ 258.750390][ T6210] NILFS (loop3): recovery complete ./strace-static-x86_64: Process 6213 attached [pid 6212] <... ioctl resumed>) = 0 [pid 6204] <... sendfile resumed>) = 1048576 [pid 6210] <... mount resumed>) = 0 [pid 6204] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6210] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6204] <... open resumed>) = -1 EFAULT (Bad address) [pid 6210] <... openat resumed>) = 3 [pid 6204] exit_group(0 [pid 6210] chdir("./file0" [pid 6204] <... exit_group resumed>) = ? [pid 6213] chdir("./93" [pid 6212] close(3 [pid 6210] <... chdir resumed>) = 0 [pid 6204] +++ exited with 0 +++ [pid 6213] <... chdir resumed>) = 0 [pid 6212] <... close resumed>) = 0 [pid 6213] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6212] mkdir("./file0", 0777 [pid 6210] ioctl(4, LOOP_CLR_FD [pid 6213] <... prctl resumed>) = 0 [pid 6212] <... mkdir resumed>) = 0 [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6204, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=26 /* 0.26 s */} --- [pid 6213] setpgid(0, 0 [pid 6212] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] restart_syscall(<... resuming interrupted clone ...> [pid 6210] <... ioctl resumed>) = 0 [pid 6213] <... setpgid resumed>) = 0 [ 258.770787][ T6212] loop2: detected capacity change from 0 to 4096 [ 258.805670][ T6214] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6210] close(4 [pid 5068] <... restart_syscall resumed>) = 0 [pid 6213] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6210] <... close resumed>) = 0 [pid 6213] write(3, "1000", 4) = 4 [pid 6210] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6213] close(3) = 0 [pid 6213] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5068] umount2("./93", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6213] memfd_create("syzkaller", 0 [pid 6210] <... open resumed>) = 4 [pid 6213] <... memfd_create resumed>) = 3 [pid 6213] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6213] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6210] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6210] <... open resumed>) = 5 [pid 5068] openat(AT_FDCWD, "./93", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6210] ftruncate(5, 33587195 [pid 5068] <... openat resumed>) = 3 [pid 6210] <... ftruncate resumed>) = 0 [pid 6210] sendfile(4, 5, NULL, 281474978811909 [ 258.839535][ T6212] NILFS (loop2): invalid segment: Checksum error in segment payload [pid 5068] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] umount2("./93/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./93/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] unlink("./93/binderfs") = 0 [ 258.894024][ T6212] NILFS (loop2): trying rollback from an earlier position [pid 5068] umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6213] <... write resumed>) = 2097152 [pid 6213] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6213] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 258.984200][ T6212] NILFS (loop2): recovery complete [pid 6213] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6213] close(3) = 0 [pid 6213] mkdir("./file0", 0777) = 0 [pid 6212] <... mount resumed>) = 0 [pid 6212] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6213] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6212] <... openat resumed>) = 3 [pid 5068] <... umount2 resumed>) = 0 [pid 6212] chdir("./file0") = 0 [pid 6212] ioctl(4, LOOP_CLR_FD) = 0 [pid 6212] close(4) = 0 [ 259.020773][ T6213] loop0: detected capacity change from 0 to 4096 [ 259.037089][ T6215] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6212] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6206] <... sendfile resumed>) = 1048576 [pid 6212] <... open resumed>) = 4 [pid 6206] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6212] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6206] <... open resumed>) = -1 EFAULT (Bad address) [pid 6212] <... open resumed>) = 5 [pid 6206] exit_group(0 [pid 6212] ftruncate(5, 33587195 [pid 6206] <... exit_group resumed>) = ? [pid 6212] <... ftruncate resumed>) = 0 [pid 6206] +++ exited with 0 +++ [pid 6212] sendfile(4, 5, NULL, 281474978811909 [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6206, si_uid=0, si_status=0, si_utime=0, si_stime=28 /* 0.28 s */} --- [pid 5068] umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./93/file0", [pid 5069] umount2("./94", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] openat(AT_FDCWD, "./94", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... openat resumed>) = 3 [pid 5068] openat(AT_FDCWD, "./93/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] fstat(3, [pid 5068] <... openat resumed>) = 4 [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] fstat(4, [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./94/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] getdents64(4, [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] lstat("./94/binderfs", [ 259.113883][ T6213] NILFS (loop0): invalid segment: Checksum error in segment payload [ 259.126787][ T6213] NILFS (loop0): trying rollback from an earlier position [pid 5068] getdents64(4, [pid 5069] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] unlink("./94/binderfs" [pid 5068] close(4 [pid 5069] <... unlink resumed>) = 0 [pid 5068] <... close resumed>) = 0 [pid 5069] umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] rmdir("./93/file0") = 0 [ 259.178994][ T6213] NILFS (loop0): recovery complete [pid 5068] getdents64(3, [pid 6213] <... mount resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6213] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5068] close(3) = 0 [pid 6213] <... openat resumed>) = 3 [pid 5068] rmdir("./93") = 0 [pid 6213] chdir("./file0" [pid 5068] mkdir("./94", 0777 [pid 6213] <... chdir resumed>) = 0 [pid 6213] ioctl(4, LOOP_CLR_FD [pid 5068] <... mkdir resumed>) = 0 [pid 6213] <... ioctl resumed>) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6213] close(4 [pid 5068] <... openat resumed>) = 3 [pid 6213] <... close resumed>) = 0 [pid 6213] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] ioctl(3, LOOP_CLR_FD [pid 6213] <... open resumed>) = 4 [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6213] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] close(3 [pid 6213] <... open resumed>) = 5 [pid 5068] <... close resumed>) = 0 [pid 6213] ftruncate(5, 33587195 [ 259.226185][ T6216] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6213] <... ftruncate resumed>) = 0 [pid 6213] sendfile(4, 5, NULL, 281474978811909 [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 6217 ./strace-static-x86_64: Process 6217 attached [pid 6217] chdir("./94") = 0 [pid 6217] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6217] setpgid(0, 0) = 0 [pid 6217] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6217] write(3, "1000", 4) = 4 [pid 6217] close(3) = 0 [pid 6217] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6217] memfd_create("syzkaller", 0) = 3 [pid 6217] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6217] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5069] <... umount2 resumed>) = 0 [pid 5069] umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./94/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./94/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 5069] rmdir("./94/file0") = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./94") = 0 [pid 5069] mkdir("./95", 0777) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5069] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6217] <... write resumed>) = 2097152 [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 6218 [pid 6217] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6217] openat(AT_FDCWD, "/dev/loop4", O_RDWR./strace-static-x86_64: Process 6218 attached ) = 4 [pid 6218] chdir("./95" [pid 6217] ioctl(4, LOOP_SET_FD, 3 [pid 6218] <... chdir resumed>) = 0 [pid 6217] <... ioctl resumed>) = 0 [pid 6218] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6218] setpgid(0, 0) = 0 [pid 6218] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6218] write(3, "1000", 4) = 4 [pid 6218] close(3) = 0 [pid 6218] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6218] memfd_create("syzkaller", 0) = 3 [pid 6218] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6217] close(3) = 0 [pid 6217] mkdir("./file0", 0777) = 0 [ 259.555985][ T6217] loop4: detected capacity change from 0 to 4096 [pid 6217] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [ 259.635806][ T6217] NILFS (loop4): invalid segment: Checksum error in segment payload [pid 6218] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152 [pid 6218] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6218] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 6218] ioctl(4, LOOP_SET_FD, 3 [pid 6209] <... sendfile resumed>) = 1048576 [ 259.685014][ T6217] NILFS (loop4): trying rollback from an earlier position [pid 6209] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6209] exit_group(0) = ? [pid 6218] <... ioctl resumed>) = 0 [pid 6209] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6209, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=25 /* 0.25 s */} --- [pid 5065] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5065] umount2("./92", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./92", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6218] close(3 [pid 5065] getdents64(3, [pid 6218] <... close resumed>) = 0 [pid 5065] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6218] mkdir("./file0", 0777 [pid 5065] umount2("./92/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6218] <... mkdir resumed>) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6218] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5065] lstat("./92/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] unlink("./92/binderfs") = 0 [ 259.739788][ T6218] loop5: detected capacity change from 0 to 4096 [ 259.761369][ T6217] NILFS (loop4): recovery complete [pid 5065] umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6217] <... mount resumed>) = 0 [pid 6217] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6217] chdir("./file0") = 0 [pid 6217] ioctl(4, LOOP_CLR_FD) = 0 [pid 6217] close(4) = 0 [pid 6217] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6217] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6217] ftruncate(5, 33587195) = 0 [ 259.800158][ T6219] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 259.815350][ T6218] NILFS (loop5): invalid segment: Checksum error in segment payload [ 259.828988][ T6218] NILFS (loop5): trying rollback from an earlier position [pid 6217] sendfile(4, 5, NULL, 281474978811909 [pid 6210] <... sendfile resumed>) = 1048576 [pid 6210] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6210] exit_group(0) = ? [pid 6210] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6210, si_uid=0, si_status=0, si_utime=0, si_stime=31 /* 0.31 s */} --- [pid 5067] umount2("./94", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./94", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 259.900492][ T6218] NILFS (loop5): recovery complete [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./94/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./94/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6218] <... mount resumed>) = 0 [pid 5067] unlink("./94/binderfs" [pid 6218] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5067] <... unlink resumed>) = 0 [pid 6218] <... openat resumed>) = 3 [pid 5067] umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6218] chdir("./file0") = 0 [pid 6218] ioctl(4, LOOP_CLR_FD) = 0 [pid 6218] close(4) = 0 [pid 6218] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6218] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6218] ftruncate(5, 33587195) = 0 [ 259.965411][ T6220] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6218] sendfile(4, 5, NULL, 281474978811909 [pid 5065] <... umount2 resumed>) = 0 [pid 5065] umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./92/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./92/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [pid 5065] rmdir("./92/file0") = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 5065] rmdir("./92") = 0 [pid 5065] mkdir("./93", 0777) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5067] <... umount2 resumed>) = 0 [pid 5065] <... openat resumed>) = 3 [pid 6212] <... sendfile resumed>) = 1048576 [pid 5067] umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] ioctl(3, LOOP_CLR_FD [pid 6212] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6212] <... open resumed>) = -1 EFAULT (Bad address) [pid 5067] lstat("./94/file0", [pid 5065] close(3 [pid 6212] exit_group(0 [pid 5067] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] <... close resumed>) = 0 [pid 6212] <... exit_group resumed>) = ? [pid 5067] umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6212] +++ exited with 0 +++ [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./94/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6212, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5065] <... clone resumed>, child_tidptr=0x555556c965d0) = 6221 [pid 5067] <... openat resumed>) = 4 [pid 5067] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4 [pid 5066] umount2("./93", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... close resumed>) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] rmdir("./94/file0" [pid 5066] openat(AT_FDCWD, "./93", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5067] <... rmdir resumed>) = 0 [pid 5066] <... openat resumed>) = 3 [pid 5067] getdents64(3, [pid 5066] fstat(3, [pid 5067] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] close(3 [pid 5066] getdents64(3, [pid 5067] <... close resumed>) = 0 [pid 5066] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] rmdir("./94" [pid 5066] umount2("./93/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... rmdir resumed>) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] mkdir("./95", 0777 [pid 5066] lstat("./93/binderfs", [pid 5067] <... mkdir resumed>) = 0 [pid 5066] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5066] unlink("./93/binderfs" [pid 5067] <... openat resumed>) = 3 [pid 5066] <... unlink resumed>) = 0 [pid 5067] ioctl(3, LOOP_CLR_FD [pid 5066] umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5067] close(3./strace-static-x86_64: Process 6221 attached ) = 0 [pid 6221] chdir("./93") = 0 [pid 6221] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6221] setpgid(0, 0) = 0 [pid 6221] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6221] <... openat resumed>) = 3 [pid 6221] write(3, "1000", 4) = 4 [pid 6221] close(3) = 0 [pid 6221] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6221] memfd_create("syzkaller", 0) = 3 [pid 6221] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0./strace-static-x86_64: Process 6222 attached ) = 0x7fc0314e0000 [pid 5067] <... clone resumed>, child_tidptr=0x555556c965d0) = 6222 [pid 6222] chdir("./95") = 0 [pid 6222] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6222] setpgid(0, 0) = 0 [pid 6222] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6222] write(3, "1000", 4) = 4 [pid 6222] close(3) = 0 [pid 6222] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6221] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6222] memfd_create("syzkaller", 0) = 3 [pid 6222] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6222] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6221] <... write resumed>) = 2097152 [pid 6222] <... write resumed>) = 2097152 [pid 5066] <... umount2 resumed>) = 0 [pid 6221] munmap(0x7fc0314e0000, 2097152 [pid 5066] umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6221] <... munmap resumed>) = 0 [pid 6221] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6221] ioctl(4, LOOP_SET_FD, 3 [pid 6213] <... sendfile resumed>) = 1048576 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6213] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5066] lstat("./93/file0", [pid 6213] <... open resumed>) = -1 EFAULT (Bad address) [pid 5066] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6222] munmap(0x7fc0314e0000, 2097152 [pid 6221] <... ioctl resumed>) = 0 [pid 6213] exit_group(0 [pid 5066] umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6222] <... munmap resumed>) = 0 [pid 6221] close(3 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6222] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6221] <... close resumed>) = 0 [pid 5066] openat(AT_FDCWD, "./93/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6222] <... openat resumed>) = 4 [pid 6221] mkdir("./file0", 0777 [pid 5066] <... openat resumed>) = 4 [pid 6222] ioctl(4, LOOP_SET_FD, 3 [pid 6221] <... mkdir resumed>) = 0 [pid 5066] fstat(4, [pid 6221] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6213] <... exit_group resumed>) = ? [pid 5066] getdents64(4, [pid 6222] <... ioctl resumed>) = 0 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6222] close(3 [pid 5066] getdents64(4, [pid 6222] <... close resumed>) = 0 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6222] mkdir("./file0", 0777 [pid 5066] close(4 [pid 6222] <... mkdir resumed>) = 0 [pid 5066] <... close resumed>) = 0 [pid 6222] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5066] rmdir("./93/file0" [pid 6213] +++ exited with 0 +++ [pid 5066] <... rmdir resumed>) = 0 [pid 5066] getdents64(3, [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6213, si_uid=0, si_status=0, si_utime=0, si_stime=29 /* 0.29 s */} --- [pid 5066] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./93") = 0 [pid 5066] mkdir("./94", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD [pid 5064] umount2("./93", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 260.482961][ T6221] loop1: detected capacity change from 0 to 4096 [ 260.503274][ T6222] loop3: detected capacity change from 0 to 4096 [ 260.525191][ T6222] NILFS (loop3): invalid segment: Checksum error in segment payload [pid 5066] close(3 [pid 5064] openat(AT_FDCWD, "./93", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] <... close resumed>) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5064] <... openat resumed>) = 3 [pid 5064] fstat(3, [pid 5066] <... clone resumed>, child_tidptr=0x555556c965d0) = 6223 [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] umount2("./93/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./93/binderfs", ./strace-static-x86_64: Process 6223 attached [pid 6223] chdir("./94" [pid 5064] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6223] <... chdir resumed>) = 0 [pid 5064] unlink("./93/binderfs" [pid 6223] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5064] <... unlink resumed>) = 0 [pid 6223] setpgid(0, 0 [pid 5064] umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6223] <... setpgid resumed>) = 0 [pid 6223] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6223] write(3, "1000", 4) = 4 [pid 6223] close(3) = 0 [pid 6223] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6223] memfd_create("syzkaller", 0) = 3 [pid 6223] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 260.552792][ T6221] NILFS (loop1): invalid segment: Checksum error in segment payload [ 260.597349][ T6222] NILFS (loop3): trying rollback from an earlier position [ 260.613783][ T6221] NILFS (loop1): trying rollback from an earlier position [pid 6223] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6222] <... mount resumed>) = 0 [pid 6222] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6221] <... mount resumed>) = 0 [pid 6223] <... write resumed>) = 2097152 [pid 6222] chdir("./file0" [pid 6221] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6222] <... chdir resumed>) = 0 [pid 6221] <... openat resumed>) = 3 [pid 6222] ioctl(4, LOOP_CLR_FD) = 0 [pid 6222] close(4 [pid 6223] munmap(0x7fc0314e0000, 2097152 [pid 6222] <... close resumed>) = 0 [pid 6221] chdir("./file0" [pid 5064] <... umount2 resumed>) = 0 [pid 6223] <... munmap resumed>) = 0 [ 260.685759][ T6222] NILFS (loop3): recovery complete [ 260.692041][ T6221] NILFS (loop1): recovery complete [ 260.712213][ T6225] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 260.723264][ T6224] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6222] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6223] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6222] <... open resumed>) = 4 [pid 6221] <... chdir resumed>) = 0 [pid 5064] umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6222] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6223] <... openat resumed>) = 4 [pid 6222] <... open resumed>) = 5 [pid 6221] ioctl(4, LOOP_CLR_FD [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6223] ioctl(4, LOOP_SET_FD, 3 [pid 6222] ftruncate(5, 33587195 [pid 6221] <... ioctl resumed>) = 0 [pid 6222] <... ftruncate resumed>) = 0 [pid 5064] lstat("./93/file0", [pid 6222] sendfile(4, 5, NULL, 281474978811909 [pid 6223] <... ioctl resumed>) = 0 [pid 6221] close(4 [pid 5064] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6223] close(3 [pid 6221] <... close resumed>) = 0 [pid 6223] <... close resumed>) = 0 [pid 6221] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6217] <... sendfile resumed>) = 1048576 [pid 5064] umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6223] mkdir("./file0", 0777 [pid 6221] <... open resumed>) = 4 [pid 6217] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6221] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6223] <... mkdir resumed>) = 0 [pid 6221] <... open resumed>) = 5 [pid 6217] <... open resumed>) = -1 EFAULT (Bad address) [pid 6221] ftruncate(5, 33587195 [pid 5064] openat(AT_FDCWD, "./93/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6223] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6221] <... ftruncate resumed>) = 0 [pid 6217] exit_group(0 [pid 6221] sendfile(4, 5, NULL, 281474978811909 [pid 6217] <... exit_group resumed>) = ? [pid 5064] <... openat resumed>) = 4 [pid 6217] +++ exited with 0 +++ [pid 5064] fstat(4, [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6217, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=19 /* 0.19 s */} --- [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] restart_syscall(<... resuming interrupted clone ...> [pid 5064] getdents64(4, [pid 5068] <... restart_syscall resumed>) = 0 [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [ 260.785832][ T6223] loop2: detected capacity change from 0 to 4096 [pid 5064] getdents64(4, [pid 5068] umount2("./94", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] close(4) = 0 [pid 5068] openat(AT_FDCWD, "./94", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] rmdir("./93/file0" [pid 5068] <... openat resumed>) = 3 [pid 5064] <... rmdir resumed>) = 0 [pid 5068] fstat(3, [pid 5064] getdents64(3, [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(3, [pid 5064] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] close(3 [pid 5068] umount2("./94/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... close resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] rmdir("./93" [pid 5068] lstat("./94/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] unlink("./94/binderfs" [pid 5064] <... rmdir resumed>) = 0 [pid 5068] <... unlink resumed>) = 0 [pid 5068] umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] mkdir("./94", 0777) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5064] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5064] close(3) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6226 [ 260.849380][ T6223] NILFS (loop2): invalid segment: Checksum error in segment payload [ 260.885298][ T6223] NILFS (loop2): trying rollback from an earlier position ./strace-static-x86_64: Process 6226 attached [pid 6226] chdir("./94") = 0 [pid 6226] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6226] setpgid(0, 0) = 0 [pid 6226] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6226] write(3, "1000", 4) = 4 [ 260.933891][ T6223] NILFS (loop2): recovery complete [pid 6226] close(3) = 0 [pid 6223] <... mount resumed>) = 0 [pid 6226] symlink("/dev/binderfs", "./binderfs" [pid 6223] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6226] <... symlink resumed>) = 0 [pid 6223] <... openat resumed>) = 3 [pid 6226] memfd_create("syzkaller", 0 [pid 6223] chdir("./file0" [pid 6226] <... memfd_create resumed>) = 3 [pid 6226] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6223] <... chdir resumed>) = 0 [pid 6223] ioctl(4, LOOP_CLR_FD) = 0 [pid 6223] close(4) = 0 [ 260.972103][ T6227] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6223] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6223] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6223] ftruncate(5, 33587195) = 0 [pid 6223] sendfile(4, 5, NULL, 281474978811909 [pid 6218] <... sendfile resumed>) = 1048576 [pid 6218] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6218] exit_group(0) = ? [pid 6226] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6218] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6218, si_uid=0, si_status=0, si_utime=0, si_stime=28 /* 0.28 s */} --- [pid 5068] <... umount2 resumed>) = 0 [pid 5068] umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] umount2("./95", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./94/file0", [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./95", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] <... openat resumed>) = 3 [pid 5068] umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] fstat(3, [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] openat(AT_FDCWD, "./94/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] getdents64(3, [pid 5068] <... openat resumed>) = 4 [pid 5069] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] fstat(4, [pid 5069] umount2("./95/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] getdents64(4, [pid 5069] lstat("./95/binderfs", [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] getdents64(4, [pid 5069] unlink("./95/binderfs" [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] <... unlink resumed>) = 0 [pid 5068] close(4 [pid 5069] umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... close resumed>) = 0 [pid 5068] rmdir("./94/file0") = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5068] rmdir("./94") = 0 [pid 5068] mkdir("./95", 0777) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6226] <... write resumed>) = 2097152 [pid 5068] <... openat resumed>) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5068] close(3) = 0 [pid 6226] munmap(0x7fc0314e0000, 2097152) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6226] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 6228 [pid 6226] <... openat resumed>) = 4 [pid 6226] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6226] close(3) = 0 ./strace-static-x86_64: Process 6228 attached [pid 6226] mkdir("./file0", 0777 [pid 6228] chdir("./95") = 0 [pid 6226] <... mkdir resumed>) = 0 [pid 6228] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6226] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6228] <... prctl resumed>) = 0 [pid 6228] setpgid(0, 0) = 0 [pid 6228] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6228] write(3, "1000", 4) = 4 [pid 6228] close(3) = 0 [ 261.223785][ T6226] loop0: detected capacity change from 0 to 4096 [pid 6228] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6228] memfd_create("syzkaller", 0) = 3 [pid 6228] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6228] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5069] <... umount2 resumed>) = 0 [pid 5069] umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./95/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./95/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 261.322491][ T6226] NILFS (loop0): invalid segment: Checksum error in segment payload [ 261.351375][ T6226] NILFS (loop0): trying rollback from an earlier position [pid 5069] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 5069] rmdir("./95/file0") = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./95") = 0 [pid 6228] <... write resumed>) = 2097152 [pid 5069] mkdir("./96", 0777) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5069] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6229 ./strace-static-x86_64: Process 6229 attached [pid 6229] chdir("./96") = 0 [pid 6229] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6229] setpgid(0, 0) = 0 [pid 6229] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6229] write(3, "1000", 4) = 4 [pid 6228] munmap(0x7fc0314e0000, 2097152 [pid 6229] close(3) = 0 [pid 6228] <... munmap resumed>) = 0 [pid 6229] symlink("/dev/binderfs", "./binderfs" [pid 6228] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6229] <... symlink resumed>) = 0 [pid 6228] <... openat resumed>) = 4 [pid 6229] memfd_create("syzkaller", 0 [ 261.462316][ T6226] NILFS (loop0): recovery complete [pid 6228] ioctl(4, LOOP_SET_FD, 3 [pid 6229] <... memfd_create resumed>) = 3 [pid 6228] <... ioctl resumed>) = 0 [pid 6229] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6226] <... mount resumed>) = 0 [pid 6226] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6226] chdir("./file0") = 0 [pid 6226] ioctl(4, LOOP_CLR_FD) = 0 [pid 6226] close(4) = 0 [pid 6226] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6229] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6228] close(3 [pid 6226] <... open resumed>) = 4 [pid 6228] <... close resumed>) = 0 [pid 6226] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6228] mkdir("./file0", 0777 [pid 6226] <... open resumed>) = 5 [pid 6228] <... mkdir resumed>) = 0 [pid 6226] ftruncate(5, 33587195 [pid 6228] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6226] <... ftruncate resumed>) = 0 [ 261.508362][ T6228] loop4: detected capacity change from 0 to 4096 [ 261.527604][ T6230] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6226] sendfile(4, 5, NULL, 281474978811909 [pid 6229] <... write resumed>) = 2097152 [ 261.619578][ T6228] NILFS (loop4): invalid segment: Checksum error in segment payload [ 261.650040][ T6228] NILFS (loop4): trying rollback from an earlier position [pid 6229] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6229] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 6229] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6222] <... sendfile resumed>) = 1048576 [pid 6222] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6222] exit_group(0) = ? [pid 6222] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6222, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=24 /* 0.24 s */} --- [pid 6229] close(3) = 0 [pid 5067] umount2("./95", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6229] mkdir("./file0", 0777 [ 261.728939][ T6229] loop5: detected capacity change from 0 to 4096 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6229] <... mkdir resumed>) = 0 [pid 5067] openat(AT_FDCWD, "./95", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6229] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5067] <... openat resumed>) = 3 [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./95/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./95/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./95/binderfs") = 0 [ 261.771047][ T6228] NILFS (loop4): recovery complete [pid 5067] umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6228] <... mount resumed>) = 0 [pid 6228] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6221] <... sendfile resumed>) = 1048576 [pid 6228] <... openat resumed>) = 3 [pid 6228] chdir("./file0") = 0 [pid 6228] ioctl(4, LOOP_CLR_FD [pid 6221] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6228] <... ioctl resumed>) = 0 [pid 6228] close(4) = 0 [pid 6221] <... open resumed>) = -1 EFAULT (Bad address) [pid 6228] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6228] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6221] exit_group(0 [pid 6228] <... open resumed>) = 5 [pid 6221] <... exit_group resumed>) = ? [pid 6228] ftruncate(5, 33587195) = 0 [pid 6228] sendfile(4, 5, NULL, 281474978811909 [pid 6221] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6221, si_uid=0, si_status=0, si_utime=0, si_stime=28 /* 0.28 s */} --- [ 261.828227][ T6229] NILFS (loop5): invalid segment: Checksum error in segment payload [ 261.836665][ T6231] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 261.862246][ T6229] NILFS (loop5): trying rollback from an earlier position [pid 5065] umount2("./93", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./93", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./93/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./93/binderfs", [pid 6223] <... sendfile resumed>) = 1048576 [pid 5065] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6223] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5065] unlink("./93/binderfs" [pid 6223] <... open resumed>) = -1 EFAULT (Bad address) [pid 6223] exit_group(0 [pid 5065] <... unlink resumed>) = 0 [ 261.924195][ T6229] NILFS (loop5): recovery complete [pid 6229] <... mount resumed>) = 0 [pid 6223] <... exit_group resumed>) = ? [pid 5065] umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6229] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6223] +++ exited with 0 +++ [pid 6229] <... openat resumed>) = 3 [pid 6229] chdir("./file0") = 0 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6223, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=27 /* 0.27 s */} --- [pid 6229] ioctl(4, LOOP_CLR_FD [pid 5066] restart_syscall(<... resuming interrupted clone ...> [pid 6229] <... ioctl resumed>) = 0 [pid 6229] close(4 [pid 5066] <... restart_syscall resumed>) = 0 [pid 6229] <... close resumed>) = 0 [pid 6229] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5066] umount2("./94", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6229] <... open resumed>) = 4 [pid 5066] openat(AT_FDCWD, "./94", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6229] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5066] <... openat resumed>) = 3 [pid 6229] <... open resumed>) = 5 [pid 6229] ftruncate(5, 33587195 [pid 5066] fstat(3, [pid 6229] <... ftruncate resumed>) = 0 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6229] sendfile(4, 5, NULL, 281474978811909 [pid 5066] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] umount2("./94/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./94/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] unlink("./94/binderfs") = 0 [ 261.972857][ T6232] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5066] umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... umount2 resumed>) = 0 [pid 5067] umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./95/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./95/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./95/file0") = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./95") = 0 [pid 5067] mkdir("./96", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6233 ./strace-static-x86_64: Process 6233 attached [pid 6233] chdir("./96") = 0 [pid 6233] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6233] setpgid(0, 0) = 0 [pid 6233] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6233] write(3, "1000", 4) = 4 [pid 6233] close(3) = 0 [pid 6233] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6233] memfd_create("syzkaller", 0 [pid 5065] <... umount2 resumed>) = 0 [pid 6233] <... memfd_create resumed>) = 3 [pid 6233] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5065] umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6233] <... mmap resumed>) = 0x7fc0314e0000 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./93/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./93/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [pid 5065] rmdir("./93/file0") = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 5065] rmdir("./93" [pid 6233] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5065] <... rmdir resumed>) = 0 [pid 5065] mkdir("./94", 0777) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6234 [pid 5066] <... umount2 resumed>) = 0 [pid 5066] umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6234 attached ) = -1 EINVAL (Invalid argument) [pid 6234] chdir("./94") = 0 [pid 5066] lstat("./94/file0", [pid 6234] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5066] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6234] <... prctl resumed>) = 0 [pid 5066] umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6234] setpgid(0, 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6234] <... setpgid resumed>) = 0 [pid 5066] openat(AT_FDCWD, "./94/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6234] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5066] <... openat resumed>) = 4 [pid 6234] <... openat resumed>) = 3 [pid 6233] <... write resumed>) = 2097152 [pid 5066] fstat(4, [pid 6234] write(3, "1000", 4 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6234] <... write resumed>) = 4 [pid 5066] getdents64(4, [pid 6234] close(3 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6234] <... close resumed>) = 0 [pid 5066] getdents64(4, [pid 6234] symlink("/dev/binderfs", "./binderfs" [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6234] <... symlink resumed>) = 0 [pid 5066] close(4 [pid 6234] memfd_create("syzkaller", 0 [pid 5066] <... close resumed>) = 0 [pid 6234] <... memfd_create resumed>) = 3 [pid 5066] rmdir("./94/file0" [pid 6234] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5066] <... rmdir resumed>) = 0 [pid 6234] <... mmap resumed>) = 0x7fc0314e0000 [pid 5066] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./94") = 0 [pid 5066] mkdir("./95", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD [pid 6233] munmap(0x7fc0314e0000, 2097152 [pid 5066] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6233] <... munmap resumed>) = 0 [pid 5066] close(3) = 0 [pid 6233] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6233] <... openat resumed>) = 4 [pid 6233] ioctl(4, LOOP_SET_FD, 3 [pid 5066] <... clone resumed>, child_tidptr=0x555556c965d0) = 6235 ./strace-static-x86_64: Process 6235 attached [pid 6235] chdir("./95") = 0 [pid 6235] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6234] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6235] <... prctl resumed>) = 0 [pid 6235] setpgid(0, 0) = 0 [pid 6235] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6235] write(3, "1000", 4) = 4 [pid 6235] close(3) = 0 [pid 6235] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6233] <... ioctl resumed>) = 0 [pid 6235] memfd_create("syzkaller", 0 [pid 6233] close(3 [pid 6235] <... memfd_create resumed>) = 3 [pid 6233] <... close resumed>) = 0 [pid 6235] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6233] mkdir("./file0", 0777 [pid 6235] <... mmap resumed>) = 0x7fc0314e0000 [pid 6233] <... mkdir resumed>) = 0 [ 262.466338][ T6233] loop3: detected capacity change from 0 to 4096 [pid 6233] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6235] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6234] <... write resumed>) = 2097152 [pid 6234] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6234] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [ 262.556826][ T6233] NILFS (loop3): invalid segment: Checksum error in segment payload [pid 6234] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6234] close(3) = 0 [pid 6234] mkdir("./file0", 0777) = 0 [pid 6234] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6235] <... write resumed>) = 2097152 [ 262.599950][ T6234] loop1: detected capacity change from 0 to 4096 [ 262.621142][ T6233] NILFS (loop3): trying rollback from an earlier position [pid 6235] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6235] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 262.659508][ T6234] NILFS (loop1): invalid segment: Checksum error in segment payload [pid 6235] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6226] <... sendfile resumed>) = 1048576 [pid 6226] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6226] exit_group(0) = ? [pid 6235] close(3) = 0 [pid 6226] +++ exited with 0 +++ [pid 6235] mkdir("./file0", 0777 [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6226, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=27 /* 0.27 s */} --- [pid 6235] <... mkdir resumed>) = 0 [pid 5064] umount2("./94", MNT_DETACH|UMOUNT_NOFOLLOW [ 262.705911][ T6234] NILFS (loop1): trying rollback from an earlier position [ 262.707507][ T6235] loop2: detected capacity change from 0 to 4096 [ 262.722651][ T6233] NILFS (loop3): recovery complete [ 262.738099][ T6234] NILFS (loop1): recovery complete [pid 6235] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6234] <... mount resumed>) = 0 [pid 6233] <... mount resumed>) = 0 [pid 5064] openat(AT_FDCWD, "./94", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6234] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6233] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5064] <... openat resumed>) = 3 [pid 6234] <... openat resumed>) = 3 [pid 6233] <... openat resumed>) = 3 [pid 5064] fstat(3, [pid 6234] chdir("./file0" [pid 6233] chdir("./file0" [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6234] <... chdir resumed>) = 0 [pid 6233] <... chdir resumed>) = 0 [pid 5064] getdents64(3, [pid 6234] ioctl(4, LOOP_CLR_FD [pid 6233] ioctl(4, LOOP_CLR_FD [pid 5064] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6234] <... ioctl resumed>) = 0 [pid 6233] <... ioctl resumed>) = 0 [pid 5064] umount2("./94/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6234] close(4 [pid 6233] close(4 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6234] <... close resumed>) = 0 [pid 6233] <... close resumed>) = 0 [pid 5064] lstat("./94/binderfs", [pid 6234] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6233] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5064] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6234] <... open resumed>) = 4 [pid 6233] <... open resumed>) = 4 [pid 5064] unlink("./94/binderfs" [pid 6234] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6233] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5064] <... unlink resumed>) = 0 [pid 6234] <... open resumed>) = 5 [pid 6233] <... open resumed>) = 5 [ 262.754828][ T6237] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 262.765957][ T6236] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5064] umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6234] ftruncate(5, 33587195 [pid 6233] ftruncate(5, 33587195 [pid 6234] <... ftruncate resumed>) = 0 [pid 6233] <... ftruncate resumed>) = 0 [pid 6234] sendfile(4, 5, NULL, 281474978811909 [pid 6233] sendfile(4, 5, NULL, 281474978811909 [pid 6228] <... sendfile resumed>) = 1048576 [pid 6228] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6228] exit_group(0) = ? [pid 6228] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6228, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=30 /* 0.30 s */} --- [pid 5068] umount2("./95", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./95", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 262.805395][ T6235] NILFS (loop2): invalid segment: Checksum error in segment payload [ 262.834578][ T6235] NILFS (loop2): trying rollback from an earlier position [pid 5068] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] umount2("./95/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./95/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] unlink("./95/binderfs") = 0 [ 262.942101][ T6235] NILFS (loop2): recovery complete [pid 5068] umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6235] <... mount resumed>) = 0 [pid 6229] <... sendfile resumed>) = 1048576 [pid 6235] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6229] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6235] <... openat resumed>) = 3 [pid 6229] <... open resumed>) = -1 EFAULT (Bad address) [pid 5064] <... umount2 resumed>) = 0 [pid 6235] chdir("./file0" [pid 6229] exit_group(0 [pid 5064] umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6235] <... chdir resumed>) = 0 [pid 6229] <... exit_group resumed>) = ? [pid 6235] ioctl(4, LOOP_CLR_FD [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6235] <... ioctl resumed>) = 0 [pid 6229] +++ exited with 0 +++ [ 263.012115][ T6238] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5064] lstat("./94/file0", [pid 6235] close(4) = 0 [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6229, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5064] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6235] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] umount2("./96", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6235] <... open resumed>) = 4 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6235] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] openat(AT_FDCWD, "./96", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6235] <... open resumed>) = 5 [pid 5069] <... openat resumed>) = 3 [pid 6235] ftruncate(5, 33587195 [pid 5069] fstat(3, [pid 5068] <... umount2 resumed>) = 0 [pid 5064] openat(AT_FDCWD, "./94/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6235] <... ftruncate resumed>) = 0 [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6235] sendfile(4, 5, NULL, 281474978811909 [pid 5069] getdents64(3, [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... openat resumed>) = 4 [pid 5069] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] lstat("./95/file0", [pid 5064] fstat(4, [pid 5069] umount2("./96/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] lstat("./96/binderfs", [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] getdents64(4, [pid 5069] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] openat(AT_FDCWD, "./95/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] unlink("./96/binderfs" [pid 5068] <... openat resumed>) = 4 [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] <... unlink resumed>) = 0 [pid 5068] fstat(4, [pid 5064] getdents64(4, [pid 5069] umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] getdents64(4, [pid 5064] close(4 [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, [pid 5064] <... close resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] rmdir("./94/file0" [pid 5068] close(4) = 0 [pid 5064] <... rmdir resumed>) = 0 [pid 5068] rmdir("./95/file0" [pid 5064] getdents64(3, [pid 5068] <... rmdir resumed>) = 0 [pid 5064] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] close(3 [pid 5068] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] <... close resumed>) = 0 [pid 5068] close(3 [pid 5064] rmdir("./94" [pid 5068] <... close resumed>) = 0 [pid 5064] <... rmdir resumed>) = 0 [pid 5068] rmdir("./95" [pid 5064] mkdir("./95", 0777 [pid 5068] <... rmdir resumed>) = 0 [pid 5064] <... mkdir resumed>) = 0 [pid 5068] mkdir("./96", 0777 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5068] <... mkdir resumed>) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5064] <... openat resumed>) = 3 [pid 5068] <... openat resumed>) = 3 [pid 5064] ioctl(3, LOOP_CLR_FD [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5064] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5068] close(3 [pid 5064] close(3 [pid 5068] <... close resumed>) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5064] <... close resumed>) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 6239 [pid 5064] <... clone resumed>, child_tidptr=0x555556c965d0) = 6240 ./strace-static-x86_64: Process 6239 attached ./strace-static-x86_64: Process 6240 attached [pid 6239] chdir("./96" [pid 6240] chdir("./95") = 0 [pid 6239] <... chdir resumed>) = 0 [pid 6240] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6240] setpgid(0, 0) = 0 [pid 6240] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6239] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6240] write(3, "1000", 4 [pid 6239] <... prctl resumed>) = 0 [pid 6240] <... write resumed>) = 4 [pid 6239] setpgid(0, 0 [pid 6240] close(3 [pid 6239] <... setpgid resumed>) = 0 [pid 6240] <... close resumed>) = 0 [pid 6240] symlink("/dev/binderfs", "./binderfs" [pid 6239] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6240] <... symlink resumed>) = 0 [pid 6240] memfd_create("syzkaller", 0 [pid 6239] <... openat resumed>) = 3 [pid 6240] <... memfd_create resumed>) = 3 [pid 6240] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6239] write(3, "1000", 4) = 4 [pid 6239] close(3) = 0 [pid 6239] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6239] memfd_create("syzkaller", 0) = 3 [pid 6239] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6240] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6239] <... mmap resumed>) = 0x7fc0314e0000 [pid 5069] <... umount2 resumed>) = 0 [pid 5069] umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./96/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6239] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./96/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 5069] rmdir("./96/file0") = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./96") = 0 [pid 5069] mkdir("./97", 0777) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5069] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6241 ./strace-static-x86_64: Process 6241 attached [pid 6239] <... write resumed>) = 2097152 [pid 6240] <... write resumed>) = 2097152 [pid 6241] chdir("./97") = 0 [pid 6240] munmap(0x7fc0314e0000, 2097152 [pid 6241] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6239] munmap(0x7fc0314e0000, 2097152 [pid 6241] <... prctl resumed>) = 0 [pid 6240] <... munmap resumed>) = 0 [pid 6241] setpgid(0, 0 [pid 6240] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6239] <... munmap resumed>) = 0 [pid 6241] <... setpgid resumed>) = 0 [pid 6240] <... openat resumed>) = 4 [pid 6239] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6241] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6240] ioctl(4, LOOP_SET_FD, 3 [pid 6239] <... openat resumed>) = 4 [pid 6241] <... openat resumed>) = 3 [pid 6239] ioctl(4, LOOP_SET_FD, 3 [pid 6241] write(3, "1000", 4 [pid 6240] <... ioctl resumed>) = 0 [pid 6240] close(3) = 0 [pid 6240] mkdir("./file0", 0777 [pid 6241] <... write resumed>) = 4 [pid 6241] close(3) = 0 [pid 6241] symlink("/dev/binderfs", "./binderfs" [pid 6239] <... ioctl resumed>) = 0 [pid 6241] <... symlink resumed>) = 0 [pid 6241] memfd_create("syzkaller", 0) = 3 [pid 6241] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6240] <... mkdir resumed>) = 0 [pid 6239] close(3 [pid 6241] <... mmap resumed>) = 0x7fc0314e0000 [pid 6239] <... close resumed>) = 0 [pid 6240] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6239] mkdir("./file0", 0777) = 0 [ 263.512958][ T6240] loop0: detected capacity change from 0 to 4096 [ 263.525602][ T6239] loop4: detected capacity change from 0 to 4096 [pid 6239] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [ 263.578732][ T6240] NILFS (loop0): invalid segment: Checksum error in segment payload [ 263.602230][ T6239] NILFS (loop4): invalid segment: Checksum error in segment payload [ 263.606796][ T6240] NILFS (loop0): trying rollback from an earlier position [ 263.659879][ T6239] NILFS (loop4): trying rollback from an earlier position [pid 6241] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152 [pid 6241] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6241] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [ 263.710248][ T6240] NILFS (loop0): recovery complete [pid 6241] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6241] close(3 [pid 6240] <... mount resumed>) = 0 [pid 6240] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6240] chdir("./file0") = 0 [pid 6240] ioctl(4, LOOP_CLR_FD) = 0 [pid 6240] close(4 [pid 6241] <... close resumed>) = 0 [pid 6241] mkdir("./file0", 0777) = 0 [pid 6241] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6240] <... close resumed>) = 0 [ 263.739295][ T6241] loop5: detected capacity change from 0 to 4096 [ 263.740092][ T6239] NILFS (loop4): recovery complete [ 263.759603][ T6242] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6240] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6239] <... mount resumed>) = 0 [pid 6234] <... sendfile resumed>) = 1048576 [pid 6234] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6234] exit_group(0) = ? [pid 6240] <... open resumed>) = 4 [pid 6239] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6234] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6234, si_uid=0, si_status=0, si_utime=0, si_stime=24 /* 0.24 s */} --- [pid 6239] <... openat resumed>) = 3 [pid 6240] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6239] chdir("./file0" [pid 5065] umount2("./94", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6240] <... open resumed>) = 5 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6240] ftruncate(5, 33587195 [pid 6239] <... chdir resumed>) = 0 [pid 5065] openat(AT_FDCWD, "./94", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6239] ioctl(4, LOOP_CLR_FD [pid 5065] <... openat resumed>) = 3 [pid 6240] <... ftruncate resumed>) = 0 [pid 6239] <... ioctl resumed>) = 0 [pid 5065] fstat(3, [pid 6240] sendfile(4, 5, NULL, 281474978811909 [pid 6239] close(4 [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6239] <... close resumed>) = 0 [pid 5065] getdents64(3, [pid 6239] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5065] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6239] <... open resumed>) = 4 [pid 5065] umount2("./94/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6239] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./94/binderfs", [pid 6239] <... open resumed>) = 5 [pid 5065] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6239] ftruncate(5, 33587195 [ 263.806318][ T6241] NILFS (loop5): invalid segment: Checksum error in segment payload [ 263.814550][ T6243] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5065] unlink("./94/binderfs" [pid 6239] <... ftruncate resumed>) = 0 [pid 5065] <... unlink resumed>) = 0 [pid 6239] sendfile(4, 5, NULL, 281474978811909 [pid 6233] <... sendfile resumed>) = 1048576 [pid 5065] umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6233] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6233] exit_group(0) = ? [pid 6233] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6233, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=28 /* 0.28 s */} --- [pid 5067] umount2("./96", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./96", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./96/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./96/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./96/binderfs") = 0 [ 263.855785][ T6241] NILFS (loop5): trying rollback from an earlier position [ 263.929236][ T6241] NILFS (loop5): recovery complete [pid 5067] umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6241] <... mount resumed>) = 0 [pid 6241] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6241] chdir("./file0") = 0 [pid 6241] ioctl(4, LOOP_CLR_FD) = 0 [pid 6241] close(4) = 0 [pid 6241] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6241] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6241] ftruncate(5, 33587195) = 0 [ 263.978793][ T6244] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6241] sendfile(4, 5, NULL, 281474978811909 [pid 5067] <... umount2 resumed>) = 0 [pid 5067] umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./96/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... umount2 resumed>) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./96/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... openat resumed>) = 4 [pid 6235] <... sendfile resumed>) = 1048576 [pid 5067] fstat(4, [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6235] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6235] <... open resumed>) = -1 EFAULT (Bad address) [pid 5067] getdents64(4, [pid 5065] lstat("./94/file0", [pid 6235] exit_group(0 [pid 5065] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6235] <... exit_group resumed>) = ? [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6235] +++ exited with 0 +++ [pid 5067] getdents64(4, [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6235, si_uid=0, si_status=0, si_utime=0, si_stime=30 /* 0.30 s */} --- [pid 5065] openat(AT_FDCWD, "./94/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] restart_syscall(<... resuming interrupted clone ...> [pid 5065] <... openat resumed>) = 4 [pid 5067] close(4 [pid 5066] <... restart_syscall resumed>) = 0 [pid 5065] fstat(4, [pid 5067] <... close resumed>) = 0 [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] rmdir("./96/file0" [pid 5065] getdents64(4, [pid 5067] <... rmdir resumed>) = 0 [pid 5066] umount2("./95", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(3, [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] getdents64(4, [pid 5067] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] openat(AT_FDCWD, "./95", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(3 [pid 5066] <... openat resumed>) = 3 [pid 5065] close(4 [pid 5067] <... close resumed>) = 0 [pid 5066] fstat(3, [pid 5065] <... close resumed>) = 0 [pid 5067] rmdir("./96" [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] rmdir("./94/file0" [pid 5067] <... rmdir resumed>) = 0 [pid 5066] getdents64(3, [pid 5067] mkdir("./97", 0777) = 0 [pid 5066] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] <... rmdir resumed>) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5066] umount2("./95/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] getdents64(3, [pid 5067] <... openat resumed>) = 3 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] ioctl(3, LOOP_CLR_FD [pid 5066] lstat("./95/binderfs", [pid 5065] close(3 [pid 5067] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5066] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] <... close resumed>) = 0 [pid 5067] close(3 [pid 5066] unlink("./95/binderfs" [pid 5065] rmdir("./94" [pid 5067] <... close resumed>) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5066] <... unlink resumed>) = 0 [pid 5066] umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... rmdir resumed>) = 0 [pid 5067] <... clone resumed>, child_tidptr=0x555556c965d0) = 6245 [pid 5065] mkdir("./95", 0777) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 6245 attached ) = -1 ENXIO (No such device or address) [pid 6245] chdir("./97" [pid 5065] close(3 [pid 6245] <... chdir resumed>) = 0 [pid 5065] <... close resumed>) = 0 [pid 6245] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6245] <... prctl resumed>) = 0 [pid 6245] setpgid(0, 0 [pid 5065] <... clone resumed>, child_tidptr=0x555556c965d0) = 6246 [pid 6245] <... setpgid resumed>) = 0 [pid 6245] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6245] write(3, "1000", 4) = 4 [pid 6245] close(3) = 0 [pid 6245] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6245] memfd_create("syzkaller", 0./strace-static-x86_64: Process 6246 attached ) = 3 [pid 6246] chdir("./95" [pid 6245] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6246] <... chdir resumed>) = 0 [pid 6245] <... mmap resumed>) = 0x7fc0314e0000 [pid 6246] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6246] setpgid(0, 0) = 0 [pid 6246] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6246] write(3, "1000", 4) = 4 [pid 6246] close(3) = 0 [pid 6246] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6246] memfd_create("syzkaller", 0) = 3 [pid 6246] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6245] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6246] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5066] <... umount2 resumed>) = 0 [pid 6245] <... write resumed>) = 2097152 [pid 6245] munmap(0x7fc0314e0000, 2097152 [pid 5066] umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6245] <... munmap resumed>) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6245] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5066] lstat("./95/file0", [pid 6245] <... openat resumed>) = 4 [pid 5066] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6245] ioctl(4, LOOP_SET_FD, 3 [pid 5066] umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6245] <... ioctl resumed>) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6246] <... write resumed>) = 2097152 [pid 5066] openat(AT_FDCWD, "./95/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] fstat(4, [pid 6246] munmap(0x7fc0314e0000, 2097152 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6246] <... munmap resumed>) = 0 [pid 5066] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6246] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5066] getdents64(4, [pid 6246] <... openat resumed>) = 4 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6246] ioctl(4, LOOP_SET_FD, 3 [pid 5066] close(4) = 0 [pid 5066] rmdir("./95/file0") = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./95" [pid 6245] close(3 [pid 5066] <... rmdir resumed>) = 0 [pid 6245] <... close resumed>) = 0 [pid 5066] mkdir("./96", 0777 [pid 6245] mkdir("./file0", 0777 [pid 5066] <... mkdir resumed>) = 0 [pid 6245] <... mkdir resumed>) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6245] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5066] <... openat resumed>) = 3 [ 264.528791][ T6245] loop3: detected capacity change from 0 to 4096 [ 264.547102][ T6246] loop1: detected capacity change from 0 to 4096 [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5066] close(3) = 0 [pid 6246] <... ioctl resumed>) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6246] close(3) = 0 [pid 5066] <... clone resumed>, child_tidptr=0x555556c965d0) = 6247 [pid 6246] mkdir("./file0", 0777) = 0 [pid 6246] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, ""./strace-static-x86_64: Process 6247 attached [pid 6247] chdir("./96") = 0 [pid 6247] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6247] setpgid(0, 0) = 0 [pid 6247] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6247] write(3, "1000", 4) = 4 [ 264.574334][ T6245] NILFS (loop3): invalid segment: Checksum error in segment payload [pid 6247] close(3) = 0 [pid 6247] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6247] memfd_create("syzkaller", 0) = 3 [pid 6247] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 264.626233][ T6246] NILFS (loop1): invalid segment: Checksum error in segment payload [ 264.661889][ T6245] NILFS (loop3): trying rollback from an earlier position [ 264.677607][ T6246] NILFS (loop1): trying rollback from an earlier position [pid 6247] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152 [ 264.740394][ T6246] NILFS (loop1): recovery complete [ 264.746863][ T6245] NILFS (loop3): recovery complete [pid 6246] <... mount resumed>) = 0 [pid 6245] <... mount resumed>) = 0 [pid 6246] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6245] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6246] <... openat resumed>) = 3 [pid 6245] <... openat resumed>) = 3 [pid 6246] chdir("./file0" [pid 6245] chdir("./file0" [pid 6246] <... chdir resumed>) = 0 [pid 6245] <... chdir resumed>) = 0 [pid 6246] ioctl(4, LOOP_CLR_FD [pid 6245] ioctl(4, LOOP_CLR_FD [pid 6246] <... ioctl resumed>) = 0 [pid 6245] <... ioctl resumed>) = 0 [pid 6246] close(4 [pid 6245] close(4 [pid 6246] <... close resumed>) = 0 [pid 6245] <... close resumed>) = 0 [pid 6247] munmap(0x7fc0314e0000, 2097152 [pid 6246] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6240] <... sendfile resumed>) = 1048576 [pid 6240] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6240] exit_group(0) = ? [pid 6245] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6240] +++ exited with 0 +++ [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6240, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 6245] <... open resumed>) = 4 [pid 5064] umount2("./95", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6246] <... open resumed>) = 4 [pid 6245] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6246] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6245] <... open resumed>) = 5 [pid 5064] openat(AT_FDCWD, "./95", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6246] <... open resumed>) = 5 [pid 6245] ftruncate(5, 33587195 [pid 5064] fstat(3, [pid 6246] ftruncate(5, 33587195 [pid 6245] <... ftruncate resumed>) = 0 [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6246] <... ftruncate resumed>) = 0 [pid 6245] sendfile(4, 5, NULL, 281474978811909 [pid 5064] getdents64(3, [pid 6246] sendfile(4, 5, NULL, 281474978811909 [pid 5064] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] umount2("./95/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./95/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6247] <... munmap resumed>) = 0 [pid 5064] unlink("./95/binderfs") = 0 [pid 6247] openat(AT_FDCWD, "/dev/loop2", O_RDWR [ 264.785769][ T6248] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 264.795653][ T6249] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5064] umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6247] <... openat resumed>) = 4 [pid 6239] <... sendfile resumed>) = 1048576 [pid 6247] ioctl(4, LOOP_SET_FD, 3 [pid 6239] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6239] exit_group(0) = ? [pid 6239] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6239, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=23 /* 0.23 s */} --- [pid 5068] umount2("./96", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./96", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6247] <... ioctl resumed>) = 0 [pid 5068] getdents64(3, [pid 6247] close(3 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6247] <... close resumed>) = 0 [pid 5068] umount2("./96/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6247] mkdir("./file0", 0777 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6247] <... mkdir resumed>) = 0 [pid 5068] lstat("./96/binderfs", [pid 6247] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] unlink("./96/binderfs") = 0 [ 264.881780][ T6247] loop2: detected capacity change from 0 to 4096 [ 264.957854][ T6247] NILFS (loop2): invalid segment: Checksum error in segment payload [ 264.990048][ T6247] NILFS (loop2): trying rollback from an earlier position [ 265.062922][ T6247] NILFS (loop2): recovery complete [pid 5068] umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6247] <... mount resumed>) = 0 [pid 6247] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5068] <... umount2 resumed>) = 0 [pid 6247] <... openat resumed>) = 3 [pid 5068] umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6247] chdir("./file0" [pid 5064] <... umount2 resumed>) = 0 [pid 6247] <... chdir resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6247] ioctl(4, LOOP_CLR_FD [pid 5064] umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6247] <... ioctl resumed>) = 0 [pid 5068] lstat("./96/file0", [pid 6247] close(4 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6247] <... close resumed>) = 0 [pid 5068] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] lstat("./95/file0", [pid 6247] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6247] <... open resumed>) = 4 [pid 5068] openat(AT_FDCWD, "./96/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6247] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] <... openat resumed>) = 4 [pid 5064] openat(AT_FDCWD, "./95/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6247] <... open resumed>) = 5 [pid 5068] fstat(4, [pid 5064] <... openat resumed>) = 4 [pid 6247] ftruncate(5, 33587195 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 265.106297][ T6250] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5064] fstat(4, [pid 6247] <... ftruncate resumed>) = 0 [pid 5068] getdents64(4, [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6247] sendfile(4, 5, NULL, 281474978811909 [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] close(4 [pid 5068] getdents64(4, [pid 5064] <... close resumed>) = 0 [pid 6241] <... sendfile resumed>) = 1048576 [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] rmdir("./95/file0" [pid 6241] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5068] close(4) = 0 [pid 5068] rmdir("./96/file0" [pid 6241] <... open resumed>) = -1 EFAULT (Bad address) [pid 5068] <... rmdir resumed>) = 0 [pid 5064] <... rmdir resumed>) = 0 [pid 5068] getdents64(3, [pid 5064] getdents64(3, [pid 6241] exit_group(0 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6241] <... exit_group resumed>) = ? [pid 5068] close(3 [pid 5064] close(3 [pid 5068] <... close resumed>) = 0 [pid 5068] rmdir("./96" [pid 5064] <... close resumed>) = 0 [pid 5068] <... rmdir resumed>) = 0 [pid 5064] rmdir("./95" [pid 6241] +++ exited with 0 +++ [pid 5068] mkdir("./97", 0777) = 0 [pid 5064] <... rmdir resumed>) = 0 [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6241, si_uid=0, si_status=0, si_utime=0, si_stime=24 /* 0.24 s */} --- [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5064] mkdir("./96", 0777 [pid 5069] umount2("./97", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... openat resumed>) = 3 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5069] openat(AT_FDCWD, "./97", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5064] <... mkdir resumed>) = 0 [pid 5069] <... openat resumed>) = 3 [pid 5068] close(3 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5069] fstat(3, [pid 5068] <... close resumed>) = 0 [pid 5064] <... openat resumed>) = 3 [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5064] ioctl(3, LOOP_CLR_FD [pid 5069] getdents64(3, [pid 5064] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5069] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] close(3 [pid 5069] umount2("./97/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 6251 [pid 5064] <... close resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5069] lstat("./97/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] <... clone resumed>, child_tidptr=0x555556c965d0) = 6252 [pid 5069] unlink("./97/binderfs") = 0 [pid 5069] umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6252 attached [pid 6252] chdir("./96") = 0 [pid 6252] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6252] setpgid(0, 0) = 0 [pid 6252] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6252] write(3, "1000", 4) = 4 [pid 6252] close(3) = 0 [pid 6252] symlink("/dev/binderfs", "./binderfs") = 0 ./strace-static-x86_64: Process 6251 attached [pid 6252] memfd_create("syzkaller", 0 [pid 6251] chdir("./97" [pid 6252] <... memfd_create resumed>) = 3 [pid 6251] <... chdir resumed>) = 0 [pid 6252] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6251] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6252] <... mmap resumed>) = 0x7fc0314e0000 [pid 6251] <... prctl resumed>) = 0 [pid 6251] setpgid(0, 0) = 0 [pid 6251] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6251] write(3, "1000", 4) = 4 [pid 6251] close(3) = 0 [pid 6251] symlink("/dev/binderfs", "./binderfs" [pid 6252] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6251] <... symlink resumed>) = 0 [pid 6251] memfd_create("syzkaller", 0) = 3 [pid 6251] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6251] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5069] <... umount2 resumed>) = 0 [pid 5069] umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./97/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6252] <... write resumed>) = 2097152 [pid 5069] umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6252] munmap(0x7fc0314e0000, 2097152 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6252] <... munmap resumed>) = 0 [pid 5069] openat(AT_FDCWD, "./97/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6252] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6251] <... write resumed>) = 2097152 [pid 5069] <... openat resumed>) = 4 [pid 6252] <... openat resumed>) = 4 [pid 5069] fstat(4, [pid 6252] ioctl(4, LOOP_SET_FD, 3 [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(4, [pid 6252] <... ioctl resumed>) = 0 [pid 6251] munmap(0x7fc0314e0000, 2097152 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6252] close(3 [pid 6251] <... munmap resumed>) = 0 [pid 5069] getdents64(4, [pid 6252] <... close resumed>) = 0 [pid 6251] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6252] mkdir("./file0", 0777 [pid 6251] <... openat resumed>) = 4 [pid 5069] close(4 [pid 6252] <... mkdir resumed>) = 0 [pid 6251] ioctl(4, LOOP_SET_FD, 3 [pid 5069] <... close resumed>) = 0 [pid 6252] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5069] rmdir("./97/file0") = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./97") = 0 [pid 6251] <... ioctl resumed>) = 0 [pid 5069] mkdir("./98", 0777 [pid 6251] close(3 [pid 5069] <... mkdir resumed>) = 0 [pid 6251] <... close resumed>) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 6251] mkdir("./file0", 0777 [pid 5069] <... openat resumed>) = 3 [ 265.473155][ T6252] loop0: detected capacity change from 0 to 4096 [ 265.509740][ T6251] loop4: detected capacity change from 0 to 4096 [pid 6251] <... mkdir resumed>) = 0 [pid 5069] ioctl(3, LOOP_CLR_FD [pid 6251] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5069] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6253 [ 265.533493][ T6252] NILFS (loop0): invalid segment: Checksum error in segment payload ./strace-static-x86_64: Process 6253 attached [pid 6253] chdir("./98") = 0 [pid 6253] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6253] setpgid(0, 0) = 0 [pid 6253] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6253] write(3, "1000", 4) = 4 [pid 6253] close(3) = 0 [pid 6253] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6253] memfd_create("syzkaller", 0) = 3 [pid 6253] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 265.573858][ T6251] NILFS (loop4): invalid segment: Checksum error in segment payload [ 265.595382][ T6252] NILFS (loop0): trying rollback from an earlier position [ 265.636433][ T6251] NILFS (loop4): trying rollback from an earlier position [ 265.671706][ T6252] NILFS (loop0): recovery complete [pid 6253] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6252] <... mount resumed>) = 0 [pid 6252] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6252] chdir("./file0") = 0 [pid 6252] ioctl(4, LOOP_CLR_FD) = 0 [pid 6252] close(4) = 0 [pid 6252] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6252] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6252] ftruncate(5, 33587195) = 0 [ 265.699798][ T6254] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 265.720827][ T6251] NILFS (loop4): recovery complete [pid 6252] sendfile(4, 5, NULL, 281474978811909 [pid 6253] <... write resumed>) = 2097152 [pid 6253] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6253] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 6253] ioctl(4, LOOP_SET_FD, 3 [pid 6251] <... mount resumed>) = 0 [pid 6251] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6251] chdir("./file0") = 0 [pid 6251] ioctl(4, LOOP_CLR_FD) = 0 [pid 6251] close(4) = 0 [pid 6251] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6251] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6251] ftruncate(5, 33587195) = 0 [ 265.772287][ T6255] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 265.779246][ T6253] loop5: detected capacity change from 0 to 4096 [pid 6251] sendfile(4, 5, NULL, 281474978811909 [pid 6253] <... ioctl resumed>) = 0 [pid 6253] close(3) = 0 [pid 6253] mkdir("./file0", 0777) = 0 [pid 6253] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6245] <... sendfile resumed>) = 1048576 [pid 6245] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6245] exit_group(0) = ? [pid 6245] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6245, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5067] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5067] umount2("./97", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 265.938419][ T6253] NILFS (loop5): invalid segment: Checksum error in segment payload [pid 5067] openat(AT_FDCWD, "./97", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] fstat(3, [pid 6246] <... sendfile resumed>) = 1048576 [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6246] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5067] getdents64(3, [pid 6246] <... open resumed>) = -1 EFAULT (Bad address) [pid 5067] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6246] exit_group(0 [pid 5067] umount2("./97/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6246] <... exit_group resumed>) = ? [pid 5067] lstat("./97/binderfs", [pid 6246] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6246, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5067] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./97/binderfs" [pid 5065] umount2("./95", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./95", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5067] <... unlink resumed>) = 0 [pid 5065] <... openat resumed>) = 3 [pid 5067] umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./95/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./95/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [ 265.980268][ T6253] NILFS (loop5): trying rollback from an earlier position [pid 5065] unlink("./95/binderfs") = 0 [ 266.078765][ T6253] NILFS (loop5): recovery complete [pid 5065] umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6253] <... mount resumed>) = 0 [pid 6253] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6253] chdir("./file0") = 0 [pid 6253] ioctl(4, LOOP_CLR_FD) = 0 [pid 6253] close(4) = 0 [pid 6253] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6253] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6253] ftruncate(5, 33587195) = 0 [ 266.140147][ T6256] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6253] sendfile(4, 5, NULL, 281474978811909 [pid 5067] <... umount2 resumed>) = 0 [pid 5067] umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./97/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./97/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] <... umount2 resumed>) = 0 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] close(4) = 0 [pid 5067] rmdir("./97/file0" [pid 5065] lstat("./95/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... rmdir resumed>) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] getdents64(3, [pid 5065] openat(AT_FDCWD, "./95/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5067] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3 [pid 5065] <... openat resumed>) = 4 [pid 5067] <... close resumed>) = 0 [pid 5067] rmdir("./97" [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(4, [pid 5067] <... rmdir resumed>) = 0 [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] mkdir("./98", 0777 [pid 5065] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [pid 5067] <... mkdir resumed>) = 0 [pid 5065] rmdir("./95/file0" [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5065] <... rmdir resumed>) = 0 [pid 6247] <... sendfile resumed>) = 1048576 [pid 5065] getdents64(3, [pid 6247] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5067] <... openat resumed>) = 3 [pid 5065] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6247] <... open resumed>) = -1 EFAULT (Bad address) [pid 5065] close(3 [pid 6247] exit_group(0 [pid 5067] ioctl(3, LOOP_CLR_FD [pid 5065] <... close resumed>) = 0 [pid 6247] <... exit_group resumed>) = ? [pid 5067] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5065] rmdir("./95" [pid 6247] +++ exited with 0 +++ [pid 5067] close(3 [pid 5065] <... rmdir resumed>) = 0 [pid 5065] mkdir("./96", 0777 [pid 5067] <... close resumed>) = 0 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6247, si_uid=0, si_status=0, si_utime=0, si_stime=22 /* 0.22 s */} --- [pid 5065] <... mkdir resumed>) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6257 ./strace-static-x86_64: Process 6257 attached [pid 6257] chdir("./96") = 0 [pid 6257] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6257] setpgid(0, 0) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6257] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6257] write(3, "1000", 4 [pid 5066] umount2("./96", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6257] <... write resumed>) = 4 [pid 5067] <... clone resumed>, child_tidptr=0x555556c965d0) = 6258 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6257] close(3 [pid 5066] openat(AT_FDCWD, "./96", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6257] <... close resumed>) = 0 [pid 5066] <... openat resumed>) = 3 [pid 5066] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6257] symlink("/dev/binderfs", "./binderfs" [pid 5066] getdents64(3, [pid 6257] <... symlink resumed>) = 0 [pid 5066] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6257] memfd_create("syzkaller", 0) = 3 [pid 6257] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5066] umount2("./96/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./96/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] unlink("./96/binderfs") = 0 [pid 5066] umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6258 attached [pid 6258] chdir("./98") = 0 [pid 6258] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6258] setpgid(0, 0) = 0 [pid 6258] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6258] write(3, "1000", 4) = 4 [pid 6258] close(3) = 0 [pid 6258] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6258] memfd_create("syzkaller", 0) = 3 [pid 6258] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6257] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6258] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6257] <... write resumed>) = 2097152 [pid 6257] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6257] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6257] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6257] close(3) = 0 [pid 6258] <... write resumed>) = 2097152 [pid 6257] mkdir("./file0", 0777 [pid 6258] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6257] <... mkdir resumed>) = 0 [pid 6257] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6258] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [ 266.646252][ T6257] loop1: detected capacity change from 0 to 4096 [pid 6258] ioctl(4, LOOP_SET_FD, 3 [pid 5066] <... umount2 resumed>) = 0 [pid 5066] umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./96/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./96/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6258] <... ioctl resumed>) = 0 [ 266.703770][ T6258] loop3: detected capacity change from 0 to 4096 [pid 6258] close(3 [pid 5066] <... openat resumed>) = 4 [pid 6258] <... close resumed>) = 0 [pid 6258] mkdir("./file0", 0777) = 0 [pid 5066] fstat(4, [pid 6258] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 5066] rmdir("./96/file0") = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [ 266.763764][ T6257] NILFS (loop1): invalid segment: Checksum error in segment payload [pid 5066] rmdir("./96") = 0 [pid 5066] mkdir("./97", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5066] close(3) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6259 [ 266.819271][ T6257] NILFS (loop1): trying rollback from an earlier position [ 266.827419][ T6258] NILFS (loop3): invalid segment: Checksum error in segment payload ./strace-static-x86_64: Process 6259 attached [pid 6259] chdir("./97" [pid 6252] <... sendfile resumed>) = 1048576 [pid 6252] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6259] <... chdir resumed>) = 0 [pid 6252] <... open resumed>) = -1 EFAULT (Bad address) [pid 6259] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6252] exit_group(0 [pid 6259] <... prctl resumed>) = 0 [pid 6252] <... exit_group resumed>) = ? [pid 6259] setpgid(0, 0 [pid 6252] +++ exited with 0 +++ [pid 6259] <... setpgid resumed>) = 0 [pid 6259] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6252, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=23 /* 0.23 s */} --- [pid 5064] umount2("./96", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6259] <... openat resumed>) = 3 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./96", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6259] write(3, "1000", 4 [pid 5064] fstat(3, [pid 6259] <... write resumed>) = 4 [pid 6259] close(3 [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6259] <... close resumed>) = 0 [pid 6259] symlink("/dev/binderfs", "./binderfs" [pid 5064] getdents64(3, [pid 6259] <... symlink resumed>) = 0 [pid 5064] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] umount2("./96/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6259] memfd_create("syzkaller", 0) = 3 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6259] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5064] lstat("./96/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6259] <... mmap resumed>) = 0x7fc0314e0000 [pid 5064] unlink("./96/binderfs") = 0 [pid 5064] umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6251] <... sendfile resumed>) = 1048576 [ 266.878425][ T6258] NILFS (loop3): trying rollback from an earlier position [ 266.907653][ T6257] NILFS (loop1): recovery complete [pid 6257] <... mount resumed>) = 0 [pid 6251] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6257] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6251] <... open resumed>) = -1 EFAULT (Bad address) [pid 6257] <... openat resumed>) = 3 [pid 6251] exit_group(0 [pid 6257] chdir("./file0" [pid 6251] <... exit_group resumed>) = ? [pid 6257] <... chdir resumed>) = 0 [pid 6257] ioctl(4, LOOP_CLR_FD) = 0 [pid 6257] close(4) = 0 [pid 6251] +++ exited with 0 +++ [pid 6257] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6251, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=24 /* 0.24 s */} --- [pid 5068] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5068] umount2("./97", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6257] <... open resumed>) = 4 [pid 6257] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] openat(AT_FDCWD, "./97", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6257] <... open resumed>) = 5 [pid 5068] <... openat resumed>) = 3 [pid 6257] ftruncate(5, 33587195 [ 266.947146][ T6258] NILFS (loop3): recovery complete [ 266.957673][ T6260] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5068] fstat(3, [pid 6257] <... ftruncate resumed>) = 0 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6257] sendfile(4, 5, NULL, 281474978811909 [pid 5068] getdents64(3, [pid 6258] <... mount resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6258] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5068] umount2("./97/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6258] <... openat resumed>) = 3 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6258] chdir("./file0" [pid 5068] lstat("./97/binderfs", [pid 6258] <... chdir resumed>) = 0 [pid 5068] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6258] ioctl(4, LOOP_CLR_FD [pid 5068] unlink("./97/binderfs" [pid 6258] <... ioctl resumed>) = 0 [pid 5068] <... unlink resumed>) = 0 [pid 6258] close(4 [pid 5068] umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6259] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6258] <... close resumed>) = 0 [pid 6258] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6258] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6258] ftruncate(5, 33587195) = 0 [ 267.000902][ T6261] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6258] sendfile(4, 5, NULL, 281474978811909 [pid 6259] <... write resumed>) = 2097152 [pid 6259] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6259] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6259] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6259] close(3) = 0 [pid 6259] mkdir("./file0", 0777) = 0 [ 267.191751][ T6259] loop2: detected capacity change from 0 to 4096 [pid 6259] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5064] <... umount2 resumed>) = 0 [pid 5064] umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./96/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./96/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5064] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] close(4) = 0 [pid 5064] rmdir("./96/file0") = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] close(3) = 0 [pid 5064] rmdir("./96") = 0 [pid 5068] <... umount2 resumed>) = 0 [pid 5064] mkdir("./97", 0777) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5064] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5064] close(3) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6262 ./strace-static-x86_64: Process 6262 attached [pid 6262] chdir("./97") = 0 [pid 6262] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6253] <... sendfile resumed>) = 1048576 [pid 5068] umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6262] <... prctl resumed>) = 0 [pid 6253] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6262] setpgid(0, 0 [pid 6253] <... open resumed>) = -1 EFAULT (Bad address) [pid 6262] <... setpgid resumed>) = 0 [pid 6262] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6253] exit_group(0 [pid 5068] lstat("./97/file0", [pid 6262] <... openat resumed>) = 3 [pid 6253] <... exit_group resumed>) = ? [pid 6262] write(3, "1000", 4 [pid 5068] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6262] <... write resumed>) = 4 [pid 6262] close(3 [pid 6253] +++ exited with 0 +++ [pid 6262] <... close resumed>) = 0 [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6253, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=26 /* 0.26 s */} --- [pid 5068] umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW [ 267.316237][ T6259] NILFS (loop2): invalid segment: Checksum error in segment payload [ 267.324857][ T6259] NILFS (loop2): trying rollback from an earlier position [pid 6262] symlink("/dev/binderfs", "./binderfs" [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6262] <... symlink resumed>) = 0 [pid 6262] memfd_create("syzkaller", 0 [pid 5069] umount2("./98", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] openat(AT_FDCWD, "./97/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6262] <... memfd_create resumed>) = 3 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6262] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5069] openat(AT_FDCWD, "./98", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] <... openat resumed>) = 4 [pid 6262] <... mmap resumed>) = 0x7fc0314e0000 [pid 5069] <... openat resumed>) = 3 [pid 5069] fstat(3, [ 267.376926][ T6259] NILFS (loop2): recovery complete [pid 5068] fstat(4, [pid 6259] <... mount resumed>) = 0 [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./98/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./98/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./98/binderfs") = 0 [pid 5069] umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] getdents64(4, [pid 6259] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5068] rmdir("./97/file0" [pid 6259] <... openat resumed>) = 3 [pid 5068] <... rmdir resumed>) = 0 [pid 5068] getdents64(3, [pid 6259] chdir("./file0" [pid 5068] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6259] <... chdir resumed>) = 0 [pid 5068] close(3 [pid 6259] ioctl(4, LOOP_CLR_FD [pid 5068] <... close resumed>) = 0 [pid 6259] <... ioctl resumed>) = 0 [pid 5068] rmdir("./97" [pid 6259] close(4 [pid 6262] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5068] <... rmdir resumed>) = 0 [pid 6259] <... close resumed>) = 0 [ 267.398302][ T6263] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5068] mkdir("./98", 0777 [pid 6259] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] <... mkdir resumed>) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 6259] <... open resumed>) = 4 [pid 5068] ioctl(3, LOOP_CLR_FD [pid 6259] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5068] close(3 [pid 6259] <... open resumed>) = 5 [pid 5068] <... close resumed>) = 0 [pid 6259] ftruncate(5, 33587195 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6259] <... ftruncate resumed>) = 0 [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 6264 [pid 6259] sendfile(4, 5, NULL, 281474978811909./strace-static-x86_64: Process 6264 attached [pid 6264] chdir("./98") = 0 [pid 6264] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6264] setpgid(0, 0) = 0 [pid 6264] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5069] <... umount2 resumed>) = 0 [pid 6264] write(3, "1000", 4) = 4 [pid 6264] close(3) = 0 [pid 6264] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6264] memfd_create("syzkaller", 0) = 3 [pid 6264] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5069] umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./98/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6262] <... write resumed>) = 2097152 [pid 5069] umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./98/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6262] munmap(0x7fc0314e0000, 2097152 [pid 5069] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, [pid 6264] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6262] <... munmap resumed>) = 0 [pid 6262] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5069] close(4 [pid 6262] <... openat resumed>) = 4 [pid 5069] <... close resumed>) = 0 [pid 6262] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5069] rmdir("./98/file0") = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 6262] close(3) = 0 [pid 6262] mkdir("./file0", 0777 [pid 5069] rmdir("./98") = 0 [pid 5069] mkdir("./99", 0777 [pid 6262] <... mkdir resumed>) = 0 [pid 5069] <... mkdir resumed>) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD [pid 6262] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5069] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6265 ./strace-static-x86_64: Process 6265 attached [pid 6265] chdir("./99") = 0 [pid 6265] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 267.627326][ T6262] loop0: detected capacity change from 0 to 4096 [pid 6265] setpgid(0, 0) = 0 [pid 6265] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6265] write(3, "1000", 4 [pid 6264] <... write resumed>) = 2097152 [ 267.701667][ T6262] NILFS (loop0): invalid segment: Checksum error in segment payload [pid 6265] <... write resumed>) = 4 [pid 6264] munmap(0x7fc0314e0000, 2097152 [pid 6265] close(3 [pid 6264] <... munmap resumed>) = 0 [pid 6265] <... close resumed>) = 0 [pid 6264] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6265] symlink("/dev/binderfs", "./binderfs" [pid 6264] <... openat resumed>) = 4 [pid 6265] <... symlink resumed>) = 0 [pid 6264] ioctl(4, LOOP_SET_FD, 3 [pid 6265] memfd_create("syzkaller", 0 [pid 6264] <... ioctl resumed>) = 0 [pid 6265] <... memfd_create resumed>) = 3 [pid 6264] close(3 [pid 6265] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6264] <... close resumed>) = 0 [pid 6265] <... mmap resumed>) = 0x7fc0314e0000 [pid 6264] mkdir("./file0", 0777) = 0 [ 267.746832][ T6262] NILFS (loop0): trying rollback from an earlier position [ 267.768382][ T6264] loop4: detected capacity change from 0 to 4096 [pid 6264] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [ 267.808180][ T6262] NILFS (loop0): recovery complete [pid 6265] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6262] <... mount resumed>) = 0 [pid 6262] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6262] chdir("./file0") = 0 [pid 6262] ioctl(4, LOOP_CLR_FD) = 0 [pid 6262] close(4) = 0 [pid 6262] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6265] <... write resumed>) = 2097152 [pid 6262] <... open resumed>) = 4 [pid 6262] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [ 267.842234][ T6266] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 267.882093][ T6264] NILFS (loop4): invalid segment: Checksum error in segment payload [pid 6262] ftruncate(5, 33587195) = 0 [pid 6262] sendfile(4, 5, NULL, 281474978811909 [pid 6265] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6265] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 6265] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6265] close(3) = 0 [pid 6265] mkdir("./file0", 0777) = 0 [ 267.933812][ T6264] NILFS (loop4): trying rollback from an earlier position [ 267.973005][ T6265] loop5: detected capacity change from 0 to 4096 [ 268.014005][ T6265] NILFS (loop5): invalid segment: Checksum error in segment payload [ 268.041744][ T6264] NILFS (loop4): recovery complete [pid 6265] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6264] <... mount resumed>) = 0 [pid 6264] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6264] chdir("./file0") = 0 [pid 6264] ioctl(4, LOOP_CLR_FD) = 0 [pid 6264] close(4) = 0 [pid 6264] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6264] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [ 268.071877][ T6267] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 268.073092][ T6265] NILFS (loop5): trying rollback from an earlier position [pid 6264] ftruncate(5, 33587195) = 0 [pid 6264] sendfile(4, 5, NULL, 281474978811909 [pid 6257] <... sendfile resumed>) = 1048576 [pid 6257] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6257] exit_group(0) = ? [pid 6257] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6257, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 6258] <... sendfile resumed>) = 1048576 [pid 5065] umount2("./96", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6258] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6258] exit_group(0) = ? [pid 6258] +++ exited with 0 +++ [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6258, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 5065] openat(AT_FDCWD, "./96", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] fstat(3, [pid 5067] umount2("./98", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] getdents64(3, [pid 5067] openat(AT_FDCWD, "./98", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] fstat(3, [pid 5065] umount2("./96/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] getdents64(3, [pid 5065] lstat("./96/binderfs", [pid 5067] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./98/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] unlink("./96/binderfs" [pid 5067] lstat("./98/binderfs", [pid 5065] <... unlink resumed>) = 0 [pid 5067] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./98/binderfs" [pid 5065] umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... unlink resumed>) = 0 [ 268.251030][ T6265] NILFS (loop5): recovery complete [pid 5067] umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6265] <... mount resumed>) = 0 [pid 6265] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6265] chdir("./file0") = 0 [pid 6265] ioctl(4, LOOP_CLR_FD) = 0 [pid 6265] close(4) = 0 [pid 6265] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6265] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6265] ftruncate(5, 33587195) = 0 [ 268.296629][ T6268] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6265] sendfile(4, 5, NULL, 281474978811909 [pid 5065] <... umount2 resumed>) = 0 [pid 5067] <... umount2 resumed>) = 0 [pid 5065] umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./98/file0", [pid 5065] lstat("./96/file0", [pid 5067] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./98/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] <... openat resumed>) = 4 [pid 5067] fstat(4, [pid 5065] openat(AT_FDCWD, "./96/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, [pid 5065] <... openat resumed>) = 4 [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] fstat(4, [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] close(4 [pid 5065] getdents64(4, [pid 5067] <... close resumed>) = 0 [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] rmdir("./98/file0" [pid 5065] getdents64(4, [pid 5067] <... rmdir resumed>) = 0 [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] getdents64(3, [pid 5065] close(4 [pid 5067] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] <... close resumed>) = 0 [pid 5067] close(3 [pid 5065] rmdir("./96/file0" [pid 5067] <... close resumed>) = 0 [pid 5065] <... rmdir resumed>) = 0 [pid 6259] <... sendfile resumed>) = 1048576 [pid 5067] rmdir("./98" [pid 5065] getdents64(3, [pid 6259] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5067] <... rmdir resumed>) = 0 [pid 5065] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6259] exit_group(0 [pid 5067] mkdir("./99", 0777 [pid 5065] close(3 [pid 6259] <... exit_group resumed>) = ? [pid 5067] <... mkdir resumed>) = 0 [pid 5065] <... close resumed>) = 0 [pid 6259] +++ exited with 0 +++ [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5065] rmdir("./96" [pid 5067] <... openat resumed>) = 3 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6259, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5065] <... rmdir resumed>) = 0 [pid 5067] ioctl(3, LOOP_CLR_FD [pid 5065] mkdir("./97", 0777 [pid 5067] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5065] <... mkdir resumed>) = 0 [pid 5067] close(3 [pid 5066] umount2("./97", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5067] <... close resumed>) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... openat resumed>) = 3 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5066] openat(AT_FDCWD, "./97", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] ioctl(3, LOOP_CLR_FD [pid 5066] <... openat resumed>) = 3 [pid 5065] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5067] <... clone resumed>, child_tidptr=0x555556c965d0) = 6269 [pid 5066] fstat(3, [pid 5065] close(3 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] <... close resumed>) = 0 [pid 5066] getdents64(3, [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5066] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 ./strace-static-x86_64: Process 6270 attached ./strace-static-x86_64: Process 6269 attached [pid 5066] umount2("./97/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... clone resumed>, child_tidptr=0x555556c965d0) = 6270 [pid 6269] chdir("./99" [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6270] chdir("./97" [pid 5066] lstat("./97/binderfs", [pid 6269] <... chdir resumed>) = 0 [pid 5066] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] unlink("./97/binderfs" [pid 6270] <... chdir resumed>) = 0 [pid 6269] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5066] <... unlink resumed>) = 0 [pid 6270] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5066] umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6270] <... prctl resumed>) = 0 [pid 6269] <... prctl resumed>) = 0 [pid 6270] setpgid(0, 0 [pid 6269] setpgid(0, 0 [pid 6270] <... setpgid resumed>) = 0 [pid 6269] <... setpgid resumed>) = 0 [pid 6270] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6269] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6270] <... openat resumed>) = 3 [pid 6269] write(3, "1000", 4 [pid 6270] write(3, "1000", 4 [pid 6269] <... write resumed>) = 4 [pid 6270] <... write resumed>) = 4 [pid 6270] close(3 [pid 6269] close(3 [pid 6270] <... close resumed>) = 0 [pid 6269] <... close resumed>) = 0 [pid 6270] symlink("/dev/binderfs", "./binderfs" [pid 6269] symlink("/dev/binderfs", "./binderfs" [pid 6270] <... symlink resumed>) = 0 [pid 6269] <... symlink resumed>) = 0 [pid 6270] memfd_create("syzkaller", 0) = 3 [pid 6269] memfd_create("syzkaller", 0 [pid 6270] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6269] <... memfd_create resumed>) = 3 [pid 6270] <... mmap resumed>) = 0x7fc0314e0000 [pid 6269] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6270] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6269] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152 [pid 6270] <... write resumed>) = 2097152 [pid 6269] munmap(0x7fc0314e0000, 2097152 [pid 6270] munmap(0x7fc0314e0000, 2097152 [pid 6269] <... munmap resumed>) = 0 [pid 6270] <... munmap resumed>) = 0 [pid 6270] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6269] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6270] <... openat resumed>) = 4 [pid 6269] <... openat resumed>) = 4 [pid 6270] ioctl(4, LOOP_SET_FD, 3 [pid 6269] ioctl(4, LOOP_SET_FD, 3 [pid 6270] <... ioctl resumed>) = 0 [pid 5066] <... umount2 resumed>) = 0 [pid 5066] umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./97/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./97/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6270] close(3) = 0 [pid 6270] mkdir("./file0", 0777) = 0 [pid 5066] getdents64(4, [pid 6270] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6269] <... ioctl resumed>) = 0 [pid 6269] close(3) = 0 [pid 6269] mkdir("./file0", 0777 [pid 5066] close(4) = 0 [pid 6269] <... mkdir resumed>) = 0 [pid 6269] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [ 268.958395][ T6270] loop1: detected capacity change from 0 to 4096 [ 268.965244][ T6269] loop3: detected capacity change from 0 to 4096 [pid 5066] rmdir("./97/file0") = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./97") = 0 [ 269.027173][ T6269] NILFS (loop3): invalid segment: Checksum error in segment payload [ 269.038578][ T6269] NILFS (loop3): trying rollback from an earlier position [ 269.046726][ T6270] NILFS (loop1): invalid segment: Checksum error in segment payload [ 269.054766][ T6270] NILFS (loop1): trying rollback from an earlier position [pid 5066] mkdir("./98", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5066] close(3) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6272 ./strace-static-x86_64: Process 6272 attached [ 269.075388][ T6269] NILFS (loop3): recovery complete [pid 6272] chdir("./98" [pid 6262] <... sendfile resumed>) = 1048576 [pid 6272] <... chdir resumed>) = 0 [pid 6262] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [ 269.098579][ T6270] NILFS (loop1): recovery complete [pid 6272] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6262] <... open resumed>) = -1 EFAULT (Bad address) [pid 6272] <... prctl resumed>) = 0 [pid 6269] <... mount resumed>) = 0 [pid 6262] exit_group(0) = ? [pid 6272] setpgid(0, 0 [pid 6269] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6262] +++ exited with 0 +++ [pid 6272] <... setpgid resumed>) = 0 [pid 6269] <... openat resumed>) = 3 [pid 6272] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6262, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=18 /* 0.18 s */} --- [pid 6269] chdir("./file0" [pid 6272] <... openat resumed>) = 3 [pid 6269] <... chdir resumed>) = 0 [pid 6272] write(3, "1000", 4 [pid 6269] ioctl(4, LOOP_CLR_FD [pid 5064] umount2("./97", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6269] <... ioctl resumed>) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6272] <... write resumed>) = 4 [pid 6272] close(3 [pid 6269] close(4 [pid 5064] openat(AT_FDCWD, "./97", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6272] <... close resumed>) = 0 [pid 6269] <... close resumed>) = 0 [pid 5064] <... openat resumed>) = 3 [pid 6272] symlink("/dev/binderfs", "./binderfs" [pid 6269] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5064] fstat(3, [pid 6272] <... symlink resumed>) = 0 [ 269.124096][ T6271] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6272] memfd_create("syzkaller", 0 [pid 6269] <... open resumed>) = 4 [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6272] <... memfd_create resumed>) = 3 [pid 6269] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5064] getdents64(3, [pid 6272] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6269] <... open resumed>) = 5 [pid 5064] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6272] <... mmap resumed>) = 0x7fc0314e0000 [pid 6270] <... mount resumed>) = 0 [pid 6269] ftruncate(5, 33587195 [pid 5064] umount2("./97/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6270] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6269] <... ftruncate resumed>) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6270] <... openat resumed>) = 3 [pid 6269] sendfile(4, 5, NULL, 281474978811909 [pid 5064] lstat("./97/binderfs", [pid 6270] chdir("./file0" [pid 5064] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6270] <... chdir resumed>) = 0 [pid 5064] unlink("./97/binderfs" [pid 6270] ioctl(4, LOOP_CLR_FD [pid 5064] <... unlink resumed>) = 0 [pid 6270] <... ioctl resumed>) = 0 [pid 5064] umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6270] close(4) = 0 [ 269.168201][ T6273] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6270] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6270] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6270] ftruncate(5, 33587195 [pid 6272] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6270] <... ftruncate resumed>) = 0 [pid 6270] sendfile(4, 5, NULL, 281474978811909 [pid 6264] <... sendfile resumed>) = 1048576 [pid 6264] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6264] exit_group(0) = ? [pid 6264] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6264, si_uid=0, si_status=0, si_utime=0, si_stime=24 /* 0.24 s */} --- [pid 5068] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5068] umount2("./98", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./98", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] umount2("./98/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6265] <... sendfile resumed>) = 1048576 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6265] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5068] lstat("./98/binderfs", [pid 6265] <... open resumed>) = -1 EFAULT (Bad address) [pid 5068] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6265] exit_group(0 [pid 5068] unlink("./98/binderfs" [pid 6265] <... exit_group resumed>) = ? [pid 5068] <... unlink resumed>) = 0 [pid 6265] +++ exited with 0 +++ [pid 5068] umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6265, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=29 /* 0.29 s */} --- [pid 5069] umount2("./99", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./99", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./99/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./99/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./99/binderfs") = 0 [pid 5069] umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6272] <... write resumed>) = 2097152 [pid 6272] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6272] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6272] ioctl(4, LOOP_SET_FD, 3 [pid 5064] <... umount2 resumed>) = 0 [pid 5064] umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./97/file0", [pid 6272] <... ioctl resumed>) = 0 [pid 6272] close(3) = 0 [pid 5064] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6272] mkdir("./file0", 0777) = 0 [pid 5064] umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6272] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./97/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5064] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] close(4) = 0 [pid 5064] rmdir("./97/file0") = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] close(3) = 0 [pid 5064] rmdir("./97") = 0 [pid 5064] mkdir("./98", 0777) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5064] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5064] close(3) = 0 [ 269.410189][ T6272] loop2: detected capacity change from 0 to 4096 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6274 ./strace-static-x86_64: Process 6274 attached [pid 6274] chdir("./98") = 0 [pid 6274] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6274] setpgid(0, 0) = 0 [pid 6274] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6274] write(3, "1000", 4) = 4 [pid 6274] close(3) = 0 [pid 6274] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6274] memfd_create("syzkaller", 0) = 3 [pid 6274] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 269.478338][ T6272] NILFS (loop2): invalid segment: Checksum error in segment payload [pid 5068] <... umount2 resumed>) = 0 [pid 5068] umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./98/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./98/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5068] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5068] rmdir("./98/file0") = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] close(3 [pid 6274] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5068] <... close resumed>) = 0 [pid 5068] rmdir("./98") = 0 [pid 5068] mkdir("./99", 0777) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 269.541064][ T6272] NILFS (loop2): trying rollback from an earlier position [pid 5068] close(3 [pid 5069] <... umount2 resumed>) = 0 [pid 5068] <... close resumed>) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5069] umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 6275 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./99/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./99/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 ./strace-static-x86_64: Process 6275 attached [pid 5069] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6275] chdir("./99") = 0 [pid 5069] getdents64(4, [pid 6275] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6275] <... prctl resumed>) = 0 [pid 5069] getdents64(4, [pid 6275] setpgid(0, 0 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6275] <... setpgid resumed>) = 0 [pid 5069] close(4 [pid 6275] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5069] <... close resumed>) = 0 [pid 6275] <... openat resumed>) = 3 [pid 6272] <... mount resumed>) = 0 [pid 5069] rmdir("./99/file0" [pid 6275] write(3, "1000", 4 [pid 6272] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5069] <... rmdir resumed>) = 0 [pid 6275] <... write resumed>) = 4 [pid 6272] <... openat resumed>) = 3 [pid 6275] close(3 [pid 6272] chdir("./file0" [pid 5069] getdents64(3, [pid 6275] <... close resumed>) = 0 [pid 6272] <... chdir resumed>) = 0 [pid 5069] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6275] symlink("/dev/binderfs", "./binderfs" [pid 6272] ioctl(4, LOOP_CLR_FD [pid 5069] close(3 [pid 6275] <... symlink resumed>) = 0 [pid 6272] <... ioctl resumed>) = 0 [pid 5069] <... close resumed>) = 0 [pid 6272] close(4 [pid 6275] memfd_create("syzkaller", 0 [pid 5069] rmdir("./99" [pid 6275] <... memfd_create resumed>) = 3 [pid 6274] <... write resumed>) = 2097152 [pid 6272] <... close resumed>) = 0 [pid 5069] <... rmdir resumed>) = 0 [pid 6275] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6272] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6275] <... mmap resumed>) = 0x7fc0314e0000 [pid 6272] <... open resumed>) = 4 [pid 5069] mkdir("./100", 0777 [pid 6272] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6272] ftruncate(5, 33587195) = 0 [pid 6272] sendfile(4, 5, NULL, 281474978811909 [pid 5069] <... mkdir resumed>) = 0 [ 269.635826][ T6272] NILFS (loop2): recovery complete [ 269.652198][ T6276] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 6274] munmap(0x7fc0314e0000, 2097152 [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5069] close(3 [pid 6275] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6274] <... munmap resumed>) = 0 [pid 6274] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5069] <... close resumed>) = 0 [pid 6274] <... openat resumed>) = 4 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6274] ioctl(4, LOOP_SET_FD, 3 [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 6277 [pid 6274] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 6277 attached [pid 6277] chdir("./100" [pid 6274] close(3 [pid 6277] <... chdir resumed>) = 0 [pid 6274] <... close resumed>) = 0 [pid 6277] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6274] mkdir("./file0", 0777 [pid 6277] <... prctl resumed>) = 0 [pid 6274] <... mkdir resumed>) = 0 [ 269.745875][ T6274] loop0: detected capacity change from 0 to 4096 [pid 6277] setpgid(0, 0 [pid 6275] <... write resumed>) = 2097152 [pid 6274] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6277] <... setpgid resumed>) = 0 [pid 6275] munmap(0x7fc0314e0000, 2097152 [pid 6277] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6275] <... munmap resumed>) = 0 [pid 6277] <... openat resumed>) = 3 [pid 6275] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6277] write(3, "1000", 4 [pid 6275] <... openat resumed>) = 4 [pid 6277] <... write resumed>) = 4 [pid 6275] ioctl(4, LOOP_SET_FD, 3 [pid 6277] close(3 [pid 6275] <... ioctl resumed>) = 0 [pid 6277] <... close resumed>) = 0 [pid 6277] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6277] memfd_create("syzkaller", 0) = 3 [pid 6277] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6275] close(3 [pid 6277] <... mmap resumed>) = 0x7fc0314e0000 [pid 6275] <... close resumed>) = 0 [pid 6275] mkdir("./file0", 0777) = 0 [ 269.835860][ T6274] NILFS (loop0): invalid segment: Checksum error in segment payload [ 269.843945][ T6274] NILFS (loop0): trying rollback from an earlier position [ 269.857032][ T6275] loop4: detected capacity change from 0 to 4096 [ 269.894530][ T6274] NILFS (loop0): recovery complete [pid 6275] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6274] <... mount resumed>) = 0 [pid 6274] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6274] chdir("./file0") = 0 [pid 6274] ioctl(4, LOOP_CLR_FD) = 0 [pid 6277] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6274] close(4) = 0 [pid 6274] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6274] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6274] ftruncate(5, 33587195) = 0 [ 269.934844][ T6278] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 269.995639][ T6275] NILFS (loop4): invalid segment: Checksum error in segment payload [ 270.003735][ T6275] NILFS (loop4): trying rollback from an earlier position [pid 6274] sendfile(4, 5, NULL, 281474978811909 [pid 6277] <... write resumed>) = 2097152 [pid 6277] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6277] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [ 270.072110][ T6275] NILFS (loop4): recovery complete [pid 6277] ioctl(4, LOOP_SET_FD, 3 [pid 6275] <... mount resumed>) = 0 [pid 6275] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6275] chdir("./file0") = 0 [pid 6275] ioctl(4, LOOP_CLR_FD) = 0 [pid 6275] close(4) = 0 [pid 6275] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6275] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6275] ftruncate(5, 33587195) = 0 [pid 6275] sendfile(4, 5, NULL, 281474978811909 [pid 6277] <... ioctl resumed>) = 0 [pid 6277] close(3) = 0 [pid 6277] mkdir("./file0", 0777) = 0 [ 270.097322][ T6279] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 270.108886][ T6277] loop5: detected capacity change from 0 to 4096 [ 270.177560][ T6277] NILFS (loop5): invalid segment: Checksum error in segment payload [ 270.214795][ T6277] NILFS (loop5): trying rollback from an earlier position [ 270.306496][ T6277] NILFS (loop5): recovery complete [pid 6277] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0 [pid 6270] <... sendfile resumed>) = 1048576 [pid 6269] <... sendfile resumed>) = 1048576 [pid 6277] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6270] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6269] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6277] <... openat resumed>) = 3 [pid 6270] <... open resumed>) = -1 EFAULT (Bad address) [pid 6269] <... open resumed>) = -1 EFAULT (Bad address) [pid 6277] chdir("./file0" [pid 6270] exit_group(0 [pid 6269] exit_group(0 [pid 6277] <... chdir resumed>) = 0 [pid 6270] <... exit_group resumed>) = ? [pid 6269] <... exit_group resumed>) = ? [pid 6277] ioctl(4, LOOP_CLR_FD [pid 6270] +++ exited with 0 +++ [pid 6269] +++ exited with 0 +++ [pid 6277] <... ioctl resumed>) = 0 [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6270, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 6277] close(4 [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6269, si_uid=0, si_status=0, si_utime=0, si_stime=28 /* 0.28 s */} --- [pid 6277] <... close resumed>) = 0 [pid 5067] umount2("./99", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6277] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] umount2("./97", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6277] <... open resumed>) = 4 [pid 5067] openat(AT_FDCWD, "./99", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6277] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] <... openat resumed>) = 3 [pid 5065] openat(AT_FDCWD, "./97", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6277] <... open resumed>) = 5 [pid 5067] fstat(3, [pid 5065] <... openat resumed>) = 3 [pid 6277] ftruncate(5, 33587195 [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] fstat(3, [pid 6277] <... ftruncate resumed>) = 0 [pid 5067] getdents64(3, [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 270.334543][ T6280] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6277] sendfile(4, 5, NULL, 281474978811909 [pid 5067] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] getdents64(3, [pid 5067] umount2("./99/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] umount2("./97/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] lstat("./99/binderfs", [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] lstat("./97/binderfs", [pid 5067] unlink("./99/binderfs" [pid 5065] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] <... unlink resumed>) = 0 [pid 5065] unlink("./97/binderfs" [pid 5067] umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... unlink resumed>) = 0 [pid 5065] umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... umount2 resumed>) = 0 [pid 5067] umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] <... umount2 resumed>) = 0 [pid 5067] lstat("./99/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./99/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./99/file0") = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./99") = 0 [pid 5067] mkdir("./100", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6281 ./strace-static-x86_64: Process 6281 attached [pid 6281] chdir("./100") = 0 [pid 6281] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6281] setpgid(0, 0) = 0 [pid 6281] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6281] write(3, "1000", 4) = 4 [pid 6281] close(3) = 0 [pid 6281] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6281] memfd_create("syzkaller", 0 [pid 5065] umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6281] <... memfd_create resumed>) = 3 [pid 6281] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./97/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./97/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [pid 5065] rmdir("./97/file0") = 0 [pid 6281] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5065] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 5065] rmdir("./97") = 0 [pid 5065] mkdir("./98", 0777) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6282 ./strace-static-x86_64: Process 6282 attached [pid 6282] chdir("./98" [pid 6281] <... write resumed>) = 2097152 [pid 6281] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6281] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6281] ioctl(4, LOOP_SET_FD, 3 [pid 6282] <... chdir resumed>) = 0 [pid 6282] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6282] setpgid(0, 0 [pid 6281] <... ioctl resumed>) = 0 [pid 6281] close(3) = 0 [pid 6282] <... setpgid resumed>) = 0 [pid 6282] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6281] mkdir("./file0", 0777 [pid 6282] <... openat resumed>) = 3 [pid 6282] write(3, "1000", 4) = 4 [pid 6282] close(3) = 0 [pid 6282] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6281] <... mkdir resumed>) = 0 [pid 6282] memfd_create("syzkaller", 0 [pid 6281] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6282] <... memfd_create resumed>) = 3 [pid 6282] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6272] <... sendfile resumed>) = 1048576 [pid 6272] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6272] exit_group(0) = ? [pid 6272] +++ exited with 0 +++ [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6272, si_uid=0, si_status=0, si_utime=0, si_stime=32 /* 0.32 s */} --- [pid 5066] umount2("./98", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./98", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 270.878595][ T6281] loop3: detected capacity change from 0 to 4096 [pid 5066] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] umount2("./98/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./98/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] unlink("./98/binderfs") = 0 [ 270.939890][ T6281] NILFS (loop3): invalid segment: Checksum error in segment payload [pid 5066] umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW [ 270.980625][ T6281] NILFS (loop3): trying rollback from an earlier position [pid 6282] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6274] <... sendfile resumed>) = 1048576 [pid 6274] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6274] exit_group(0) = ? [pid 6274] +++ exited with 0 +++ [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6274, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=20 /* 0.20 s */} --- [pid 5064] umount2("./98", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./98", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5064] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6282] <... write resumed>) = 2097152 [pid 5064] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [ 271.049594][ T6281] NILFS (loop3): recovery complete [pid 5064] umount2("./98/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./98/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] unlink("./98/binderfs") = 0 [pid 5064] umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6281] <... mount resumed>) = 0 [pid 6281] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6282] munmap(0x7fc0314e0000, 2097152 [pid 6281] chdir("./file0" [pid 6282] <... munmap resumed>) = 0 [pid 6281] <... chdir resumed>) = 0 [pid 6282] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6281] ioctl(4, LOOP_CLR_FD) = 0 [pid 6281] close(4 [pid 6282] <... openat resumed>) = 4 [pid 6281] <... close resumed>) = 0 [pid 6282] ioctl(4, LOOP_SET_FD, 3 [pid 6281] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5066] <... umount2 resumed>) = 0 [ 271.087798][ T6283] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6282] <... ioctl resumed>) = 0 [pid 6281] <... open resumed>) = 4 [pid 6282] close(3 [pid 6281] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6282] <... close resumed>) = 0 [pid 6281] <... open resumed>) = 5 [pid 6282] mkdir("./file0", 0777 [pid 6281] ftruncate(5, 33587195) = 0 [pid 6281] sendfile(4, 5, NULL, 281474978811909 [pid 6282] <... mkdir resumed>) = 0 [pid 6282] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5066] umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./98/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 271.146883][ T6282] loop1: detected capacity change from 0 to 4096 [pid 5066] umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./98/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6275] <... sendfile resumed>) = 1048576 [pid 5066] getdents64(4, [pid 6275] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6275] exit_group(0) = ? [pid 6275] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6275, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} --- [pid 5068] umount2("./99", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./99", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [ 271.208223][ T6282] NILFS (loop1): invalid segment: Checksum error in segment payload [pid 5066] close(4 [pid 5068] <... openat resumed>) = 3 [pid 5068] fstat(3, [pid 5066] <... close resumed>) = 0 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] rmdir("./98/file0" [pid 5068] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] umount2("./99/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] <... rmdir resumed>) = 0 [pid 5068] lstat("./99/binderfs", [pid 5066] getdents64(3, [pid 5068] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] unlink("./99/binderfs") = 0 [pid 5066] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] close(3) = 0 [pid 5066] rmdir("./98") = 0 [pid 5066] mkdir("./99", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5066] close(3) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6284 [ 271.259427][ T6282] NILFS (loop1): trying rollback from an earlier position ./strace-static-x86_64: Process 6284 attached [pid 6284] chdir("./99") = 0 [pid 6284] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6284] setpgid(0, 0) = 0 [pid 5064] <... umount2 resumed>) = 0 [pid 6284] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5064] umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6284] write(3, "1000", 4 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6284] <... write resumed>) = 4 [pid 6284] close(3) = 0 [pid 5064] lstat("./98/file0", [pid 6284] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5064] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6284] memfd_create("syzkaller", 0) = 3 [pid 5064] umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6284] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6277] <... sendfile resumed>) = 1048576 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 271.364736][ T6282] NILFS (loop1): recovery complete [pid 6277] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5064] openat(AT_FDCWD, "./98/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6277] exit_group(0) = ? [pid 6277] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6277, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5069] umount2("./100", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./100", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./100/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./100/binderfs", [pid 5064] <... openat resumed>) = 4 [pid 6282] <... mount resumed>) = 0 [pid 5069] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6282] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5069] unlink("./100/binderfs" [pid 5064] fstat(4, [pid 6282] <... openat resumed>) = 3 [pid 5069] <... unlink resumed>) = 0 [pid 6282] chdir("./file0" [pid 5069] umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6284] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6282] <... chdir resumed>) = 0 [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6282] ioctl(4, LOOP_CLR_FD [pid 5064] getdents64(4, [pid 6282] <... ioctl resumed>) = 0 [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6282] close(4 [pid 5064] getdents64(4, [pid 6282] <... close resumed>) = 0 [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] close(4) = 0 [pid 5064] rmdir("./98/file0") = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6282] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5064] close(3) = 0 [pid 5064] rmdir("./98" [pid 6282] <... open resumed>) = 4 [pid 5064] <... rmdir resumed>) = 0 [pid 6282] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5064] mkdir("./99", 0777 [pid 6282] <... open resumed>) = 5 [ 271.390927][ T6285] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5064] <... mkdir resumed>) = 0 [pid 6282] ftruncate(5, 33587195 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5064] ioctl(3, LOOP_CLR_FD [pid 6282] <... ftruncate resumed>) = 0 [pid 5064] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6282] sendfile(4, 5, NULL, 281474978811909 [pid 5064] close(3) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6286 ./strace-static-x86_64: Process 6286 attached [pid 6286] chdir("./99") = 0 [pid 6286] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6286] setpgid(0, 0) = 0 [pid 6286] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6286] write(3, "1000", 4) = 4 [pid 6286] close(3) = 0 [pid 6286] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6286] memfd_create("syzkaller", 0) = 3 [pid 6286] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6284] <... write resumed>) = 2097152 [pid 6284] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6284] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6284] ioctl(4, LOOP_SET_FD, 3 [pid 6286] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6284] <... ioctl resumed>) = 0 [pid 5068] <... umount2 resumed>) = 0 [pid 6284] close(3 [pid 5068] umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6284] <... close resumed>) = 0 [pid 6284] mkdir("./file0", 0777 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6284] <... mkdir resumed>) = 0 [pid 5068] lstat("./99/file0", [pid 6284] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 271.551515][ T6284] loop2: detected capacity change from 0 to 4096 [pid 5068] openat(AT_FDCWD, "./99/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5068] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(4, [pid 5069] <... umount2 resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6286] <... write resumed>) = 2097152 [pid 5069] umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] getdents64(4, [pid 6286] munmap(0x7fc0314e0000, 2097152 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6286] <... munmap resumed>) = 0 [pid 5069] lstat("./100/file0", [pid 5068] close(4 [pid 6286] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5069] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] <... close resumed>) = 0 [pid 6286] <... openat resumed>) = 4 [pid 5069] umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6286] ioctl(4, LOOP_SET_FD, 3 [pid 5068] rmdir("./99/file0" [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... rmdir resumed>) = 0 [ 271.623852][ T6284] NILFS (loop2): invalid segment: Checksum error in segment payload [ 271.652022][ T6284] NILFS (loop2): trying rollback from an earlier position [pid 5069] openat(AT_FDCWD, "./100/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] getdents64(3, [pid 6286] <... ioctl resumed>) = 0 [pid 5069] <... openat resumed>) = 4 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6286] close(3 [pid 5069] fstat(4, [pid 5068] close(3 [pid 6286] <... close resumed>) = 0 [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] <... close resumed>) = 0 [pid 6286] mkdir("./file0", 0777 [pid 6284] <... mount resumed>) = 0 [pid 6284] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6284] chdir("./file0") = 0 [pid 5069] getdents64(4, [pid 5068] rmdir("./99" [pid 6286] <... mkdir resumed>) = 0 [pid 6284] ioctl(4, LOOP_CLR_FD) = 0 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] <... rmdir resumed>) = 0 [pid 6284] close(4 [pid 6286] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6284] <... close resumed>) = 0 [pid 5069] getdents64(4, [pid 5068] mkdir("./100", 0777 [pid 6284] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] <... mkdir resumed>) = 0 [pid 5069] close(4 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5069] <... close resumed>) = 0 [pid 5068] <... openat resumed>) = 3 [pid 5069] rmdir("./100/file0" [pid 5068] ioctl(3, LOOP_CLR_FD [pid 6284] <... open resumed>) = 4 [pid 5069] <... rmdir resumed>) = 0 [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6284] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] getdents64(3, [pid 5068] close(3 [pid 6284] <... open resumed>) = 5 [pid 5069] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] <... close resumed>) = 0 [pid 6284] ftruncate(5, 33587195 [pid 5069] close(3 [ 271.672383][ T6284] NILFS (loop2): recovery complete [ 271.679235][ T6286] loop0: detected capacity change from 0 to 4096 [ 271.701001][ T6287] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6284] <... ftruncate resumed>) = 0 [pid 5069] <... close resumed>) = 0 [pid 6284] sendfile(4, 5, NULL, 281474978811909 [pid 5069] rmdir("./100" [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 6288 [pid 5069] <... rmdir resumed>) = 0 [pid 5069] mkdir("./101", 0777) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5069] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6289 ./strace-static-x86_64: Process 6288 attached [pid 6288] chdir("./100") = 0 [pid 6288] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6288] setpgid(0, 0) = 0 [pid 6288] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6288] write(3, "1000", 4) = 4 [pid 6288] close(3) = 0 [pid 6288] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6288] memfd_create("syzkaller", 0) = 3 ./strace-static-x86_64: Process 6289 attached [pid 6288] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 271.769507][ T6286] NILFS (loop0): invalid segment: Checksum error in segment payload [ 271.809418][ T6286] NILFS (loop0): trying rollback from an earlier position [pid 6289] chdir("./101") = 0 [pid 6289] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6289] setpgid(0, 0) = 0 [pid 6289] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6289] write(3, "1000", 4) = 4 [pid 6289] close(3) = 0 [ 271.824092][ T6286] NILFS (loop0): recovery complete [pid 6288] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6289] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6289] memfd_create("syzkaller", 0) = 3 [pid 6289] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6286] <... mount resumed>) = 0 [pid 6286] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6286] chdir("./file0") = 0 [pid 6286] ioctl(4, LOOP_CLR_FD) = 0 [pid 6286] close(4) = 0 [pid 6286] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6289] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6286] <... open resumed>) = 4 [pid 6286] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6286] ftruncate(5, 33587195) = 0 [ 271.896890][ T6290] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6286] sendfile(4, 5, NULL, 281474978811909 [pid 6288] <... write resumed>) = 2097152 [pid 6288] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6288] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6289] <... write resumed>) = 2097152 [pid 6288] <... openat resumed>) = 4 [pid 6289] munmap(0x7fc0314e0000, 2097152 [pid 6288] ioctl(4, LOOP_SET_FD, 3 [pid 6289] <... munmap resumed>) = 0 [pid 6289] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 6289] ioctl(4, LOOP_SET_FD, 3 [pid 6288] <... ioctl resumed>) = 0 [pid 6288] close(3) = 0 [pid 6288] mkdir("./file0", 0777) = 0 [pid 6288] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6289] <... ioctl resumed>) = 0 [pid 6289] close(3) = 0 [pid 6289] mkdir("./file0", 0777) = 0 [ 272.031684][ T6288] loop4: detected capacity change from 0 to 4096 [ 272.049582][ T6289] loop5: detected capacity change from 0 to 4096 [ 272.110966][ T6288] NILFS (loop4): invalid segment: Checksum error in segment payload [ 272.121298][ T6288] NILFS (loop4): trying rollback from an earlier position [ 272.152053][ T6289] NILFS (loop5): invalid segment: Checksum error in segment payload [ 272.164520][ T6289] NILFS (loop5): trying rollback from an earlier position [ 272.195879][ T6288] NILFS (loop4): recovery complete [pid 6289] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6288] <... mount resumed>) = 0 [pid 6288] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6288] chdir("./file0" [pid 6281] <... sendfile resumed>) = 1048576 [pid 6288] <... chdir resumed>) = 0 [pid 6281] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6288] ioctl(4, LOOP_CLR_FD [pid 6281] <... open resumed>) = -1 EFAULT (Bad address) [pid 6288] <... ioctl resumed>) = 0 [pid 6281] exit_group(0 [pid 6288] close(4 [pid 6281] <... exit_group resumed>) = ? [pid 6288] <... close resumed>) = 0 [pid 6281] +++ exited with 0 +++ [pid 6288] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6281, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} --- [pid 6288] <... open resumed>) = 4 [pid 6288] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5067] umount2("./100", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6288] ftruncate(5, 33587195 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6288] <... ftruncate resumed>) = 0 [pid 5067] openat(AT_FDCWD, "./100", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6288] sendfile(4, 5, NULL, 281474978811909 [pid 5067] <... openat resumed>) = 3 [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./100/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 272.219038][ T6291] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 272.248824][ T6289] NILFS (loop5): recovery complete [pid 5067] lstat("./100/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./100/binderfs" [pid 6289] <... mount resumed>) = 0 [pid 5067] <... unlink resumed>) = 0 [pid 6289] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5067] umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6289] <... openat resumed>) = 3 [pid 6289] chdir("./file0") = 0 [pid 6289] ioctl(4, LOOP_CLR_FD) = 0 [pid 6289] close(4) = 0 [pid 6289] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6289] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6289] ftruncate(5, 33587195) = 0 [ 272.311794][ T6292] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6289] sendfile(4, 5, NULL, 281474978811909 [pid 6282] <... sendfile resumed>) = 1048576 [pid 6282] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6282] exit_group(0) = ? [pid 6282] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6282, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5065] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5065] umount2("./98", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./98", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./98/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./98/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] unlink("./98/binderfs") = 0 [pid 5065] umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... umount2 resumed>) = 0 [pid 5067] umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./100/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./100/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./100/file0") = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./100") = 0 [pid 5067] mkdir("./101", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD [pid 6284] <... sendfile resumed>) = 1048576 [pid 5067] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5067] close(3 [pid 6284] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5067] <... close resumed>) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6284] <... open resumed>) = -1 EFAULT (Bad address) [pid 6284] exit_group(0 [pid 5067] <... clone resumed>, child_tidptr=0x555556c965d0) = 6293 [pid 6284] <... exit_group resumed>) = ? [pid 6284] +++ exited with 0 +++ [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6284, si_uid=0, si_status=0, si_utime=0, si_stime=24 /* 0.24 s */} --- [pid 5066] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5066] umount2("./99", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./99", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5066] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] umount2("./99/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6293 attached ) = -1 EINVAL (Invalid argument) [pid 6293] chdir("./101" [pid 5066] lstat("./99/binderfs", [pid 6293] <... chdir resumed>) = 0 [pid 5066] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6293] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5066] unlink("./99/binderfs" [pid 6293] <... prctl resumed>) = 0 [pid 5066] <... unlink resumed>) = 0 [pid 6293] setpgid(0, 0 [pid 5066] umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6293] <... setpgid resumed>) = 0 [pid 6293] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6293] write(3, "1000", 4) = 4 [pid 6293] close(3) = 0 [pid 6293] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6293] memfd_create("syzkaller", 0) = 3 [pid 6293] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5065] <... umount2 resumed>) = 0 [pid 6293] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5065] umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./98/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./98/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [pid 5065] rmdir("./98/file0") = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 5065] rmdir("./98") = 0 [pid 5065] mkdir("./99", 0777) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 6293] <... write resumed>) = 2097152 [pid 5065] close(3 [pid 6293] munmap(0x7fc0314e0000, 2097152 [pid 5065] <... close resumed>) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6293] <... munmap resumed>) = 0 [pid 6293] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5065] <... clone resumed>, child_tidptr=0x555556c965d0) = 6294 [pid 6293] ioctl(4, LOOP_SET_FD, 3 [pid 5066] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 6294 attached [pid 6294] chdir("./99" [pid 6293] <... ioctl resumed>) = 0 [pid 5066] umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6294] <... chdir resumed>) = 0 [pid 6293] close(3 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6294] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5066] lstat("./99/file0", [pid 6294] <... prctl resumed>) = 0 [pid 6294] setpgid(0, 0 [pid 6293] <... close resumed>) = 0 [pid 6286] <... sendfile resumed>) = 1048576 [pid 5066] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6294] <... setpgid resumed>) = 0 [pid 6293] mkdir("./file0", 0777 [pid 6286] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5066] umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6294] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6293] <... mkdir resumed>) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6294] <... openat resumed>) = 3 [pid 6293] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6286] <... open resumed>) = -1 EFAULT (Bad address) [pid 5066] openat(AT_FDCWD, "./99/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6294] write(3, "1000", 4 [pid 5066] <... openat resumed>) = 4 [pid 6294] <... write resumed>) = 4 [pid 5066] fstat(4, [pid 6294] close(3 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6294] <... close resumed>) = 0 [pid 6286] exit_group(0 [pid 5066] getdents64(4, [pid 6294] symlink("/dev/binderfs", "./binderfs" [pid 6286] <... exit_group resumed>) = ? [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6294] <... symlink resumed>) = 0 [pid 5066] getdents64(4, [pid 6294] memfd_create("syzkaller", 0 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6294] <... memfd_create resumed>) = 3 [pid 6286] +++ exited with 0 +++ [pid 5066] close(4 [pid 6294] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [ 272.961104][ T6293] loop3: detected capacity change from 0 to 4096 [pid 5066] <... close resumed>) = 0 [pid 6294] <... mmap resumed>) = 0x7fc0314e0000 [pid 5066] rmdir("./99/file0" [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6286, si_uid=0, si_status=0, si_utime=0, si_stime=28 /* 0.28 s */} --- [pid 5066] <... rmdir resumed>) = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./99" [pid 6294] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5066] <... rmdir resumed>) = 0 [pid 5064] umount2("./99", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] mkdir("./100", 0777) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5064] openat(AT_FDCWD, "./99", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5064] <... openat resumed>) = 3 [pid 5066] close(3 [pid 5064] fstat(3, [pid 5066] <... close resumed>) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 273.020809][ T6293] NILFS (loop3): invalid segment: Checksum error in segment payload [ 273.030524][ T6293] NILFS (loop3): trying rollback from an earlier position [pid 5064] getdents64(3, ./strace-static-x86_64: Process 6295 attached [pid 5066] <... clone resumed>, child_tidptr=0x555556c965d0) = 6295 [pid 6295] chdir("./100" [pid 5064] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6295] <... chdir resumed>) = 0 [pid 5064] umount2("./99/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6295] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6295] <... prctl resumed>) = 0 [pid 5064] lstat("./99/binderfs", [pid 6295] setpgid(0, 0) = 0 [pid 5064] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6295] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5064] unlink("./99/binderfs" [pid 6295] <... openat resumed>) = 3 [pid 6295] write(3, "1000", 4 [pid 5064] <... unlink resumed>) = 0 [pid 6295] <... write resumed>) = 4 [pid 5064] umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6295] close(3 [pid 6293] <... mount resumed>) = 0 [ 273.094966][ T6293] NILFS (loop3): recovery complete [pid 6295] <... close resumed>) = 0 [pid 6293] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6295] symlink("/dev/binderfs", "./binderfs" [pid 6293] <... openat resumed>) = 3 [pid 6295] <... symlink resumed>) = 0 [pid 6293] chdir("./file0" [pid 6295] memfd_create("syzkaller", 0 [pid 6293] <... chdir resumed>) = 0 [pid 6293] ioctl(4, LOOP_CLR_FD [pid 6295] <... memfd_create resumed>) = 3 [pid 6295] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6293] <... ioctl resumed>) = 0 [pid 6293] close(4 [pid 6295] <... mmap resumed>) = 0x7fc0314e0000 [pid 6293] <... close resumed>) = 0 [pid 6295] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6293] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6293] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6293] ftruncate(5, 33587195) = 0 [ 273.122940][ T6296] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6293] sendfile(4, 5, NULL, 281474978811909 [pid 6294] <... write resumed>) = 2097152 [pid 6294] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6294] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6294] ioctl(4, LOOP_SET_FD, 3 [pid 6295] <... write resumed>) = 2097152 [pid 6294] <... ioctl resumed>) = 0 [pid 5064] <... umount2 resumed>) = 0 [pid 6295] munmap(0x7fc0314e0000, 2097152 [pid 6294] close(3 [pid 6295] <... munmap resumed>) = 0 [pid 6294] <... close resumed>) = 0 [pid 5064] umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6295] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6294] mkdir("./file0", 0777 [pid 6295] <... openat resumed>) = 4 [pid 6294] <... mkdir resumed>) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6295] ioctl(4, LOOP_SET_FD, 3 [ 273.269850][ T6294] loop1: detected capacity change from 0 to 4096 [pid 6294] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5064] lstat("./99/file0", [pid 6288] <... sendfile resumed>) = 1048576 [pid 5064] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6295] <... ioctl resumed>) = 0 [pid 6288] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5064] umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6295] close(3 [pid 6288] <... open resumed>) = -1 EFAULT (Bad address) [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6295] <... close resumed>) = 0 [pid 6288] exit_group(0 [pid 5064] openat(AT_FDCWD, "./99/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6295] mkdir("./file0", 0777 [pid 6288] <... exit_group resumed>) = ? [pid 5064] <... openat resumed>) = 4 [pid 6295] <... mkdir resumed>) = 0 [pid 6288] +++ exited with 0 +++ [pid 5064] fstat(4, [pid 6295] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6288, si_uid=0, si_status=0, si_utime=0, si_stime=31 /* 0.31 s */} --- [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] umount2("./100", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] getdents64(4, [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] openat(AT_FDCWD, "./100", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] close(4 [pid 5068] <... openat resumed>) = 3 [pid 5064] <... close resumed>) = 0 [pid 5068] fstat(3, [pid 5064] rmdir("./99/file0" [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] <... rmdir resumed>) = 0 [pid 5068] getdents64(3, [pid 5064] getdents64(3, [pid 5068] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] umount2("./100/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] close(3 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... close resumed>) = 0 [pid 5068] lstat("./100/binderfs", [pid 5064] rmdir("./99" [pid 5068] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] <... rmdir resumed>) = 0 [ 273.320109][ T6295] loop2: detected capacity change from 0 to 4096 [ 273.334826][ T6294] NILFS (loop1): invalid segment: Checksum error in segment payload [pid 5068] unlink("./100/binderfs" [pid 5064] mkdir("./100", 0777 [pid 6289] <... sendfile resumed>) = 1048576 [pid 5068] <... unlink resumed>) = 0 [pid 5064] <... mkdir resumed>) = 0 [pid 5068] umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5064] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5064] close(3 [pid 6289] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5064] <... close resumed>) = 0 [pid 6289] <... open resumed>) = -1 EFAULT (Bad address) [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6297 [pid 6289] exit_group(0) = ? ./strace-static-x86_64: Process 6297 attached [pid 6297] chdir("./100" [pid 6289] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6289, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 6297] <... chdir resumed>) = 0 [pid 6297] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6297] setpgid(0, 0) = 0 [pid 6297] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5069] umount2("./101", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6297] <... openat resumed>) = 3 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6297] write(3, "1000", 4 [pid 5069] openat(AT_FDCWD, "./101", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6297] <... write resumed>) = 4 [pid 6297] close(3 [pid 5069] <... openat resumed>) = 3 [pid 6297] <... close resumed>) = 0 [pid 5069] fstat(3, [pid 6297] symlink("/dev/binderfs", "./binderfs" [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6297] <... symlink resumed>) = 0 [pid 5069] getdents64(3, [pid 6297] memfd_create("syzkaller", 0 [pid 5069] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6297] <... memfd_create resumed>) = 3 [pid 5069] umount2("./101/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6297] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6297] <... mmap resumed>) = 0x7fc0314e0000 [pid 5069] lstat("./101/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./101/binderfs") = 0 [ 273.373258][ T6295] NILFS (loop2): invalid segment: Checksum error in segment payload [ 273.378780][ T6294] NILFS (loop1): trying rollback from an earlier position [ 273.400370][ T6295] NILFS (loop2): trying rollback from an earlier position [ 273.416580][ T6294] NILFS (loop1): recovery complete [pid 5069] umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6294] <... mount resumed>) = 0 [pid 6294] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6294] chdir("./file0") = 0 [pid 6294] ioctl(4, LOOP_CLR_FD) = 0 [pid 6294] close(4) = 0 [pid 6294] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6294] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6294] ftruncate(5, 33587195) = 0 [pid 6297] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [ 273.473673][ T6295] NILFS (loop2): recovery complete [ 273.479967][ T6298] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6294] sendfile(4, 5, NULL, 281474978811909 [pid 6295] <... mount resumed>) = 0 [pid 6295] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6295] chdir("./file0") = 0 [pid 6295] ioctl(4, LOOP_CLR_FD) = 0 [pid 6295] close(4) = 0 [pid 6295] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6295] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6295] ftruncate(5, 33587195) = 0 [pid 6295] sendfile(4, 5, NULL, 281474978811909 [pid 5068] <... umount2 resumed>) = 0 [ 273.531077][ T6299] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6297] <... write resumed>) = 2097152 [pid 5069] <... umount2 resumed>) = 0 [pid 5068] umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./100/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./100/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5068] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5068] rmdir("./100/file0") = 0 [pid 5068] getdents64(3, [pid 6297] munmap(0x7fc0314e0000, 2097152 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6297] <... munmap resumed>) = 0 [pid 5068] close(3) = 0 [pid 5068] rmdir("./100") = 0 [pid 6297] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5068] mkdir("./101", 0777 [pid 6297] <... openat resumed>) = 4 [pid 5068] <... mkdir resumed>) = 0 [pid 6297] ioctl(4, LOOP_SET_FD, 3 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5069] umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... openat resumed>) = 3 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5069] lstat("./101/file0", [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5068] close(3) = 0 [pid 5069] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5069] umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 6300 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 6300 attached [pid 5069] openat(AT_FDCWD, "./101/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6300] chdir("./101" [pid 5069] <... openat resumed>) = 4 [pid 6300] <... chdir resumed>) = 0 [pid 5069] fstat(4, [pid 6300] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6300] <... prctl resumed>) = 0 [pid 5069] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, [pid 6297] <... ioctl resumed>) = 0 [pid 6297] close(3) = 0 [pid 6300] setpgid(0, 0 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6300] <... setpgid resumed>) = 0 [pid 6297] mkdir("./file0", 0777 [pid 5069] close(4 [pid 6300] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6297] <... mkdir resumed>) = 0 [pid 5069] <... close resumed>) = 0 [pid 6300] <... openat resumed>) = 3 [pid 6297] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5069] rmdir("./101/file0" [ 273.643610][ T6297] loop0: detected capacity change from 0 to 4096 [pid 6300] write(3, "1000", 4) = 4 [pid 5069] <... rmdir resumed>) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6300] close(3 [pid 5069] close(3 [pid 6300] <... close resumed>) = 0 [pid 5069] <... close resumed>) = 0 [pid 6300] symlink("/dev/binderfs", "./binderfs" [pid 5069] rmdir("./101") = 0 [pid 6300] <... symlink resumed>) = 0 [pid 5069] mkdir("./102", 0777) = 0 [pid 6300] memfd_create("syzkaller", 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 6300] <... memfd_create resumed>) = 3 [pid 5069] <... openat resumed>) = 3 [pid 6300] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5069] ioctl(3, LOOP_CLR_FD [pid 6300] <... mmap resumed>) = 0x7fc0314e0000 [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5069] close(3 [pid 6300] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5069] <... close resumed>) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6301 attached [pid 6301] chdir("./102") = 0 [pid 6301] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6301] setpgid(0, 0) = 0 [pid 6301] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6301] write(3, "1000", 4) = 4 [pid 6301] close(3) = 0 [pid 6301] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6301] memfd_create("syzkaller", 0) = 3 [pid 6301] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 6301 [ 273.749669][ T6297] NILFS (loop0): invalid segment: Checksum error in segment payload [ 273.777007][ T6297] NILFS (loop0): trying rollback from an earlier position [pid 6301] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152 [pid 6301] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6301] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 6301] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6301] close(3) = 0 [pid 6301] mkdir("./file0", 0777 [pid 6300] <... write resumed>) = 2097152 [pid 6300] munmap(0x7fc0314e0000, 2097152 [pid 6297] <... mount resumed>) = 0 [pid 6297] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6300] <... munmap resumed>) = 0 [pid 6297] <... openat resumed>) = 3 [pid 6300] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6297] chdir("./file0") = 0 [pid 6300] ioctl(4, LOOP_SET_FD, 3 [pid 6297] ioctl(4, LOOP_CLR_FD [pid 6301] <... mkdir resumed>) = 0 [ 273.904604][ T6297] NILFS (loop0): recovery complete [ 273.906383][ T6301] loop5: detected capacity change from 0 to 4096 [ 273.926332][ T6302] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6301] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6300] <... ioctl resumed>) = 0 [pid 6297] <... ioctl resumed>) = 0 [pid 6300] close(3 [pid 6297] close(4) = 0 [pid 6300] <... close resumed>) = 0 [pid 6297] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6300] mkdir("./file0", 0777) = 0 [pid 6297] <... open resumed>) = 4 [pid 6300] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [ 273.952781][ T6300] loop4: detected capacity change from 0 to 4096 [pid 6297] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6297] ftruncate(5, 33587195) = 0 [ 273.992941][ T6301] NILFS (loop5): invalid segment: Checksum error in segment payload [ 274.009717][ T6300] NILFS (loop4): invalid segment: Checksum error in segment payload [ 274.019361][ T6300] NILFS (loop4): trying rollback from an earlier position [ 274.056090][ T6301] NILFS (loop5): trying rollback from an earlier position [pid 6297] sendfile(4, 5, NULL, 281474978811909 [pid 6301] <... mount resumed>) = 0 [pid 6301] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6301] chdir("./file0") = 0 [pid 6301] ioctl(4, LOOP_CLR_FD) = 0 [pid 6301] close(4) = 0 [pid 6301] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6301] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6301] ftruncate(5, 33587195) = 0 [ 274.117556][ T6301] NILFS (loop5): recovery complete [ 274.136682][ T6303] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 274.155007][ T6300] NILFS (loop4): recovery complete [pid 6301] sendfile(4, 5, NULL, 281474978811909 [pid 6300] <... mount resumed>) = 0 [pid 6300] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6300] chdir("./file0") = 0 [pid 6300] ioctl(4, LOOP_CLR_FD) = 0 [pid 6300] close(4) = 0 [pid 6300] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6300] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6300] ftruncate(5, 33587195) = 0 [pid 6300] sendfile(4, 5, NULL, 281474978811909 [pid 6293] <... sendfile resumed>) = 1048576 [pid 6293] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [ 274.223370][ T6304] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6293] exit_group(0) = ? [pid 6293] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6293, si_uid=0, si_status=0, si_utime=0, si_stime=31 /* 0.31 s */} --- [pid 5067] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5067] umount2("./101", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./101", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./101/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./101/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./101/binderfs") = 0 [pid 5067] umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5067] umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./101/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./101/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./101/file0") = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./101") = 0 [pid 5067] mkdir("./102", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6305 ./strace-static-x86_64: Process 6305 attached [pid 6305] chdir("./102") = 0 [pid 6305] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6305] setpgid(0, 0) = 0 [pid 6305] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6305] write(3, "1000", 4) = 4 [pid 6294] <... sendfile resumed>) = 1048576 [pid 6305] close(3 [pid 6294] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6305] <... close resumed>) = 0 [pid 6294] <... open resumed>) = -1 EFAULT (Bad address) [pid 6305] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6294] exit_group(0 [pid 6305] memfd_create("syzkaller", 0 [pid 6294] <... exit_group resumed>) = ? [pid 6305] <... memfd_create resumed>) = 3 [pid 6294] +++ exited with 0 +++ [pid 6305] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6294, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 6305] <... mmap resumed>) = 0x7fc0314e0000 [pid 5065] umount2("./99", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./99", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./99/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./99/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] unlink("./99/binderfs") = 0 [pid 5065] umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6295] <... sendfile resumed>) = 1048576 [pid 6295] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6295] exit_group(0) = ? [pid 6295] +++ exited with 0 +++ [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6295, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5066] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5066] umount2("./100", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./100", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5066] fstat(3, [pid 6305] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] umount2("./100/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./100/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] unlink("./100/binderfs") = 0 [pid 5066] umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6305] <... write resumed>) = 2097152 [pid 6305] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6305] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6305] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5065] <... umount2 resumed>) = 0 [pid 6305] close(3) = 0 [pid 6305] mkdir("./file0", 0777) = 0 [pid 6305] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5065] umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./99/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./99/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [ 274.911623][ T6305] loop3: detected capacity change from 0 to 4096 [pid 5065] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [pid 5065] rmdir("./99/file0") = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 5065] rmdir("./99") = 0 [pid 5065] mkdir("./100", 0777) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5065] close(3 [pid 5066] <... umount2 resumed>) = 0 [pid 5065] <... close resumed>) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5066] umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... clone resumed>, child_tidptr=0x555556c965d0) = 6306 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./100/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 274.981667][ T6305] NILFS (loop3): invalid segment: Checksum error in segment payload [pid 5066] umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6306 attached [pid 6297] <... sendfile resumed>) = 1048576 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6306] chdir("./100" [pid 6297] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5066] openat(AT_FDCWD, "./100/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6306] <... chdir resumed>) = 0 [pid 6297] <... open resumed>) = -1 EFAULT (Bad address) [pid 5066] <... openat resumed>) = 4 [pid 6306] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6297] exit_group(0 [pid 5066] fstat(4, [pid 6306] <... prctl resumed>) = 0 [pid 6297] <... exit_group resumed>) = ? [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6306] setpgid(0, 0 [pid 6297] +++ exited with 0 +++ [pid 6306] <... setpgid resumed>) = 0 [pid 5066] getdents64(4, [pid 6306] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6297, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 6306] <... openat resumed>) = 3 [pid 5066] getdents64(4, [pid 5064] restart_syscall(<... resuming interrupted clone ...> [pid 6306] write(3, "1000", 4 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] <... restart_syscall resumed>) = 0 [pid 6306] <... write resumed>) = 4 [pid 5066] close(4 [pid 6306] close(3 [pid 5066] <... close resumed>) = 0 [pid 6306] <... close resumed>) = 0 [pid 5066] rmdir("./100/file0" [pid 5064] umount2("./100", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6306] symlink("/dev/binderfs", "./binderfs" [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6306] <... symlink resumed>) = 0 [pid 5066] <... rmdir resumed>) = 0 [pid 5064] openat(AT_FDCWD, "./100", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6306] memfd_create("syzkaller", 0 [pid 5066] getdents64(3, [pid 5064] <... openat resumed>) = 3 [pid 6306] <... memfd_create resumed>) = 3 [ 275.048108][ T6305] NILFS (loop3): trying rollback from an earlier position [pid 5066] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] fstat(3, [pid 6306] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5066] close(3 [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6306] <... mmap resumed>) = 0x7fc0314e0000 [pid 5066] <... close resumed>) = 0 [pid 5064] getdents64(3, [pid 5066] rmdir("./100") = 0 [pid 5064] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] mkdir("./101", 0777) = 0 [pid 5064] umount2("./100/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5066] close(3) = 0 [pid 5064] lstat("./100/binderfs", [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6308 [pid 5064] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [ 275.109554][ T6305] NILFS (loop3): recovery complete [pid 5064] unlink("./100/binderfs"./strace-static-x86_64: Process 6308 attached [pid 6306] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5064] <... unlink resumed>) = 0 [pid 6305] <... mount resumed>) = 0 [pid 6305] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5064] umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6305] <... openat resumed>) = 3 [pid 6305] chdir("./file0") = 0 [pid 6305] ioctl(4, LOOP_CLR_FD) = 0 [pid 6305] close(4) = 0 [pid 6305] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6305] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6305] ftruncate(5, 33587195) = 0 [pid 6305] sendfile(4, 5, NULL, 281474978811909 [pid 6308] chdir("./101") = 0 [pid 6308] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6308] setpgid(0, 0) = 0 [pid 6308] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 275.146658][ T6307] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6308] write(3, "1000", 4) = 4 [pid 6308] close(3) = 0 [pid 6308] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6306] <... write resumed>) = 2097152 [pid 6306] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6306] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6306] ioctl(4, LOOP_SET_FD, 3 [pid 6308] memfd_create("syzkaller", 0) = 3 [pid 6308] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6300] <... sendfile resumed>) = 1048576 [pid 6300] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6300] exit_group(0) = ? [pid 6300] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6300, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 6308] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6306] <... ioctl resumed>) = 0 [pid 6301] <... sendfile resumed>) = 1048576 [pid 6306] close(3 [pid 6301] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6306] <... close resumed>) = 0 [pid 6301] <... open resumed>) = -1 EFAULT (Bad address) [pid 6306] mkdir("./file0", 0777 [pid 6301] exit_group(0 [pid 5068] umount2("./101", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6306] <... mkdir resumed>) = 0 [pid 6301] <... exit_group resumed>) = ? [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6306] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] openat(AT_FDCWD, "./101", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6301] +++ exited with 0 +++ [pid 5068] <... openat resumed>) = 3 [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6301, si_uid=0, si_status=0, si_utime=0, si_stime=20 /* 0.20 s */} --- [pid 5068] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] umount2("./101/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] umount2("./102", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 275.261637][ T6306] loop1: detected capacity change from 0 to 4096 [pid 5068] lstat("./101/binderfs", [pid 5069] openat(AT_FDCWD, "./102", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] <... openat resumed>) = 3 [pid 5068] unlink("./101/binderfs" [pid 5069] fstat(3, [pid 5068] <... unlink resumed>) = 0 [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./102/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6308] <... write resumed>) = 2097152 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... umount2 resumed>) = 0 [pid 5069] lstat("./102/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./102/binderfs") = 0 [pid 5069] umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./100/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6308] munmap(0x7fc0314e0000, 2097152 [pid 5064] openat(AT_FDCWD, "./100/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6308] <... munmap resumed>) = 0 [pid 5064] fstat(4, [pid 6308] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6308] <... openat resumed>) = 4 [pid 5064] getdents64(4, [pid 6308] ioctl(4, LOOP_SET_FD, 3 [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [ 275.350546][ T6306] NILFS (loop1): invalid segment: Checksum error in segment payload [pid 5064] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] close(4) = 0 [pid 5064] rmdir("./100/file0") = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] close(3) = 0 [pid 6308] <... ioctl resumed>) = 0 [pid 5064] rmdir("./100" [pid 6308] close(3 [pid 5064] <... rmdir resumed>) = 0 [pid 6308] <... close resumed>) = 0 [pid 5064] mkdir("./101", 0777) = 0 [pid 6308] mkdir("./file0", 0777 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5064] ioctl(3, LOOP_CLR_FD [pid 6308] <... mkdir resumed>) = 0 [pid 5064] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5064] close(3) = 0 [pid 6308] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [ 275.405294][ T6308] loop2: detected capacity change from 0 to 4096 [ 275.407576][ T6306] NILFS (loop1): trying rollback from an earlier position [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6309 ./strace-static-x86_64: Process 6309 attached [pid 6309] chdir("./101") = 0 [pid 6309] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6309] setpgid(0, 0) = 0 [pid 6309] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6309] write(3, "1000", 4) = 4 [pid 6309] close(3) = 0 [pid 6309] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6309] memfd_create("syzkaller", 0) = 3 [pid 6309] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 275.470519][ T6308] NILFS (loop2): invalid segment: Checksum error in segment payload [ 275.501798][ T6308] NILFS (loop2): trying rollback from an earlier position [pid 5069] <... umount2 resumed>) = 0 [pid 5069] umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 275.537281][ T6306] NILFS (loop1): recovery complete [pid 6309] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5069] lstat("./102/file0", [pid 5068] <... umount2 resumed>) = 0 [pid 6306] <... mount resumed>) = 0 [pid 5069] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6306] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5069] umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6306] <... openat resumed>) = 3 [pid 6306] chdir("./file0" [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6306] <... chdir resumed>) = 0 [pid 5069] openat(AT_FDCWD, "./102/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6306] ioctl(4, LOOP_CLR_FD [pid 5069] <... openat resumed>) = 4 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6306] <... ioctl resumed>) = 0 [pid 5069] fstat(4, [pid 5068] lstat("./101/file0", [pid 6306] close(4 [pid 5068] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6306] <... close resumed>) = 0 [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6306] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] getdents64(4, [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./101/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6306] <... open resumed>) = 4 [pid 5069] getdents64(4, [pid 5068] <... openat resumed>) = 4 [pid 6306] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] fstat(4, [pid 6306] <... open resumed>) = 5 [pid 5069] close(4 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6306] ftruncate(5, 33587195 [pid 5069] <... close resumed>) = 0 [pid 5068] getdents64(4, [pid 6306] <... ftruncate resumed>) = 0 [pid 5069] rmdir("./102/file0" [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [ 275.575983][ T6310] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 275.604474][ T6308] NILFS (loop2): recovery complete [pid 6306] sendfile(4, 5, NULL, 281474978811909 [pid 5069] <... rmdir resumed>) = 0 [pid 5068] getdents64(4, [pid 6309] <... write resumed>) = 2097152 [pid 6308] <... mount resumed>) = 0 [pid 5069] getdents64(3, [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6308] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5069] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] close(4 [pid 6308] <... openat resumed>) = 3 [pid 5069] close(3 [pid 5068] <... close resumed>) = 0 [pid 6308] chdir("./file0" [pid 5069] <... close resumed>) = 0 [pid 5068] rmdir("./101/file0" [pid 6308] <... chdir resumed>) = 0 [pid 5069] rmdir("./102" [pid 5068] <... rmdir resumed>) = 0 [pid 6308] ioctl(4, LOOP_CLR_FD [pid 5069] <... rmdir resumed>) = 0 [pid 5068] getdents64(3, [pid 6308] <... ioctl resumed>) = 0 [pid 5069] mkdir("./103", 0777 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6308] close(4 [pid 5068] close(3 [pid 6309] munmap(0x7fc0314e0000, 2097152 [pid 6308] <... close resumed>) = 0 [pid 5069] <... mkdir resumed>) = 0 [pid 5068] <... close resumed>) = 0 [pid 6308] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5068] rmdir("./101" [pid 5069] <... openat resumed>) = 3 [pid 5068] <... rmdir resumed>) = 0 [pid 6309] <... munmap resumed>) = 0 [pid 6308] <... open resumed>) = 4 [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5068] mkdir("./102", 0777 [pid 6308] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5068] <... mkdir resumed>) = 0 [pid 6309] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6308] <... open resumed>) = 5 [pid 5069] close(3 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6309] <... openat resumed>) = 4 [pid 6308] ftruncate(5, 33587195 [pid 5069] <... close resumed>) = 0 [pid 5068] <... openat resumed>) = 3 [pid 6309] ioctl(4, LOOP_SET_FD, 3 [pid 6308] <... ftruncate resumed>) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5068] close(3) = 0 [ 275.633887][ T6311] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6309] <... ioctl resumed>) = 0 [pid 6308] sendfile(4, 5, NULL, 281474978811909 [pid 6309] close(3 [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 6312 [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 6313 ./strace-static-x86_64: Process 6312 attached [pid 6309] <... close resumed>) = 0 ./strace-static-x86_64: Process 6313 attached [pid 6309] mkdir("./file0", 0777 [pid 6313] chdir("./102") = 0 [pid 6309] <... mkdir resumed>) = 0 [pid 6313] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6312] chdir("./103" [pid 6309] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6313] <... prctl resumed>) = 0 [pid 6312] <... chdir resumed>) = 0 [pid 6313] setpgid(0, 0 [pid 6312] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6313] <... setpgid resumed>) = 0 [pid 6312] <... prctl resumed>) = 0 [pid 6313] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6312] setpgid(0, 0 [pid 6313] <... openat resumed>) = 3 [pid 6312] <... setpgid resumed>) = 0 [pid 6313] write(3, "1000", 4) = 4 [pid 6313] close(3) = 0 [ 275.697193][ T6309] loop0: detected capacity change from 0 to 4096 [pid 6313] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6312] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6313] memfd_create("syzkaller", 0) = 3 [pid 6313] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6312] <... openat resumed>) = 3 [pid 6312] write(3, "1000", 4) = 4 [ 275.751853][ T6309] NILFS (loop0): invalid segment: Checksum error in segment payload [pid 6312] close(3) = 0 [pid 6312] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6312] memfd_create("syzkaller", 0) = 3 [pid 6312] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 275.793640][ T6309] NILFS (loop0): trying rollback from an earlier position [pid 6313] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [ 275.872375][ T6309] NILFS (loop0): recovery complete [pid 6312] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6313] <... write resumed>) = 2097152 [pid 6309] <... mount resumed>) = 0 [pid 6309] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6312] <... write resumed>) = 2097152 [pid 6309] <... openat resumed>) = 3 [pid 6313] munmap(0x7fc0314e0000, 2097152 [pid 6312] munmap(0x7fc0314e0000, 2097152 [pid 6309] chdir("./file0" [pid 6313] <... munmap resumed>) = 0 [pid 6312] <... munmap resumed>) = 0 [pid 6309] <... chdir resumed>) = 0 [pid 6313] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6312] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 6309] ioctl(4, LOOP_CLR_FD [pid 6313] <... openat resumed>) = 4 [pid 6312] <... openat resumed>) = 4 [pid 6309] <... ioctl resumed>) = 0 [pid 6313] ioctl(4, LOOP_SET_FD, 3 [pid 6312] ioctl(4, LOOP_SET_FD, 3 [pid 6313] <... ioctl resumed>) = 0 [ 275.926668][ T6314] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6309] close(4) = 0 [pid 6309] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6309] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6309] ftruncate(5, 33587195 [pid 6313] close(3 [pid 6312] <... ioctl resumed>) = 0 [pid 6309] <... ftruncate resumed>) = 0 [pid 6313] <... close resumed>) = 0 [pid 6312] close(3 [ 275.976774][ T6313] loop4: detected capacity change from 0 to 4096 [ 275.983888][ T6312] loop5: detected capacity change from 0 to 4096 [pid 6309] sendfile(4, 5, NULL, 281474978811909 [pid 6313] mkdir("./file0", 0777 [pid 6312] <... close resumed>) = 0 [pid 6313] <... mkdir resumed>) = 0 [pid 6312] mkdir("./file0", 0777 [pid 6313] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6312] <... mkdir resumed>) = 0 [pid 6312] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6305] <... sendfile resumed>) = 1048576 [pid 6305] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6305] exit_group(0) = ? [pid 6305] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6305, si_uid=0, si_status=0, si_utime=0, si_stime=29 /* 0.29 s */} --- [pid 5067] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5067] umount2("./102", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./102", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./102/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./102/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./102/binderfs") = 0 [ 276.092152][ T6312] NILFS (loop5): invalid segment: Checksum error in segment payload [ 276.101315][ T6313] NILFS (loop4): invalid segment: Checksum error in segment payload [ 276.118173][ T6312] NILFS (loop5): trying rollback from an earlier position [ 276.125964][ T6313] NILFS (loop4): trying rollback from an earlier position [ 276.154726][ T6312] NILFS (loop5): recovery complete [ 276.160442][ T6313] NILFS (loop4): recovery complete [ 276.192601][ T6315] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5067] umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6313] <... mount resumed>) = 0 [pid 6312] <... mount resumed>) = 0 [pid 6313] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6312] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6313] <... openat resumed>) = 3 [pid 6312] <... openat resumed>) = 3 [pid 6313] chdir("./file0" [pid 6312] chdir("./file0" [pid 6313] <... chdir resumed>) = 0 [pid 6312] <... chdir resumed>) = 0 [pid 6313] ioctl(4, LOOP_CLR_FD [pid 6312] ioctl(4, LOOP_CLR_FD [pid 6313] <... ioctl resumed>) = 0 [pid 6312] <... ioctl resumed>) = 0 [pid 6313] close(4 [pid 6312] close(4 [pid 6313] <... close resumed>) = 0 [pid 6312] <... close resumed>) = 0 [pid 6313] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6312] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6313] <... open resumed>) = 4 [pid 6312] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6313] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6312] ftruncate(5, 33587195 [pid 6313] <... open resumed>) = 5 [pid 6313] ftruncate(5, 33587195 [pid 6312] <... ftruncate resumed>) = 0 [pid 6313] <... ftruncate resumed>) = 0 [pid 6312] sendfile(4, 5, NULL, 281474978811909 [ 276.195899][ T6316] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6313] sendfile(4, 5, NULL, 281474978811909 [pid 5067] <... umount2 resumed>) = 0 [pid 5067] umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./102/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./102/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./102/file0") = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./102") = 0 [pid 5067] mkdir("./103", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6317 ./strace-static-x86_64: Process 6317 attached [pid 6317] chdir("./103") = 0 [pid 6317] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6317] setpgid(0, 0) = 0 [pid 6317] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6317] write(3, "1000", 4) = 4 [pid 6317] close(3) = 0 [pid 6317] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6317] memfd_create("syzkaller", 0) = 3 [pid 6317] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6317] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152 [pid 6317] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6317] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6317] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6317] close(3) = 0 [pid 6317] mkdir("./file0", 0777) = 0 [pid 6317] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6306] <... sendfile resumed>) = 1048576 [ 276.722825][ T6317] loop3: detected capacity change from 0 to 4096 [pid 6306] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6306] exit_group(0) = ? [pid 6306] +++ exited with 0 +++ [pid 6308] <... sendfile resumed>) = 1048576 [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6306, si_uid=0, si_status=0, si_utime=0, si_stime=30 /* 0.30 s */} --- [pid 5065] umount2("./100", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6308] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6308] <... open resumed>) = -1 EFAULT (Bad address) [pid 5065] openat(AT_FDCWD, "./100", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6308] exit_group(0 [pid 5065] <... openat resumed>) = 3 [pid 6308] <... exit_group resumed>) = ? [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./100/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6308] +++ exited with 0 +++ [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6308, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 5065] lstat("./100/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] unlink("./100/binderfs" [pid 5066] umount2("./101", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... unlink resumed>) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] openat(AT_FDCWD, "./101", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5066] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] umount2("./101/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./101/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] unlink("./101/binderfs") = 0 [ 276.814522][ T6317] NILFS (loop3): invalid segment: Checksum error in segment payload [ 276.849686][ T6317] NILFS (loop3): trying rollback from an earlier position [ 276.959851][ T6317] NILFS (loop3): recovery complete [pid 5066] umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6317] <... mount resumed>) = 0 [pid 5065] <... umount2 resumed>) = 0 [pid 6317] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5065] umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6317] chdir("./file0") = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6317] ioctl(4, LOOP_CLR_FD [pid 5065] lstat("./100/file0", [pid 6317] <... ioctl resumed>) = 0 [pid 5065] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6317] close(4) = 0 [pid 5065] umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6317] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6309] <... sendfile resumed>) = 1048576 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6317] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [ 277.025812][ T6318] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6309] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5065] openat(AT_FDCWD, "./100/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6317] <... open resumed>) = 5 [pid 6309] <... open resumed>) = -1 EFAULT (Bad address) [pid 5065] <... openat resumed>) = 4 [pid 6317] ftruncate(5, 33587195 [pid 6309] exit_group(0 [pid 6317] <... ftruncate resumed>) = 0 [pid 6309] <... exit_group resumed>) = ? [pid 5065] fstat(4, [pid 6317] sendfile(4, 5, NULL, 281474978811909 [pid 6309] +++ exited with 0 +++ [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6309, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5064] umount2("./101", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] getdents64(4, [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./101", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] <... openat resumed>) = 3 [pid 5065] getdents64(4, [pid 5064] fstat(3, [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] close(4 [pid 5064] getdents64(3, [pid 5065] <... close resumed>) = 0 [pid 5064] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] rmdir("./100/file0" [pid 5064] umount2("./101/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] <... rmdir resumed>) = 0 [pid 5064] lstat("./101/binderfs", [pid 5065] getdents64(3, [pid 5064] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] unlink("./101/binderfs" [pid 5065] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] <... unlink resumed>) = 0 [pid 5064] umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] close(3 [pid 5066] <... umount2 resumed>) = 0 [pid 5066] umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./101/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./101/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] fstat(4, [pid 5065] <... close resumed>) = 0 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] rmdir("./100" [pid 5066] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 5066] rmdir("./101/file0") = 0 [pid 5065] <... rmdir resumed>) = 0 [pid 5066] getdents64(3, [pid 5065] mkdir("./101", 0777 [pid 5066] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./101") = 0 [pid 5065] <... mkdir resumed>) = 0 [pid 5066] mkdir("./102", 0777) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD [pid 5065] <... openat resumed>) = 3 [pid 5066] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5065] ioctl(3, LOOP_CLR_FD [pid 5066] close(3 [pid 5065] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5066] <... close resumed>) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6319 [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6319 attached [pid 6319] chdir("./102" [pid 5065] <... clone resumed>, child_tidptr=0x555556c965d0) = 6320 [pid 6319] <... chdir resumed>) = 0 [pid 6319] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6319] setpgid(0, 0) = 0 [pid 6319] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6319] write(3, "1000", 4) = 4 [pid 6319] close(3) = 0 ./strace-static-x86_64: Process 6320 attached [pid 6319] symlink("/dev/binderfs", "./binderfs" [pid 6320] chdir("./101" [pid 6319] <... symlink resumed>) = 0 [pid 6319] memfd_create("syzkaller", 0) = 3 [pid 6319] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6320] <... chdir resumed>) = 0 [pid 6320] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6320] setpgid(0, 0) = 0 [pid 6320] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6320] write(3, "1000", 4) = 4 [pid 6320] close(3) = 0 [pid 6320] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6320] memfd_create("syzkaller", 0) = 3 [pid 6320] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6319] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6313] <... sendfile resumed>) = 1048576 [pid 6313] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6313] exit_group(0 [pid 6312] <... sendfile resumed>) = 1048576 [pid 6313] <... exit_group resumed>) = ? [pid 6320] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6313] +++ exited with 0 +++ [pid 6312] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6313, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=23 /* 0.23 s */} --- [pid 5068] restart_syscall(<... resuming interrupted clone ...> [pid 6312] <... open resumed>) = -1 EFAULT (Bad address) [pid 5068] <... restart_syscall resumed>) = 0 [pid 6312] exit_group(0) = ? [pid 5068] umount2("./102", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./102", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6312] +++ exited with 0 +++ [pid 5068] getdents64(3, [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6312, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=25 /* 0.25 s */} --- [pid 5068] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] umount2("./102/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] umount2("./103", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] lstat("./102/binderfs", [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] openat(AT_FDCWD, "./103", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] unlink("./102/binderfs" [pid 5069] <... openat resumed>) = 3 [pid 5068] <... unlink resumed>) = 0 [pid 5069] fstat(3, [pid 5068] umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./103/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./103/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./103/binderfs") = 0 [pid 5069] umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6319] <... write resumed>) = 2097152 [pid 6319] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6319] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6319] ioctl(4, LOOP_SET_FD, 3 [pid 6320] <... write resumed>) = 2097152 [pid 5064] <... umount2 resumed>) = 0 [pid 6320] munmap(0x7fc0314e0000, 2097152 [pid 5064] umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6320] <... munmap resumed>) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6320] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5064] lstat("./101/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6320] <... openat resumed>) = 4 [pid 5064] umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6320] ioctl(4, LOOP_SET_FD, 3 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6319] <... ioctl resumed>) = 0 [pid 6319] close(3) = 0 [pid 6319] mkdir("./file0", 0777) = 0 [pid 6320] <... ioctl resumed>) = 0 [pid 5064] openat(AT_FDCWD, "./101/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5064] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6319] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5064] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] close(4) = 0 [pid 5064] rmdir("./101/file0") = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] close(3) = 0 [pid 5064] rmdir("./101") = 0 [pid 5064] mkdir("./102", 0777) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR [ 277.370503][ T6319] loop2: detected capacity change from 0 to 4096 [ 277.408202][ T6320] loop1: detected capacity change from 0 to 4096 [pid 6320] close(3 [pid 5064] <... openat resumed>) = 3 [pid 6320] <... close resumed>) = 0 [pid 5064] ioctl(3, LOOP_CLR_FD [pid 6320] mkdir("./file0", 0777 [pid 5064] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6320] <... mkdir resumed>) = 0 [pid 5064] close(3) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6320] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5064] <... clone resumed>, child_tidptr=0x555556c965d0) = 6321 ./strace-static-x86_64: Process 6321 attached [pid 6321] chdir("./102") = 0 [pid 6321] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6321] setpgid(0, 0) = 0 [pid 6321] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6321] write(3, "1000", 4) = 4 [pid 6321] close(3) = 0 [ 277.434735][ T6319] NILFS (loop2): invalid segment: Checksum error in segment payload [ 277.468665][ T6319] NILFS (loop2): trying rollback from an earlier position [pid 6321] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6321] memfd_create("syzkaller", 0) = 3 [pid 6321] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5069] <... umount2 resumed>) = 0 [pid 5069] umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./103/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./103/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 277.501362][ T6320] NILFS (loop1): invalid segment: Checksum error in segment payload [pid 5069] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4 [pid 6321] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5069] <... close resumed>) = 0 [pid 5069] rmdir("./103/file0") = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./103") = 0 [pid 5069] mkdir("./104", 0777) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5069] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6322 [pid 5068] <... umount2 resumed>) = 0 [pid 5068] umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6322 attached ) = -1 EINVAL (Invalid argument) [pid 6322] chdir("./104" [pid 5068] lstat("./102/file0", [pid 6322] <... chdir resumed>) = 0 [ 277.553028][ T6319] NILFS (loop2): recovery complete [ 277.573322][ T6320] NILFS (loop1): trying rollback from an earlier position [pid 6322] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5068] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6322] <... prctl resumed>) = 0 [pid 6322] setpgid(0, 0 [pid 5068] umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6322] <... setpgid resumed>) = 0 [pid 6322] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6319] <... mount resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6322] <... openat resumed>) = 3 [pid 6319] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6322] write(3, "1000", 4 [pid 6319] <... openat resumed>) = 3 [pid 5068] openat(AT_FDCWD, "./102/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6322] <... write resumed>) = 4 [pid 6319] chdir("./file0" [pid 6322] close(3 [pid 6319] <... chdir resumed>) = 0 [pid 5068] <... openat resumed>) = 4 [pid 6322] <... close resumed>) = 0 [pid 6319] ioctl(4, LOOP_CLR_FD [pid 6322] symlink("/dev/binderfs", "./binderfs" [pid 6319] <... ioctl resumed>) = 0 [pid 5068] fstat(4, [pid 6322] <... symlink resumed>) = 0 [pid 6319] close(4 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6322] memfd_create("syzkaller", 0 [pid 6319] <... close resumed>) = 0 [pid 6322] <... memfd_create resumed>) = 3 [pid 6319] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6322] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5068] getdents64(4, [pid 6319] <... open resumed>) = 4 [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6319] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] getdents64(4, [pid 6319] <... open resumed>) = 5 [pid 6319] ftruncate(5, 33587195 [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6319] <... ftruncate resumed>) = 0 [pid 5068] close(4 [pid 6319] sendfile(4, 5, NULL, 281474978811909 [pid 5068] <... close resumed>) = 0 [pid 5068] rmdir("./102/file0") = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5068] rmdir("./102") = 0 [pid 5068] mkdir("./103", 0777) = 0 [ 277.606843][ T6323] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5068] close(3) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6322] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152./strace-static-x86_64: Process 6324 attached [pid 6321] <... write resumed>) = 2097152 [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 6324 [pid 6324] chdir("./103" [pid 6321] munmap(0x7fc0314e0000, 2097152 [pid 6324] <... chdir resumed>) = 0 [pid 6321] <... munmap resumed>) = 0 [pid 6321] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6324] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6321] <... openat resumed>) = 4 [pid 6324] <... prctl resumed>) = 0 [pid 6321] ioctl(4, LOOP_SET_FD, 3 [ 277.678715][ T6320] NILFS (loop1): recovery complete [pid 6324] setpgid(0, 0) = 0 [pid 6324] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6324] write(3, "1000", 4 [pid 6320] <... mount resumed>) = 0 [pid 6324] <... write resumed>) = 4 [pid 6320] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6324] close(3) = 0 [pid 6320] <... openat resumed>) = 3 [pid 6324] symlink("/dev/binderfs", "./binderfs" [pid 6320] chdir("./file0" [pid 6324] <... symlink resumed>) = 0 [pid 6321] <... ioctl resumed>) = 0 [pid 6320] <... chdir resumed>) = 0 [pid 6324] memfd_create("syzkaller", 0 [pid 6321] close(3 [pid 6320] ioctl(4, LOOP_CLR_FD [pid 6321] <... close resumed>) = 0 [pid 6324] <... memfd_create resumed>) = 3 [pid 6320] <... ioctl resumed>) = 0 [pid 6324] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6321] mkdir("./file0", 0777 [pid 6320] close(4 [pid 6324] <... mmap resumed>) = 0x7fc0314e0000 [pid 6321] <... mkdir resumed>) = 0 [pid 6320] <... close resumed>) = 0 [pid 6321] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6320] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [ 277.711105][ T6321] loop0: detected capacity change from 0 to 4096 [ 277.726465][ T6325] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6322] <... write resumed>) = 2097152 [pid 6320] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6322] munmap(0x7fc0314e0000, 2097152 [pid 6320] <... open resumed>) = 5 [pid 6320] ftruncate(5, 33587195) = 0 [pid 6320] sendfile(4, 5, NULL, 281474978811909 [pid 6322] <... munmap resumed>) = 0 [pid 6322] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 6322] ioctl(4, LOOP_SET_FD, 3 [ 277.791581][ T6321] NILFS (loop0): invalid segment: Checksum error in segment payload [ 277.818937][ T6322] loop5: detected capacity change from 0 to 4096 [pid 6324] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6322] <... ioctl resumed>) = 0 [pid 6322] close(3) = 0 [pid 6322] mkdir("./file0", 0777) = 0 [ 277.847867][ T6321] NILFS (loop0): trying rollback from an earlier position [pid 6322] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6324] <... write resumed>) = 2097152 [pid 6324] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6324] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 277.908285][ T6322] NILFS (loop5): invalid segment: Checksum error in segment payload [ 277.922564][ T6321] NILFS (loop0): recovery complete [pid 6324] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6324] close(3) = 0 [pid 6324] mkdir("./file0", 0777) = 0 [ 277.953173][ T6324] loop4: detected capacity change from 0 to 4096 [ 277.955330][ T6322] NILFS (loop5): trying rollback from an earlier position [pid 6324] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6321] <... mount resumed>) = 0 [pid 6321] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6321] chdir("./file0") = 0 [pid 6321] ioctl(4, LOOP_CLR_FD) = 0 [pid 6321] close(4) = 0 [pid 6321] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6321] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6321] ftruncate(5, 33587195) = 0 [ 278.009301][ T6326] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 278.011236][ T6324] NILFS (loop4): invalid segment: Checksum error in segment payload [pid 6321] sendfile(4, 5, NULL, 281474978811909 [pid 6322] <... mount resumed>) = 0 [pid 6322] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6317] <... sendfile resumed>) = 1048576 [pid 6322] chdir("./file0" [pid 6317] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6322] <... chdir resumed>) = 0 [pid 6317] <... open resumed>) = -1 EFAULT (Bad address) [pid 6322] ioctl(4, LOOP_CLR_FD [pid 6317] exit_group(0 [pid 6322] <... ioctl resumed>) = 0 [pid 6317] <... exit_group resumed>) = ? [pid 6322] close(4 [pid 6317] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6317, si_uid=0, si_status=0, si_utime=0, si_stime=34 /* 0.34 s */} --- [pid 6322] <... close resumed>) = 0 [pid 6322] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] umount2("./103", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./103", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6322] <... open resumed>) = 4 [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./103/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 278.086813][ T6322] NILFS (loop5): recovery complete [ 278.100616][ T6324] NILFS (loop4): trying rollback from an earlier position [ 278.108619][ T6327] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5067] lstat("./103/binderfs", [pid 6324] <... mount resumed>) = 0 [pid 6322] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./103/binderfs") = 0 [pid 5067] umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6324] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6322] <... open resumed>) = 5 [pid 6324] <... openat resumed>) = 3 [pid 6322] ftruncate(5, 33587195 [pid 6324] chdir("./file0" [pid 6322] <... ftruncate resumed>) = 0 [pid 6324] <... chdir resumed>) = 0 [pid 6322] sendfile(4, 5, NULL, 281474978811909 [pid 6324] ioctl(4, LOOP_CLR_FD) = 0 [ 278.163149][ T6324] NILFS (loop4): recovery complete [ 278.174071][ T6328] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6324] close(4) = 0 [pid 6324] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6324] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6324] ftruncate(5, 33587195) = 0 [pid 6324] sendfile(4, 5, NULL, 281474978811909 [pid 5067] <... umount2 resumed>) = 0 [pid 5067] umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./103/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./103/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./103/file0") = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./103") = 0 [pid 5067] mkdir("./104", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6329 attached [pid 6329] chdir("./104" [pid 5067] <... clone resumed>, child_tidptr=0x555556c965d0) = 6329 [pid 6329] <... chdir resumed>) = 0 [pid 6329] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6329] setpgid(0, 0) = 0 [pid 6329] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6329] write(3, "1000", 4) = 4 [pid 6329] close(3) = 0 [pid 6329] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6329] memfd_create("syzkaller", 0) = 3 [pid 6329] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6329] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152 [pid 6329] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6329] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6329] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6329] close(3) = 0 [pid 6329] mkdir("./file0", 0777) = 0 [ 278.677372][ T6329] loop3: detected capacity change from 0 to 4096 [ 278.785851][ T6329] NILFS (loop3): invalid segment: Checksum error in segment payload [ 278.793925][ T6329] NILFS (loop3): trying rollback from an earlier position [pid 6329] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6319] <... sendfile resumed>) = 1048576 [pid 6319] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6319] exit_group(0) = ? [pid 6320] <... sendfile resumed>) = 1048576 [pid 6319] +++ exited with 0 +++ [pid 6320] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6319, si_uid=0, si_status=0, si_utime=0, si_stime=20 /* 0.20 s */} --- [pid 6320] exit_group(0 [pid 5066] restart_syscall(<... resuming interrupted clone ...> [pid 6320] <... exit_group resumed>) = ? [pid 5066] <... restart_syscall resumed>) = 0 [pid 6320] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6320, si_uid=0, si_status=0, si_utime=0, si_stime=19 /* 0.19 s */} --- [pid 6329] <... mount resumed>) = 0 [pid 5065] umount2("./101", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./101", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 278.917943][ T6329] NILFS (loop3): recovery complete [pid 5065] fstat(3, [pid 6329] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5066] umount2("./102", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6329] <... openat resumed>) = 3 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] getdents64(3, [pid 6329] chdir("./file0" [pid 5066] openat(AT_FDCWD, "./102", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6329] <... chdir resumed>) = 0 [pid 5066] <... openat resumed>) = 3 [pid 5065] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6329] ioctl(4, LOOP_CLR_FD [pid 5066] fstat(3, [pid 6329] <... ioctl resumed>) = 0 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./101/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6329] close(4 [pid 5066] getdents64(3, [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6329] <... close resumed>) = 0 [pid 5066] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] lstat("./101/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] unlink("./101/binderfs" [pid 6329] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5066] umount2("./102/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... unlink resumed>) = 0 [pid 6329] <... open resumed>) = 4 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6329] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5066] lstat("./102/binderfs", [pid 6329] <... open resumed>) = 5 [pid 6329] ftruncate(5, 33587195 [pid 5066] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6329] <... ftruncate resumed>) = 0 [ 278.945365][ T6330] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5066] unlink("./102/binderfs" [pid 6329] sendfile(4, 5, NULL, 281474978811909 [pid 5066] <... unlink resumed>) = 0 [pid 5066] umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6321] <... sendfile resumed>) = 1048576 [pid 6321] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6321] exit_group(0) = ? [pid 6321] +++ exited with 0 +++ [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6321, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5064] umount2("./102", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./102", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5064] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] umount2("./102/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./102/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] unlink("./102/binderfs") = 0 [pid 5064] umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... umount2 resumed>) = 0 [pid 5065] umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./101/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./101/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] <... umount2 resumed>) = 0 [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [pid 5065] rmdir("./101/file0") = 0 [pid 5066] umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 5065] rmdir("./101" [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... rmdir resumed>) = 0 [pid 5066] lstat("./102/file0", [pid 5065] mkdir("./102", 0777 [pid 5066] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] <... mkdir resumed>) = 0 [pid 5066] umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... openat resumed>) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD [pid 5066] openat(AT_FDCWD, "./102/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6331 ./strace-static-x86_64: Process 6331 attached [pid 5066] <... openat resumed>) = 4 [pid 6331] chdir("./102") = 0 [pid 5066] fstat(4, [pid 6331] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6331] setpgid(0, 0) = 0 [pid 5066] getdents64(4, [pid 6331] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6331] <... openat resumed>) = 3 [pid 6331] write(3, "1000", 4) = 4 [pid 5066] getdents64(4, [pid 6331] close(3) = 0 [pid 6331] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6331] memfd_create("syzkaller", 0) = 3 [pid 6331] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 5066] rmdir("./102/file0") = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] close(3 [pid 6331] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5066] <... close resumed>) = 0 [pid 6324] <... sendfile resumed>) = 1048576 [pid 6322] <... sendfile resumed>) = 1048576 [pid 5066] rmdir("./102" [pid 5064] <... umount2 resumed>) = 0 [pid 6324] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6322] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5066] <... rmdir resumed>) = 0 [pid 6324] <... open resumed>) = -1 EFAULT (Bad address) [pid 6322] <... open resumed>) = -1 EFAULT (Bad address) [pid 5066] mkdir("./103", 0777 [pid 5064] umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6324] exit_group(0 [pid 6322] exit_group(0 [pid 5066] <... mkdir resumed>) = 0 [pid 6324] <... exit_group resumed>) = ? [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... openat resumed>) = 3 [pid 6322] <... exit_group resumed>) = ? [pid 5066] ioctl(3, LOOP_CLR_FD [pid 5064] lstat("./102/file0", [pid 5066] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5066] close(3 [pid 6331] <... write resumed>) = 2097152 [pid 6324] +++ exited with 0 +++ [pid 6322] +++ exited with 0 +++ [pid 5066] <... close resumed>) = 0 [pid 5064] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6331] munmap(0x7fc0314e0000, 2097152 [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6322, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 5064] umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6331] <... munmap resumed>) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6331] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6324, si_uid=0, si_status=0, si_utime=0, si_stime=30 /* 0.30 s */} --- [pid 5064] openat(AT_FDCWD, "./102/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6331] <... openat resumed>) = 4 [pid 5069] umount2("./104", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] umount2("./103", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... openat resumed>) = 4 [pid 6331] ioctl(4, LOOP_SET_FD, 3 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... clone resumed>, child_tidptr=0x555556c965d0) = 6332 [pid 5064] fstat(4, [pid 5069] openat(AT_FDCWD, "./104", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] openat(AT_FDCWD, "./103", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] <... openat resumed>) = 3 [pid 5068] <... openat resumed>) = 3 [pid 5064] getdents64(4, ./strace-static-x86_64: Process 6332 attached [pid 5069] fstat(3, [pid 5068] fstat(3, [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6332] chdir("./103" [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(4, [pid 6332] <... chdir resumed>) = 0 [pid 5069] getdents64(3, [pid 5068] getdents64(3, [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6332] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5069] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] close(4 [pid 6332] <... prctl resumed>) = 0 [pid 6331] <... ioctl resumed>) = 0 [pid 5069] umount2("./104/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] umount2("./103/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... close resumed>) = 0 [pid 6332] setpgid(0, 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] rmdir("./102/file0" [pid 6332] <... setpgid resumed>) = 0 [pid 5069] lstat("./104/binderfs", [pid 5068] lstat("./103/binderfs", [pid 5064] <... rmdir resumed>) = 0 [pid 6332] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6331] close(3 [pid 5069] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] getdents64(3, [pid 6332] <... openat resumed>) = 3 [pid 6331] <... close resumed>) = 0 [pid 5069] unlink("./104/binderfs" [pid 5068] unlink("./103/binderfs" [pid 5064] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6332] write(3, "1000", 4 [pid 6331] mkdir("./file0", 0777 [pid 5069] <... unlink resumed>) = 0 [pid 5064] close(3 [pid 6332] <... write resumed>) = 4 [pid 6331] <... mkdir resumed>) = 0 [pid 5069] umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... unlink resumed>) = 0 [pid 5064] <... close resumed>) = 0 [pid 6332] close(3 [pid 6331] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] rmdir("./102" [pid 6332] <... close resumed>) = 0 [pid 5064] <... rmdir resumed>) = 0 [pid 6332] symlink("/dev/binderfs", "./binderfs" [pid 5064] mkdir("./103", 0777 [pid 6332] <... symlink resumed>) = 0 [pid 5064] <... mkdir resumed>) = 0 [pid 6332] memfd_create("syzkaller", 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6332] <... memfd_create resumed>) = 3 [pid 5064] <... openat resumed>) = 3 [pid 6332] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5064] ioctl(3, LOOP_CLR_FD [pid 6332] <... mmap resumed>) = 0x7fc0314e0000 [ 279.399354][ T6331] loop1: detected capacity change from 0 to 4096 [pid 5064] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5064] close(3) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6333 [pid 6332] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152./strace-static-x86_64: Process 6333 attached [pid 6333] chdir("./103") = 0 [pid 6333] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6333] setpgid(0, 0) = 0 [pid 6333] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5068] <... umount2 resumed>) = 0 [pid 6333] <... openat resumed>) = 3 [ 279.485143][ T6331] NILFS (loop1): invalid segment: Checksum error in segment payload [pid 5068] umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6333] write(3, "1000", 4 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6333] <... write resumed>) = 4 [pid 6333] close(3 [pid 6332] <... write resumed>) = 2097152 [pid 5068] lstat("./103/file0", [pid 6333] <... close resumed>) = 0 [pid 5068] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6332] munmap(0x7fc0314e0000, 2097152 [pid 6333] symlink("/dev/binderfs", "./binderfs" [pid 5068] umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6333] <... symlink resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./103/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6333] memfd_create("syzkaller", 0 [pid 5068] <... openat resumed>) = 4 [pid 6333] <... memfd_create resumed>) = 3 [pid 6333] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5068] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6333] <... mmap resumed>) = 0x7fc0314e0000 [pid 5068] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5068] rmdir("./103/file0") = 0 [pid 6332] <... munmap resumed>) = 0 [pid 5068] getdents64(3, [pid 6332] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5068] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6332] <... openat resumed>) = 4 [ 279.534995][ T6331] NILFS (loop1): trying rollback from an earlier position [pid 5068] close(3 [pid 6332] ioctl(4, LOOP_SET_FD, 3 [pid 5068] <... close resumed>) = 0 [pid 5068] rmdir("./103") = 0 [pid 5068] mkdir("./104", 0777 [pid 6332] <... ioctl resumed>) = 0 [pid 6332] close(3 [pid 5068] <... mkdir resumed>) = 0 [pid 6332] <... close resumed>) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6332] mkdir("./file0", 0777 [pid 5068] <... openat resumed>) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD [pid 6332] <... mkdir resumed>) = 0 [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6332] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] close(3 [pid 6331] <... mount resumed>) = 0 [pid 6331] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5068] <... close resumed>) = 0 [pid 6331] chdir("./file0" [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6331] <... chdir resumed>) = 0 [pid 6331] ioctl(4, LOOP_CLR_FD) = 0 [pid 6331] close(4) = 0 [pid 6331] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 6335 ./strace-static-x86_64: Process 6335 attached [pid 6331] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6335] chdir("./104" [pid 6331] <... open resumed>) = 5 [pid 5069] <... umount2 resumed>) = 0 [pid 6331] ftruncate(5, 33587195 [pid 6335] <... chdir resumed>) = 0 [pid 6331] <... ftruncate resumed>) = 0 [pid 6331] sendfile(4, 5, NULL, 281474978811909 [ 279.587247][ T6331] NILFS (loop1): recovery complete [ 279.596943][ T6332] loop2: detected capacity change from 0 to 4096 [ 279.613377][ T6334] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6335] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5069] umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./104/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./104/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4 [pid 6335] setpgid(0, 0 [pid 6333] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5069] <... close resumed>) = 0 [pid 6335] <... setpgid resumed>) = 0 [pid 5069] rmdir("./104/file0" [pid 6335] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5069] <... rmdir resumed>) = 0 [pid 5069] getdents64(3, [pid 6335] <... openat resumed>) = 3 [pid 5069] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3 [pid 6335] write(3, "1000", 4 [pid 5069] <... close resumed>) = 0 [pid 6335] <... write resumed>) = 4 [pid 5069] rmdir("./104" [pid 6335] close(3 [pid 5069] <... rmdir resumed>) = 0 [pid 6335] <... close resumed>) = 0 [pid 5069] mkdir("./105", 0777 [pid 6335] symlink("/dev/binderfs", "./binderfs" [pid 5069] <... mkdir resumed>) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD [pid 6335] <... symlink resumed>) = 0 [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6335] memfd_create("syzkaller", 0 [pid 5069] close(3 [pid 6335] <... memfd_create resumed>) = 3 [pid 5069] <... close resumed>) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6336 [pid 6335] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0./strace-static-x86_64: Process 6336 attached ) = 0x7fc0314e0000 [ 279.657681][ T6332] NILFS (loop2): invalid segment: Checksum error in segment payload [pid 6336] chdir("./105") = 0 [pid 6336] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6336] setpgid(0, 0) = 0 [pid 6336] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6336] write(3, "1000", 4) = 4 [pid 6336] close(3) = 0 [pid 6336] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6336] memfd_create("syzkaller", 0) = 3 [pid 6336] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 279.702729][ T6332] NILFS (loop2): trying rollback from an earlier position [pid 6335] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6333] <... write resumed>) = 2097152 [pid 6333] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6333] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6333] ioctl(4, LOOP_SET_FD, 3 [pid 6336] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6333] <... ioctl resumed>) = 0 [pid 6333] close(3) = 0 [pid 6333] mkdir("./file0", 0777 [pid 6335] <... write resumed>) = 2097152 [pid 6333] <... mkdir resumed>) = 0 [pid 6335] munmap(0x7fc0314e0000, 2097152 [pid 6333] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6332] <... mount resumed>) = 0 [pid 6335] <... munmap resumed>) = 0 [pid 6332] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6332] chdir("./file0") = 0 [pid 6332] ioctl(4, LOOP_CLR_FD) = 0 [pid 6332] close(4) = 0 [pid 6332] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6335] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6332] <... open resumed>) = 4 [pid 6332] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6332] ftruncate(5, 33587195) = 0 [ 279.801136][ T6332] NILFS (loop2): recovery complete [ 279.809563][ T6333] loop0: detected capacity change from 0 to 4096 [ 279.836841][ T6337] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6332] sendfile(4, 5, NULL, 281474978811909 [pid 6335] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6335] close(3) = 0 [pid 6335] mkdir("./file0", 0777) = 0 [pid 6335] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6336] <... write resumed>) = 2097152 [pid 6336] munmap(0x7fc0314e0000, 2097152) = 0 [ 279.856018][ T6333] NILFS (loop0): invalid segment: Checksum error in segment payload [ 279.885898][ T6335] loop4: detected capacity change from 0 to 4096 [pid 6336] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [ 279.948147][ T6333] NILFS (loop0): trying rollback from an earlier position [ 279.950249][ T6336] loop5: detected capacity change from 0 to 4096 [ 279.963865][ T6335] NILFS (loop4): invalid segment: Checksum error in segment payload [ 279.974197][ T6333] NILFS (loop0): recovery complete [ 279.980687][ T6335] NILFS (loop4): trying rollback from an earlier position [pid 6336] ioctl(4, LOOP_SET_FD, 3 [pid 6333] <... mount resumed>) = 0 [pid 6336] <... ioctl resumed>) = 0 [pid 6336] close(3) = 0 [pid 6336] mkdir("./file0", 0777) = 0 [pid 6336] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6333] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6329] <... sendfile resumed>) = 1048576 [pid 6329] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6333] <... openat resumed>) = 3 [pid 6329] exit_group(0 [pid 6335] <... mount resumed>) = 0 [pid 6333] chdir("./file0" [pid 6329] <... exit_group resumed>) = ? [pid 6329] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6329, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5067] umount2("./104", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./104", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, [pid 6333] <... chdir resumed>) = 0 [pid 5067] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6335] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6333] ioctl(4, LOOP_CLR_FD [pid 5067] umount2("./104/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6335] <... openat resumed>) = 3 [pid 6333] <... ioctl resumed>) = 0 [pid 5067] lstat("./104/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6335] chdir("./file0" [pid 6333] close(4 [pid 5067] unlink("./104/binderfs" [pid 6335] <... chdir resumed>) = 0 [pid 6333] <... close resumed>) = 0 [pid 5067] <... unlink resumed>) = 0 [pid 5067] umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6335] ioctl(4, LOOP_CLR_FD [pid 6333] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6335] <... ioctl resumed>) = 0 [pid 6335] close(4) = 0 [pid 6335] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6333] <... open resumed>) = 4 [pid 6335] <... open resumed>) = 4 [pid 6333] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [ 280.000395][ T6338] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 280.021885][ T6335] NILFS (loop4): recovery complete [ 280.034319][ T6339] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6335] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6333] <... open resumed>) = 5 [pid 6335] ftruncate(5, 33587195 [pid 6333] ftruncate(5, 33587195 [pid 6335] <... ftruncate resumed>) = 0 [pid 6333] <... ftruncate resumed>) = 0 [pid 6335] sendfile(4, 5, NULL, 281474978811909 [ 280.069968][ T6336] NILFS (loop5): invalid segment: Checksum error in segment payload [ 280.102211][ T6336] NILFS (loop5): trying rollback from an earlier position [ 280.235194][ T6336] NILFS (loop5): recovery complete [pid 6333] sendfile(4, 5, NULL, 281474978811909 [pid 6336] <... mount resumed>) = 0 [pid 6336] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5067] <... umount2 resumed>) = 0 [pid 6336] chdir("./file0") = 0 [pid 6336] ioctl(4, LOOP_CLR_FD) = 0 [pid 6336] close(4) = 0 [pid 6336] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6336] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6336] ftruncate(5, 33587195) = 0 [pid 5067] umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6336] sendfile(4, 5, NULL, 281474978811909 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./104/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 280.273962][ T6340] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5067] umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./104/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./104/file0") = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./104") = 0 [pid 5067] mkdir("./105", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6341 ./strace-static-x86_64: Process 6341 attached [pid 6341] chdir("./105") = 0 [pid 6341] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6341] setpgid(0, 0) = 0 [pid 6341] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6341] write(3, "1000", 4) = 4 [pid 6341] close(3) = 0 [pid 6341] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6341] memfd_create("syzkaller", 0) = 3 [pid 6341] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6341] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152 [pid 6341] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6341] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6341] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6341] close(3) = 0 [pid 6341] mkdir("./file0", 0777) = 0 [ 280.668935][ T6341] loop3: detected capacity change from 0 to 4096 [pid 6341] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6331] <... sendfile resumed>) = 1048576 [pid 6331] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6331] exit_group(0) = ? [pid 6331] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6331, si_uid=0, si_status=0, si_utime=0, si_stime=28 /* 0.28 s */} --- [pid 5065] umount2("./102", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./102", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./102/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./102/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] unlink("./102/binderfs") = 0 [ 280.749547][ T6341] NILFS (loop3): invalid segment: Checksum error in segment payload [ 280.776743][ T6341] NILFS (loop3): trying rollback from an earlier position [pid 5065] umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6341] <... mount resumed>) = 0 [ 280.846247][ T6341] NILFS (loop3): recovery complete [pid 6341] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6341] chdir("./file0") = 0 [pid 6341] ioctl(4, LOOP_CLR_FD) = 0 [pid 6341] close(4) = 0 [pid 6341] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6341] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [ 280.867959][ T6342] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6341] ftruncate(5, 33587195) = 0 [pid 6341] sendfile(4, 5, NULL, 281474978811909 [pid 5065] <... umount2 resumed>) = 0 [pid 5065] umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./102/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6332] <... sendfile resumed>) = 1048576 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6332] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5065] openat(AT_FDCWD, "./102/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6332] <... open resumed>) = -1 EFAULT (Bad address) [pid 5065] <... openat resumed>) = 4 [pid 6332] exit_group(0 [pid 5065] fstat(4, [pid 6332] <... exit_group resumed>) = ? [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6332] +++ exited with 0 +++ [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6332, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 5065] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, [pid 5066] umount2("./103", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] close(4 [pid 5066] openat(AT_FDCWD, "./103", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] <... close resumed>) = 0 [pid 5066] <... openat resumed>) = 3 [pid 5065] rmdir("./102/file0" [pid 5066] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] <... rmdir resumed>) = 0 [pid 5066] getdents64(3, [pid 5065] getdents64(3, [pid 5066] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] umount2("./103/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] close(3 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... close resumed>) = 0 [pid 5066] lstat("./103/binderfs", [pid 5065] rmdir("./102" [pid 5066] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] unlink("./103/binderfs" [pid 5065] <... rmdir resumed>) = 0 [pid 5066] <... unlink resumed>) = 0 [pid 5065] mkdir("./103", 0777 [pid 6333] <... sendfile resumed>) = 1048576 [pid 5066] umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6333] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5065] <... mkdir resumed>) = 0 [pid 6333] <... open resumed>) = -1 EFAULT (Bad address) [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6333] exit_group(0) = ? [pid 6333] +++ exited with 0 +++ [pid 5065] <... openat resumed>) = 3 [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6333, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 5065] ioctl(3, LOOP_CLR_FD [pid 5064] restart_syscall(<... resuming interrupted clone ...> [pid 5065] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5064] <... restart_syscall resumed>) = 0 [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5064] umount2("./103", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] <... clone resumed>, child_tidptr=0x555556c965d0) = 6343 [pid 5064] openat(AT_FDCWD, "./103", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5064] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 ./strace-static-x86_64: Process 6343 attached [pid 5064] umount2("./103/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6343] chdir("./103" [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6343] <... chdir resumed>) = 0 [pid 5064] lstat("./103/binderfs", [pid 6343] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5064] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6343] <... prctl resumed>) = 0 [pid 5064] unlink("./103/binderfs" [pid 6343] setpgid(0, 0 [pid 5064] <... unlink resumed>) = 0 [pid 6343] <... setpgid resumed>) = 0 [pid 5064] umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6343] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6343] write(3, "1000", 4) = 4 [pid 6343] close(3) = 0 [pid 6343] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6343] memfd_create("syzkaller", 0) = 3 [pid 6343] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6343] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6335] <... sendfile resumed>) = 1048576 [pid 6335] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6335] exit_group(0) = ? [pid 6335] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6335, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5068] umount2("./104", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./104", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] umount2("./104/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./104/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] unlink("./104/binderfs") = 0 [pid 5068] umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... umount2 resumed>) = 0 [pid 5064] <... umount2 resumed>) = 0 [pid 5066] umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] lstat("./103/file0", [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6343] <... write resumed>) = 2097152 [pid 6336] <... sendfile resumed>) = 1048576 [pid 5066] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] lstat("./103/file0", [pid 6343] munmap(0x7fc0314e0000, 2097152 [pid 6336] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5066] umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6343] <... munmap resumed>) = 0 [pid 6336] <... open resumed>) = -1 EFAULT (Bad address) [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6336] exit_group(0 [pid 5066] openat(AT_FDCWD, "./103/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6343] <... openat resumed>) = 4 [pid 6336] <... exit_group resumed>) = ? [pid 5066] <... openat resumed>) = 4 [pid 5064] openat(AT_FDCWD, "./103/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6343] ioctl(4, LOOP_SET_FD, 3 [pid 6336] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6336, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=18 /* 0.18 s */} --- [pid 5066] fstat(4, [pid 5064] <... openat resumed>) = 4 [pid 5069] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 6343] <... ioctl resumed>) = 0 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] fstat(4, [pid 6343] close(3 [pid 5066] getdents64(4, [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6343] <... close resumed>) = 0 [pid 5069] umount2("./105", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] getdents64(4, [pid 6343] mkdir("./file0", 0777 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] getdents64(4, [pid 5069] openat(AT_FDCWD, "./105", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6343] <... mkdir resumed>) = 0 [pid 5069] umount2("./105/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] close(4 [pid 5064] getdents64(4, [pid 6343] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... close resumed>) = 0 [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] lstat("./105/binderfs", [pid 5066] rmdir("./103/file0" [pid 5069] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] close(4 [pid 5069] unlink("./105/binderfs" [pid 5066] <... rmdir resumed>) = 0 [pid 5069] <... unlink resumed>) = 0 [pid 5066] getdents64(3, [pid 5064] <... close resumed>) = 0 [pid 5069] umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] rmdir("./103/file0" [pid 5066] close(3) = 0 [pid 5064] <... rmdir resumed>) = 0 [pid 5066] rmdir("./103" [pid 5064] getdents64(3, [pid 5066] <... rmdir resumed>) = 0 [pid 5064] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] close(3 [pid 5066] mkdir("./104", 0777 [pid 5064] <... close resumed>) = 0 [pid 5066] <... mkdir resumed>) = 0 [pid 5064] rmdir("./103" [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5064] <... rmdir resumed>) = 0 [ 281.416089][ T6343] loop1: detected capacity change from 0 to 4096 [pid 5066] ioctl(3, LOOP_CLR_FD [pid 5064] mkdir("./104", 0777 [pid 5066] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5066] close(3 [pid 5064] <... mkdir resumed>) = 0 [pid 5066] <... close resumed>) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5066] <... clone resumed>, child_tidptr=0x555556c965d0) = 6344 [pid 5064] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5064] close(3) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6345 ./strace-static-x86_64: Process 6344 attached [pid 6344] chdir("./104" [pid 5068] <... umount2 resumed>) = 0 [pid 6344] <... chdir resumed>) = 0 ./strace-static-x86_64: Process 6345 attached [pid 6344] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6345] chdir("./104" [pid 6344] <... prctl resumed>) = 0 [pid 5068] umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6345] <... chdir resumed>) = 0 [pid 6344] setpgid(0, 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6345] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6344] <... setpgid resumed>) = 0 [pid 5068] lstat("./104/file0", [pid 6345] <... prctl resumed>) = 0 [pid 6344] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5068] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6345] setpgid(0, 0 [pid 6344] <... openat resumed>) = 3 [pid 5068] umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6345] <... setpgid resumed>) = 0 [pid 6344] write(3, "1000", 4 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6345] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6344] <... write resumed>) = 4 [pid 5068] openat(AT_FDCWD, "./104/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6345] <... openat resumed>) = 3 [pid 6344] close(3 [pid 5068] <... openat resumed>) = 4 [pid 6345] write(3, "1000", 4 [pid 6344] <... close resumed>) = 0 [pid 5068] fstat(4, [pid 6345] <... write resumed>) = 4 [pid 6344] symlink("/dev/binderfs", "./binderfs" [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6345] close(3 [pid 6344] <... symlink resumed>) = 0 [pid 5068] getdents64(4, [pid 6345] <... close resumed>) = 0 [pid 6344] memfd_create("syzkaller", 0 [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6345] symlink("/dev/binderfs", "./binderfs" [pid 6344] <... memfd_create resumed>) = 3 [ 281.483540][ T6343] NILFS (loop1): invalid segment: Checksum error in segment payload [ 281.510389][ T6343] NILFS (loop1): trying rollback from an earlier position [pid 5068] getdents64(4, [pid 6345] <... symlink resumed>) = 0 [pid 6344] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6345] memfd_create("syzkaller", 0 [pid 6344] <... mmap resumed>) = 0x7fc0314e0000 [pid 5069] <... umount2 resumed>) = 0 [pid 5068] close(4 [pid 6345] <... memfd_create resumed>) = 3 [pid 5068] <... close resumed>) = 0 [pid 6345] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5068] rmdir("./104/file0" [pid 6345] <... mmap resumed>) = 0x7fc0314e0000 [pid 5068] <... rmdir resumed>) = 0 [ 281.584248][ T6343] NILFS (loop1): recovery complete [pid 5068] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6344] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6343] <... mount resumed>) = 0 [pid 5069] umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] close(3 [pid 6343] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... close resumed>) = 0 [pid 6343] <... openat resumed>) = 3 [pid 5069] lstat("./105/file0", [pid 5068] rmdir("./104" [pid 6343] chdir("./file0" [pid 5069] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] <... rmdir resumed>) = 0 [pid 6343] <... chdir resumed>) = 0 [pid 5069] umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] mkdir("./105", 0777 [pid 6343] ioctl(4, LOOP_CLR_FD [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... mkdir resumed>) = 0 [pid 6343] <... ioctl resumed>) = 0 [pid 5069] openat(AT_FDCWD, "./105/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6343] close(4 [pid 5069] <... openat resumed>) = 4 [pid 5068] <... openat resumed>) = 3 [pid 6343] <... close resumed>) = 0 [pid 5069] fstat(4, [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5068] close(3 [pid 6343] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] <... close resumed>) = 0 [pid 5069] getdents64(4, [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6343] <... open resumed>) = 4 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6343] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] getdents64(4, [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 6347 [pid 6345] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6343] <... open resumed>) = 5 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6343] ftruncate(5, 33587195 [pid 5069] close(4 [pid 6343] <... ftruncate resumed>) = 0 [pid 5069] <... close resumed>) = 0 ./strace-static-x86_64: Process 6347 attached [pid 6343] sendfile(4, 5, NULL, 281474978811909 [pid 5069] rmdir("./105/file0" [pid 6347] chdir("./105") = 0 [pid 5069] <... rmdir resumed>) = 0 [pid 6347] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5069] getdents64(3, [pid 6347] <... prctl resumed>) = 0 [pid 5069] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [ 281.607738][ T6346] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6347] setpgid(0, 0 [pid 5069] close(3 [pid 6347] <... setpgid resumed>) = 0 [pid 5069] <... close resumed>) = 0 [pid 6347] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5069] rmdir("./105" [pid 6347] <... openat resumed>) = 3 [pid 6347] write(3, "1000", 4 [pid 5069] <... rmdir resumed>) = 0 [pid 6347] <... write resumed>) = 4 [pid 5069] mkdir("./106", 0777 [pid 6347] close(3) = 0 [pid 5069] <... mkdir resumed>) = 0 [pid 6347] symlink("/dev/binderfs", "./binderfs" [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 6347] <... symlink resumed>) = 0 [pid 5069] <... openat resumed>) = 3 [pid 6347] memfd_create("syzkaller", 0 [pid 5069] ioctl(3, LOOP_CLR_FD [pid 6347] <... memfd_create resumed>) = 3 [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6347] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5069] close(3 [pid 6347] <... mmap resumed>) = 0x7fc0314e0000 [pid 5069] <... close resumed>) = 0 [pid 6347] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6344] <... write resumed>) = 2097152 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6348 ./strace-static-x86_64: Process 6348 attached [pid 6348] chdir("./106") = 0 [pid 6348] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6344] munmap(0x7fc0314e0000, 2097152 [pid 6348] <... prctl resumed>) = 0 [pid 6348] setpgid(0, 0 [pid 6345] <... write resumed>) = 2097152 [pid 6348] <... setpgid resumed>) = 0 [pid 6344] <... munmap resumed>) = 0 [pid 6348] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6345] munmap(0x7fc0314e0000, 2097152 [pid 6344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6348] <... openat resumed>) = 3 [pid 6344] <... openat resumed>) = 4 [pid 6348] write(3, "1000", 4 [pid 6345] <... munmap resumed>) = 0 [pid 6344] ioctl(4, LOOP_SET_FD, 3 [pid 6348] <... write resumed>) = 4 [pid 6345] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6345] ioctl(4, LOOP_SET_FD, 3 [pid 6348] close(3) = 0 [pid 6344] <... ioctl resumed>) = 0 [pid 6348] symlink("/dev/binderfs", "./binderfs" [pid 6344] close(3 [pid 6348] <... symlink resumed>) = 0 [pid 6344] <... close resumed>) = 0 [pid 6348] memfd_create("syzkaller", 0 [pid 6344] mkdir("./file0", 0777 [pid 6348] <... memfd_create resumed>) = 3 [pid 6348] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6344] <... mkdir resumed>) = 0 [pid 6348] <... mmap resumed>) = 0x7fc0314e0000 [pid 6344] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6345] <... ioctl resumed>) = 0 [pid 6347] <... write resumed>) = 2097152 [pid 6345] close(3) = 0 [pid 6345] mkdir("./file0", 0777) = 0 [ 281.783432][ T6344] loop2: detected capacity change from 0 to 4096 [ 281.788848][ T6345] loop0: detected capacity change from 0 to 4096 [pid 6345] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6347] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6348] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6341] <... sendfile resumed>) = 1048576 [pid 6341] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6347] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6341] <... open resumed>) = -1 EFAULT (Bad address) [pid 6347] ioctl(4, LOOP_SET_FD, 3 [pid 6341] exit_group(0) = ? [pid 6347] <... ioctl resumed>) = 0 [pid 6347] close(3 [pid 6341] +++ exited with 0 +++ [ 281.857183][ T6344] NILFS (loop2): invalid segment: Checksum error in segment payload [ 281.867225][ T6344] NILFS (loop2): trying rollback from an earlier position [ 281.881391][ T6345] NILFS (loop0): invalid segment: Checksum error in segment payload [ 281.896356][ T6344] NILFS (loop2): recovery complete [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6341, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 5067] umount2("./105", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6348] <... write resumed>) = 2097152 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./105", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6348] munmap(0x7fc0314e0000, 2097152 [pid 5067] <... openat resumed>) = 3 [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6348] <... munmap resumed>) = 0 [pid 5067] getdents64(3, [pid 6348] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 6344] <... mount resumed>) = 0 [pid 5067] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./105/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6348] <... openat resumed>) = 4 [pid 6344] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6348] ioctl(4, LOOP_SET_FD, 3 [pid 6344] <... openat resumed>) = 3 [pid 5067] lstat("./105/binderfs", [pid 6347] <... close resumed>) = 0 [pid 5067] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6347] mkdir("./file0", 0777 [pid 5067] unlink("./105/binderfs" [pid 6347] <... mkdir resumed>) = 0 [pid 5067] <... unlink resumed>) = 0 [pid 6347] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5067] umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6344] chdir("./file0") = 0 [pid 6344] ioctl(4, LOOP_CLR_FD) = 0 [pid 6344] close(4) = 0 [ 281.903886][ T6347] loop4: detected capacity change from 0 to 4096 [ 281.918830][ T6349] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 281.928229][ T6345] NILFS (loop0): trying rollback from an earlier position [ 281.946679][ T6348] loop5: detected capacity change from 0 to 4096 [pid 6344] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6348] <... ioctl resumed>) = 0 [pid 6344] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6348] close(3 [pid 6344] <... open resumed>) = 5 [pid 6348] <... close resumed>) = 0 [pid 6344] ftruncate(5, 33587195 [pid 6348] mkdir("./file0", 0777 [pid 6344] <... ftruncate resumed>) = 0 [pid 6348] <... mkdir resumed>) = 0 [pid 6344] sendfile(4, 5, NULL, 281474978811909 [ 281.962245][ T6347] NILFS (loop4): invalid segment: Checksum error in segment payload [ 281.986389][ T6347] NILFS (loop4): trying rollback from an earlier position [pid 6348] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6347] <... mount resumed>) = 0 [pid 6347] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6347] chdir("./file0") = 0 [pid 6347] ioctl(4, LOOP_CLR_FD) = 0 [pid 6347] close(4) = 0 [pid 6347] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6347] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6347] ftruncate(5, 33587195) = 0 [ 282.017449][ T6347] NILFS (loop4): recovery complete [ 282.025199][ T6345] NILFS (loop0): recovery complete [ 282.044991][ T6348] NILFS (loop5): invalid segment: Checksum error in segment payload [ 282.055029][ T6350] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6347] sendfile(4, 5, NULL, 281474978811909 [pid 6345] <... mount resumed>) = 0 [pid 6345] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6345] chdir("./file0") = 0 [pid 6345] ioctl(4, LOOP_CLR_FD) = 0 [pid 6345] close(4) = 0 [pid 6345] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6345] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [ 282.076065][ T6351] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 282.080386][ T6348] NILFS (loop5): trying rollback from an earlier position [pid 6345] ftruncate(5, 33587195) = 0 [pid 6345] sendfile(4, 5, NULL, 281474978811909 [pid 5067] <... umount2 resumed>) = 0 [pid 5067] umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./105/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./105/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./105/file0") = 0 [ 282.254804][ T6348] NILFS (loop5): recovery complete [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./105") = 0 [pid 5067] mkdir("./106", 0777) = 0 [pid 6348] <... mount resumed>) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6348] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5067] <... openat resumed>) = 3 [pid 6348] chdir("./file0") = 0 [pid 5067] ioctl(3, LOOP_CLR_FD [pid 6348] ioctl(4, LOOP_CLR_FD) = 0 [pid 5067] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6348] close(4) = 0 [pid 5067] close(3 [pid 6348] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5067] <... close resumed>) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6348] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6348] ftruncate(5, 33587195) = 0 [pid 6348] sendfile(4, 5, NULL, 281474978811909 [pid 5067] <... clone resumed>, child_tidptr=0x555556c965d0) = 6353 [ 282.311012][ T6352] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds ./strace-static-x86_64: Process 6353 attached [pid 6353] chdir("./106") = 0 [pid 6353] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6353] setpgid(0, 0) = 0 [pid 6353] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6353] write(3, "1000", 4) = 4 [pid 6353] close(3) = 0 [pid 6353] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6353] memfd_create("syzkaller", 0) = 3 [pid 6353] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6353] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152 [pid 6353] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6353] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6353] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6353] close(3) = 0 [pid 6353] mkdir("./file0", 0777) = 0 [ 282.661745][ T6353] loop3: detected capacity change from 0 to 4096 [pid 6353] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6343] <... sendfile resumed>) = 1048576 [pid 6343] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6343] exit_group(0) = ? [ 282.719598][ T6353] NILFS (loop3): invalid segment: Checksum error in segment payload [pid 6343] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6343, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 5065] umount2("./103", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./103", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./103/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./103/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] unlink("./103/binderfs") = 0 [ 282.790599][ T6353] NILFS (loop3): trying rollback from an earlier position [pid 5065] umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW [ 282.850206][ T6353] NILFS (loop3): recovery complete [pid 6353] <... mount resumed>) = 0 [pid 6353] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6353] chdir("./file0") = 0 [pid 6353] ioctl(4, LOOP_CLR_FD) = 0 [pid 6353] close(4) = 0 [pid 6353] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6353] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6353] ftruncate(5, 33587195) = 0 [ 282.895018][ T6354] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6353] sendfile(4, 5, NULL, 281474978811909 [pid 5065] <... umount2 resumed>) = 0 [pid 5065] umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./103/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./103/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6345] <... sendfile resumed>) = 1048576 [pid 6345] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5065] <... openat resumed>) = 4 [pid 6345] <... open resumed>) = -1 EFAULT (Bad address) [pid 5065] fstat(4, [pid 6345] exit_group(0) = ? [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6345] +++ exited with 0 +++ [pid 5065] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6345, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 5065] close(4 [pid 6344] <... sendfile resumed>) = 1048576 [pid 5065] <... close resumed>) = 0 [pid 5064] restart_syscall(<... resuming interrupted clone ...> [pid 6344] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6344] exit_group(0) = ? [pid 6344] +++ exited with 0 +++ [pid 5065] rmdir("./103/file0" [pid 5064] <... restart_syscall resumed>) = 0 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6344, si_uid=0, si_status=0, si_utime=0, si_stime=29 /* 0.29 s */} --- [pid 5065] <... rmdir resumed>) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] close(3 [pid 5064] umount2("./104", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... close resumed>) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] rmdir("./103" [pid 5064] openat(AT_FDCWD, "./104", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] umount2("./104", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... rmdir resumed>) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... openat resumed>) = 3 [pid 5066] openat(AT_FDCWD, "./104", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] mkdir("./104", 0777 [pid 5064] fstat(3, [pid 5066] <... openat resumed>) = 3 [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] <... mkdir resumed>) = 0 [pid 6347] <... sendfile resumed>) = 1048576 [pid 5066] fstat(3, [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5064] getdents64(3, [pid 6347] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6347] <... open resumed>) = -1 EFAULT (Bad address) [pid 5065] <... openat resumed>) = 3 [pid 5066] getdents64(3, [pid 5064] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6347] exit_group(0 [pid 5065] ioctl(3, LOOP_CLR_FD [pid 6347] <... exit_group resumed>) = ? [pid 5066] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] umount2("./104/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6347] +++ exited with 0 +++ [pid 5066] umount2("./104/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] close(3 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6347, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... close resumed>) = 0 [pid 5064] lstat("./104/binderfs", [pid 5068] restart_syscall(<... resuming interrupted clone ...> [pid 5066] lstat("./104/binderfs", [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5064] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] <... restart_syscall resumed>) = 0 [pid 5066] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] unlink("./104/binderfs" [pid 5064] unlink("./104/binderfs" [pid 5065] <... clone resumed>, child_tidptr=0x555556c965d0) = 6355 [pid 5068] umount2("./105", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... unlink resumed>) = 0 [pid 5064] <... unlink resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] openat(AT_FDCWD, "./105", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] umount2("./105/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./105/binderfs", ./strace-static-x86_64: Process 6355 attached [pid 6355] chdir("./104") = 0 [pid 6355] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6355] setpgid(0, 0) = 0 [pid 5068] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6355] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6355] write(3, "1000", 4) = 4 [pid 6355] close(3) = 0 [pid 6355] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6355] memfd_create("syzkaller", 0) = 3 [pid 6355] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5068] unlink("./105/binderfs") = 0 [pid 5068] umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6355] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6348] <... sendfile resumed>) = 1048576 [pid 6348] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6348] exit_group(0) = ? [pid 6348] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6348, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5069] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5069] umount2("./106", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./106", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] fstat(3, [pid 6355] <... write resumed>) = 2097152 [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./106/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./106/binderfs", [pid 5066] <... umount2 resumed>) = 0 [pid 5069] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./106/binderfs") = 0 [pid 5069] umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6355] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6355] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6355] ioctl(4, LOOP_SET_FD, 3 [pid 5066] umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./104/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./104/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(4, [pid 5064] <... umount2 resumed>) = 0 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, [pid 5068] <... umount2 resumed>) = 0 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./104/file0", [pid 5066] close(4 [pid 5064] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] <... close resumed>) = 0 [pid 5066] rmdir("./104/file0" [pid 5064] umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... rmdir resumed>) = 0 [pid 5064] openat(AT_FDCWD, "./104/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] <... openat resumed>) = 4 [pid 5066] close(3 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] fstat(4, [pid 5068] lstat("./105/file0", [pid 5066] <... close resumed>) = 0 [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] rmdir("./104" [pid 5064] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... rmdir resumed>) = 0 [pid 5064] getdents64(4, [pid 6355] <... ioctl resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] mkdir("./105", 0777 [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6355] close(3 [pid 5068] openat(AT_FDCWD, "./105/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] close(4 [pid 6355] <... close resumed>) = 0 [pid 5066] <... mkdir resumed>) = 0 [pid 5068] <... openat resumed>) = 4 [pid 5064] <... close resumed>) = 0 [pid 6355] mkdir("./file0", 0777 [pid 5068] fstat(4, [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5064] rmdir("./104/file0" [pid 6355] <... mkdir resumed>) = 0 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] <... openat resumed>) = 3 [pid 5064] <... rmdir resumed>) = 0 [pid 6355] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] getdents64(4, [pid 5064] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [ 283.427357][ T6355] loop1: detected capacity change from 0 to 4096 [pid 5064] close(3 [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] ioctl(3, LOOP_CLR_FD [pid 5064] <... close resumed>) = 0 [pid 5068] getdents64(4, [pid 5066] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5064] rmdir("./104" [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] close(3 [pid 5064] <... rmdir resumed>) = 0 [pid 5068] close(4 [pid 5066] <... close resumed>) = 0 [pid 5064] mkdir("./105", 0777 [pid 5068] <... close resumed>) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5064] <... mkdir resumed>) = 0 [pid 5068] rmdir("./105/file0" [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5068] <... rmdir resumed>) = 0 [pid 5066] <... clone resumed>, child_tidptr=0x555556c965d0) = 6356 [pid 5064] ioctl(3, LOOP_CLR_FD [pid 5068] getdents64(3, [pid 5064] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5068] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] close(3 [pid 5068] close(3 [pid 5064] <... close resumed>) = 0 [pid 5068] <... close resumed>) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] rmdir("./105") = 0 [pid 5064] <... clone resumed>, child_tidptr=0x555556c965d0) = 6357 ./strace-static-x86_64: Process 6356 attached [pid 5068] mkdir("./106", 0777 [pid 6356] chdir("./105" [pid 5068] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 6357 attached [pid 6356] <... chdir resumed>) = 0 [pid 5069] <... umount2 resumed>) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6357] chdir("./105" [pid 6356] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5069] umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... openat resumed>) = 3 [pid 6357] <... chdir resumed>) = 0 [pid 6356] <... prctl resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] ioctl(3, LOOP_CLR_FD [pid 6357] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6357] setpgid(0, 0 [pid 6356] setpgid(0, 0 [pid 5069] lstat("./106/file0", [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6357] <... setpgid resumed>) = 0 [pid 6356] <... setpgid resumed>) = 0 [pid 5069] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] close(3 [pid 6357] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6356] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5068] <... close resumed>) = 0 [pid 6357] <... openat resumed>) = 3 [pid 5069] umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6357] write(3, "1000", 4 [pid 6356] <... openat resumed>) = 3 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6357] <... write resumed>) = 4 [pid 6357] close(3) = 0 [pid 6357] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6357] memfd_create("syzkaller", 0) = 3 [pid 6357] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 ./strace-static-x86_64: Process 6358 attached [pid 6357] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6356] write(3, "1000", 4 [pid 5069] openat(AT_FDCWD, "./106/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6358] chdir("./106" [pid 6356] <... write resumed>) = 4 [pid 5069] <... openat resumed>) = 4 [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 6358 [pid 6358] <... chdir resumed>) = 0 [pid 6356] close(3 [ 283.530582][ T6355] NILFS (loop1): invalid segment: Checksum error in segment payload [pid 5069] fstat(4, [pid 6358] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6356] <... close resumed>) = 0 [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6358] <... prctl resumed>) = 0 [pid 6356] symlink("/dev/binderfs", "./binderfs" [pid 5069] getdents64(4, [pid 6358] setpgid(0, 0 [pid 6356] <... symlink resumed>) = 0 [pid 6358] <... setpgid resumed>) = 0 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6356] memfd_create("syzkaller", 0 [pid 5069] getdents64(4, [pid 6358] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6356] <... memfd_create resumed>) = 3 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6358] <... openat resumed>) = 3 [pid 6356] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5069] close(4 [pid 6358] write(3, "1000", 4 [pid 6356] <... mmap resumed>) = 0x7fc0314e0000 [pid 5069] <... close resumed>) = 0 [pid 6358] <... write resumed>) = 4 [pid 5069] rmdir("./106/file0" [pid 6358] close(3 [pid 5069] <... rmdir resumed>) = 0 [pid 6358] <... close resumed>) = 0 [pid 5069] getdents64(3, [pid 6358] symlink("/dev/binderfs", "./binderfs" [pid 5069] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6358] <... symlink resumed>) = 0 [pid 5069] close(3 [pid 6358] memfd_create("syzkaller", 0 [pid 5069] <... close resumed>) = 0 [pid 6358] <... memfd_create resumed>) = 3 [pid 5069] rmdir("./106" [pid 6358] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5069] <... rmdir resumed>) = 0 [pid 6358] <... mmap resumed>) = 0x7fc0314e0000 [pid 5069] mkdir("./107", 0777) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD [pid 6357] <... write resumed>) = 2097152 [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5069] close(3 [pid 6357] munmap(0x7fc0314e0000, 2097152 [pid 5069] <... close resumed>) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6357] <... munmap resumed>) = 0 [pid 6357] openat(AT_FDCWD, "/dev/loop0", O_RDWR [ 283.591392][ T6355] NILFS (loop1): trying rollback from an earlier position [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 6359 [pid 6358] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6357] <... openat resumed>) = 4 [pid 6356] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152./strace-static-x86_64: Process 6359 attached [pid 6357] ioctl(4, LOOP_SET_FD, 3 [pid 6359] chdir("./107") = 0 [pid 6359] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6359] setpgid(0, 0) = 0 [pid 6359] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6359] write(3, "1000", 4 [pid 6357] <... ioctl resumed>) = 0 [pid 6359] <... write resumed>) = 4 [pid 6357] close(3 [pid 6359] close(3 [pid 6357] <... close resumed>) = 0 [pid 6359] <... close resumed>) = 0 [pid 6357] mkdir("./file0", 0777 [pid 6359] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6357] <... mkdir resumed>) = 0 [pid 6359] memfd_create("syzkaller", 0 [pid 6357] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6359] <... memfd_create resumed>) = 3 [pid 6359] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6355] <... mount resumed>) = 0 [pid 6355] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6355] chdir("./file0") = 0 [ 283.689252][ T6357] loop0: detected capacity change from 0 to 4096 [ 283.697936][ T6355] NILFS (loop1): recovery complete [ 283.724169][ T6357] NILFS (loop0): invalid segment: Checksum error in segment payload [pid 6355] ioctl(4, LOOP_CLR_FD [pid 6359] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6355] <... ioctl resumed>) = 0 [pid 6355] close(4) = 0 [pid 6355] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6355] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6355] ftruncate(5, 33587195) = 0 [pid 6355] sendfile(4, 5, NULL, 281474978811909 [pid 6358] <... write resumed>) = 2097152 [pid 6356] <... write resumed>) = 2097152 [pid 6358] munmap(0x7fc0314e0000, 2097152 [pid 6356] munmap(0x7fc0314e0000, 2097152 [pid 6358] <... munmap resumed>) = 0 [pid 6356] <... munmap resumed>) = 0 [pid 6358] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6356] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6358] <... openat resumed>) = 4 [pid 6359] <... write resumed>) = 2097152 [ 283.745622][ T6360] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6356] <... openat resumed>) = 4 [pid 6359] munmap(0x7fc0314e0000, 2097152 [pid 6358] ioctl(4, LOOP_SET_FD, 3 [pid 6356] ioctl(4, LOOP_SET_FD, 3 [pid 6359] <... munmap resumed>) = 0 [pid 6356] <... ioctl resumed>) = 0 [pid 6359] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [ 283.797106][ T6357] NILFS (loop0): trying rollback from an earlier position [ 283.811137][ T6358] loop4: detected capacity change from 0 to 4096 [ 283.817879][ T6356] loop2: detected capacity change from 0 to 4096 [pid 6359] ioctl(4, LOOP_SET_FD, 3 [pid 6358] <... ioctl resumed>) = 0 [pid 6356] close(3 [pid 6358] close(3 [pid 6356] <... close resumed>) = 0 [pid 6358] <... close resumed>) = 0 [pid 6356] mkdir("./file0", 0777 [pid 6358] mkdir("./file0", 0777 [pid 6356] <... mkdir resumed>) = 0 [pid 6359] <... ioctl resumed>) = 0 [pid 6358] <... mkdir resumed>) = 0 [pid 6356] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6359] close(3 [pid 6358] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6359] <... close resumed>) = 0 [pid 6359] mkdir("./file0", 0777) = 0 [ 283.843685][ T6357] NILFS (loop0): recovery complete [ 283.851250][ T6359] loop5: detected capacity change from 0 to 4096 [pid 6359] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6357] <... mount resumed>) = 0 [pid 6357] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6357] chdir("./file0") = 0 [pid 6357] ioctl(4, LOOP_CLR_FD) = 0 [pid 6357] close(4) = 0 [pid 6357] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6357] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6357] ftruncate(5, 33587195) = 0 [ 283.888236][ T6361] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 283.889572][ T6356] NILFS (loop2): invalid segment: Checksum error in segment payload [ 283.917012][ T6359] NILFS (loop5): invalid segment: Checksum error in segment payload [ 283.926891][ T6359] NILFS (loop5): trying rollback from an earlier position [ 283.930772][ T6358] NILFS (loop4): invalid segment: Checksum error in segment payload [ 283.955718][ T6359] NILFS (loop5): recovery complete [ 283.967756][ T6356] NILFS (loop2): trying rollback from an earlier position [ 283.975975][ T6358] NILFS (loop4): trying rollback from an earlier position [pid 6357] sendfile(4, 5, NULL, 281474978811909 [pid 6359] <... mount resumed>) = 0 [pid 6359] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6359] chdir("./file0") = 0 [pid 6359] ioctl(4, LOOP_CLR_FD) = 0 [pid 6359] close(4) = 0 [pid 6359] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6359] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6359] ftruncate(5, 33587195) = 0 [pid 6359] sendfile(4, 5, NULL, 281474978811909 [pid 6353] <... sendfile resumed>) = 1048576 [ 283.993470][ T6362] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6353] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [ 284.047478][ T6358] NILFS (loop4): recovery complete [pid 6358] <... mount resumed>) = 0 [pid 6353] exit_group(0) = ? [pid 6358] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6353] +++ exited with 0 +++ [pid 6358] chdir("./file0") = 0 [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6353, si_uid=0, si_status=0, si_utime=0, si_stime=32 /* 0.32 s */} --- [pid 6358] ioctl(4, LOOP_CLR_FD [pid 5067] umount2("./106", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6358] <... ioctl resumed>) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6358] close(4 [ 284.079260][ T6363] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 284.105746][ T6356] NILFS (loop2): recovery complete [pid 5067] openat(AT_FDCWD, "./106", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6358] <... close resumed>) = 0 [pid 6358] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6356] <... mount resumed>) = 0 [pid 5067] fstat(3, [pid 6356] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6356] chdir("./file0") = 0 [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6356] ioctl(4, LOOP_CLR_FD) = 0 [pid 6356] close(4 [pid 5067] getdents64(3, [pid 6358] <... open resumed>) = 4 [pid 6356] <... close resumed>) = 0 [pid 6358] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6356] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6358] <... open resumed>) = 5 [pid 6356] <... open resumed>) = 4 [pid 5067] umount2("./106/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6358] ftruncate(5, 33587195 [pid 6356] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6358] <... ftruncate resumed>) = 0 [pid 6356] ftruncate(5, 33587195 [pid 5067] lstat("./106/binderfs", [pid 6358] sendfile(4, 5, NULL, 281474978811909 [pid 6356] <... ftruncate resumed>) = 0 [pid 5067] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6356] sendfile(4, 5, NULL, 281474978811909 [pid 5067] unlink("./106/binderfs") = 0 [ 284.155365][ T6364] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5067] umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5067] umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./106/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./106/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./106/file0") = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./106") = 0 [pid 5067] mkdir("./107", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6365 ./strace-static-x86_64: Process 6365 attached [pid 6365] chdir("./107") = 0 [pid 6365] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6365] setpgid(0, 0) = 0 [pid 6365] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6365] write(3, "1000", 4) = 4 [pid 6365] close(3) = 0 [pid 6365] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6365] memfd_create("syzkaller", 0) = 3 [pid 6365] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6365] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6355] <... sendfile resumed>) = 1048576 [pid 6355] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6365] <... write resumed>) = 2097152 [pid 6355] exit_group(0) = ? [pid 6355] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6355, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5065] umount2("./104", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./104", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./104/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./104/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6365] munmap(0x7fc0314e0000, 2097152 [pid 5065] unlink("./104/binderfs") = 0 [pid 5065] umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6365] <... munmap resumed>) = 0 [pid 6365] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6365] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6365] close(3) = 0 [pid 6365] mkdir("./file0", 0777) = 0 [ 284.800031][ T6365] loop3: detected capacity change from 0 to 4096 [ 284.871712][ T6365] NILFS (loop3): invalid segment: Checksum error in segment payload [ 284.914789][ T6365] NILFS (loop3): trying rollback from an earlier position [pid 6365] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6357] <... sendfile resumed>) = 1048576 [pid 6357] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5065] <... umount2 resumed>) = 0 [pid 6357] <... open resumed>) = -1 EFAULT (Bad address) [pid 6357] exit_group(0) = ? [pid 6357] +++ exited with 0 +++ [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6357, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5064] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5064] umount2("./105", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./105", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5064] fstat(3, [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(3, [pid 5065] lstat("./104/file0", [pid 5064] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] umount2("./105/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./104/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5064] lstat("./105/binderfs", [pid 5065] fstat(4, [pid 5064] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] unlink("./105/binderfs" [pid 5065] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] <... unlink resumed>) = 0 [pid 5065] getdents64(4, [pid 5064] umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [pid 5065] rmdir("./104/file0") = 0 [ 285.018211][ T6365] NILFS (loop3): recovery complete [pid 5065] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 5065] rmdir("./104") = 0 [pid 5065] mkdir("./105", 0777) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6367 [pid 6365] <... mount resumed>) = 0 [pid 6365] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 ./strace-static-x86_64: Process 6367 attached [pid 6365] chdir("./file0" [pid 6367] chdir("./105" [pid 6365] <... chdir resumed>) = 0 [pid 6367] <... chdir resumed>) = 0 [pid 6365] ioctl(4, LOOP_CLR_FD [pid 6367] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6365] <... ioctl resumed>) = 0 [pid 6367] <... prctl resumed>) = 0 [pid 6365] close(4 [pid 6367] setpgid(0, 0 [pid 6365] <... close resumed>) = 0 [pid 6367] <... setpgid resumed>) = 0 [pid 6365] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6367] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6365] <... open resumed>) = 4 [pid 6367] <... openat resumed>) = 3 [pid 6365] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6367] write(3, "1000", 4) = 4 [pid 6367] close(3) = 0 [pid 6367] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6367] memfd_create("syzkaller", 0) = 3 [pid 6367] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6365] <... open resumed>) = 5 [ 285.101027][ T6366] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6365] ftruncate(5, 33587195) = 0 [pid 6365] sendfile(4, 5, NULL, 281474978811909 [pid 6367] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6359] <... sendfile resumed>) = 1048576 [pid 6359] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6359] exit_group(0) = ? [pid 6359] +++ exited with 0 +++ [pid 6356] <... sendfile resumed>) = 1048576 [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6359, si_uid=0, si_status=0, si_utime=0, si_stime=30 /* 0.30 s */} --- [pid 6356] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6356] exit_group(0 [pid 5069] umount2("./107", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6367] <... write resumed>) = 2097152 [pid 6358] <... sendfile resumed>) = 1048576 [pid 6356] <... exit_group resumed>) = ? [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6367] munmap(0x7fc0314e0000, 2097152 [pid 6358] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6356] +++ exited with 0 +++ [pid 5069] openat(AT_FDCWD, "./107", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6367] <... munmap resumed>) = 0 [pid 6358] <... open resumed>) = -1 EFAULT (Bad address) [pid 5069] <... openat resumed>) = 3 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6356, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=21 /* 0.21 s */} --- [pid 6367] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6358] exit_group(0 [pid 5069] fstat(3, [pid 6367] <... openat resumed>) = 4 [pid 6358] <... exit_group resumed>) = ? [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6367] ioctl(4, LOOP_SET_FD, 3 [pid 5066] umount2("./105", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6358] +++ exited with 0 +++ [pid 5069] getdents64(3, [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./105", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6358, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=25 /* 0.25 s */} --- [pid 5066] <... openat resumed>) = 3 [pid 5068] restart_syscall(<... resuming interrupted clone ...> [pid 5066] fstat(3, [pid 5068] <... restart_syscall resumed>) = 0 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] getdents64(3, [pid 5069] umount2("./107/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] umount2("./106", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] umount2("./105/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] lstat("./107/binderfs", [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6367] <... ioctl resumed>) = 0 [pid 5069] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] openat(AT_FDCWD, "./106", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] lstat("./105/binderfs", [pid 6367] close(3 [pid 5069] unlink("./107/binderfs" [pid 5068] <... openat resumed>) = 3 [pid 5066] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6367] <... close resumed>) = 0 [pid 5069] <... unlink resumed>) = 0 [pid 5068] fstat(3, [pid 5066] unlink("./105/binderfs" [pid 6367] mkdir("./file0", 0777 [pid 5069] umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] <... unlink resumed>) = 0 [pid 6367] <... mkdir resumed>) = 0 [pid 5068] getdents64(3, [pid 5066] umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... umount2 resumed>) = 0 [pid 6367] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] umount2("./106/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 285.282692][ T6367] loop1: detected capacity change from 0 to 4096 [pid 5068] lstat("./106/binderfs", [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] unlink("./106/binderfs" [pid 5064] lstat("./105/file0", [pid 5068] <... unlink resumed>) = 0 [pid 5068] umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./105/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5064] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] close(4) = 0 [pid 5064] rmdir("./105/file0") = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] close(3) = 0 [pid 5064] rmdir("./105") = 0 [pid 5064] mkdir("./106", 0777) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5064] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5064] close(3) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6368 ./strace-static-x86_64: Process 6368 attached [pid 6368] chdir("./106") = 0 [pid 6368] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6368] setpgid(0, 0) = 0 [pid 6368] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6368] write(3, "1000", 4) = 4 [pid 6368] close(3) = 0 [pid 6368] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6368] memfd_create("syzkaller", 0) = 3 [pid 6368] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 285.326699][ T6367] NILFS (loop1): invalid segment: Checksum error in segment payload [ 285.361145][ T6367] NILFS (loop1): trying rollback from an earlier position [pid 6368] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6367] <... mount resumed>) = 0 [pid 6367] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6367] chdir("./file0") = 0 [ 285.440153][ T6367] NILFS (loop1): recovery complete [pid 6367] ioctl(4, LOOP_CLR_FD) = 0 [pid 6367] close(4) = 0 [pid 6367] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6367] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5066] <... umount2 resumed>) = 0 [pid 6367] ftruncate(5, 33587195) = 0 [pid 6367] sendfile(4, 5, NULL, 281474978811909 [pid 5069] <... umount2 resumed>) = 0 [pid 6368] <... write resumed>) = 2097152 [pid 6368] munmap(0x7fc0314e0000, 2097152) = 0 [ 285.485331][ T6369] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5069] umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./107/file0", [pid 5066] lstat("./105/file0", [pid 5069] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] openat(AT_FDCWD, "./107/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] fstat(4, [pid 5066] openat(AT_FDCWD, "./105/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] <... openat resumed>) = 4 [pid 6368] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5069] getdents64(4, [pid 5066] fstat(4, [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6368] <... openat resumed>) = 4 [pid 5069] getdents64(4, [pid 5068] <... umount2 resumed>) = 0 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] getdents64(4, [pid 6368] ioctl(4, LOOP_SET_FD, 3 [pid 5069] close(4 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6368] <... ioctl resumed>) = 0 [pid 5069] <... close resumed>) = 0 [pid 5068] umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] getdents64(4, [pid 5069] rmdir("./107/file0" [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] <... rmdir resumed>) = 0 [pid 5068] lstat("./106/file0", [pid 5066] close(4 [pid 5069] getdents64(3, [pid 5068] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] <... close resumed>) = 0 [pid 5069] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] rmdir("./105/file0" [pid 5069] close(3 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... close resumed>) = 0 [pid 5068] openat(AT_FDCWD, "./106/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] <... rmdir resumed>) = 0 [pid 5069] rmdir("./107" [pid 5068] <... openat resumed>) = 4 [pid 5066] getdents64(3, [pid 5069] <... rmdir resumed>) = 0 [pid 5068] fstat(4, [pid 5066] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] mkdir("./108", 0777 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6368] close(3 [pid 5066] close(3 [pid 6368] <... close resumed>) = 0 [pid 5069] <... mkdir resumed>) = 0 [pid 5068] getdents64(4, [pid 5066] <... close resumed>) = 0 [pid 6368] mkdir("./file0", 0777 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] rmdir("./105" [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4 [pid 5069] <... openat resumed>) = 3 [pid 5068] <... close resumed>) = 0 [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5068] rmdir("./106/file0" [pid 5066] <... rmdir resumed>) = 0 [pid 6368] <... mkdir resumed>) = 0 [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5068] <... rmdir resumed>) = 0 [pid 5066] mkdir("./106", 0777 [pid 6368] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5069] close(3 [pid 5068] getdents64(3, [pid 5069] <... close resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] <... mkdir resumed>) = 0 [pid 5068] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] rmdir("./106" [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5068] <... rmdir resumed>) = 0 [pid 5066] <... openat resumed>) = 3 [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 6370 [pid 5068] mkdir("./107", 0777 [pid 5066] ioctl(3, LOOP_CLR_FD [pid 5068] <... mkdir resumed>) = 0 [pid 5066] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5066] close(3 [pid 5068] <... openat resumed>) = 3 [pid 5066] <... close resumed>) = 0 [ 285.597633][ T6368] loop0: detected capacity change from 0 to 4096 [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5068] close(3) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6371 ./strace-static-x86_64: Process 6371 attached [pid 6371] chdir("./107" [pid 5066] <... clone resumed>, child_tidptr=0x555556c965d0) = 6372 [pid 6371] <... chdir resumed>) = 0 [pid 6371] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6371] setpgid(0, 0) = 0 ./strace-static-x86_64: Process 6370 attached [pid 6371] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6370] chdir("./108"./strace-static-x86_64: Process 6372 attached [pid 6371] write(3, "1000", 4 [pid 6370] <... chdir resumed>) = 0 [pid 6372] chdir("./106" [pid 6371] <... write resumed>) = 4 [pid 6371] close(3) = 0 [pid 6371] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6371] memfd_create("syzkaller", 0) = 3 [pid 6371] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6370] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6371] <... mmap resumed>) = 0x7fc0314e0000 [pid 6370] <... prctl resumed>) = 0 [pid 6372] <... chdir resumed>) = 0 [pid 6372] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6370] setpgid(0, 0 [pid 6372] <... prctl resumed>) = 0 [pid 6370] <... setpgid resumed>) = 0 [pid 6372] setpgid(0, 0 [pid 6370] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6372] <... setpgid resumed>) = 0 [pid 6372] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6370] <... openat resumed>) = 3 [pid 6372] <... openat resumed>) = 3 [pid 6370] write(3, "1000", 4 [pid 6372] write(3, "1000", 4 [pid 6370] <... write resumed>) = 4 [pid 6371] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6372] <... write resumed>) = 4 [pid 6370] close(3 [pid 6372] close(3 [pid 6370] <... close resumed>) = 0 [pid 6372] <... close resumed>) = 0 [pid 6370] symlink("/dev/binderfs", "./binderfs" [pid 6372] symlink("/dev/binderfs", "./binderfs" [pid 6370] <... symlink resumed>) = 0 [ 285.703205][ T6368] NILFS (loop0): invalid segment: Checksum error in segment payload [ 285.733905][ T6368] NILFS (loop0): trying rollback from an earlier position [pid 6372] <... symlink resumed>) = 0 [pid 6370] memfd_create("syzkaller", 0 [pid 6372] memfd_create("syzkaller", 0 [pid 6370] <... memfd_create resumed>) = 3 [pid 6372] <... memfd_create resumed>) = 3 [pid 6370] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6372] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6368] <... mount resumed>) = 0 [pid 6368] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6368] chdir("./file0" [pid 6372] <... mmap resumed>) = 0x7fc0314e0000 [pid 6370] <... mmap resumed>) = 0x7fc0314e0000 [pid 6368] <... chdir resumed>) = 0 [pid 6368] ioctl(4, LOOP_CLR_FD) = 0 [pid 6368] close(4) = 0 [pid 6368] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6368] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6368] ftruncate(5, 33587195) = 0 [ 285.786759][ T6368] NILFS (loop0): recovery complete [ 285.806393][ T6373] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6368] sendfile(4, 5, NULL, 281474978811909 [pid 6372] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6370] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6371] <... write resumed>) = 2097152 [pid 6371] munmap(0x7fc0314e0000, 2097152 [pid 6370] <... write resumed>) = 2097152 [pid 6371] <... munmap resumed>) = 0 [pid 6371] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6371] ioctl(4, LOOP_SET_FD, 3 [pid 6372] <... write resumed>) = 2097152 [pid 6370] munmap(0x7fc0314e0000, 2097152 [pid 6372] munmap(0x7fc0314e0000, 2097152 [pid 6370] <... munmap resumed>) = 0 [pid 6372] <... munmap resumed>) = 0 [pid 6370] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 6372] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6370] <... openat resumed>) = 4 [pid 6372] <... openat resumed>) = 4 [pid 6370] ioctl(4, LOOP_SET_FD, 3 [pid 6372] ioctl(4, LOOP_SET_FD, 3 [pid 6371] <... ioctl resumed>) = 0 [pid 6371] close(3) = 0 [pid 6371] mkdir("./file0", 0777 [pid 6372] <... ioctl resumed>) = 0 [pid 6371] <... mkdir resumed>) = 0 [pid 6370] <... ioctl resumed>) = 0 [pid 6372] close(3 [pid 6371] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6370] close(3 [pid 6372] <... close resumed>) = 0 [pid 6370] <... close resumed>) = 0 [pid 6365] <... sendfile resumed>) = 1048576 [pid 6372] mkdir("./file0", 0777 [pid 6370] mkdir("./file0", 0777 [pid 6365] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6372] <... mkdir resumed>) = 0 [pid 6370] <... mkdir resumed>) = 0 [pid 6365] <... open resumed>) = -1 EFAULT (Bad address) [pid 6372] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6370] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6365] exit_group(0) = ? [pid 6365] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6365, si_uid=0, si_status=0, si_utime=0, si_stime=20 /* 0.20 s */} --- [pid 5067] restart_syscall(<... resuming interrupted clone ...>) = 0 [ 285.953836][ T6371] loop4: detected capacity change from 0 to 4096 [ 285.974485][ T6370] loop5: detected capacity change from 0 to 4096 [ 285.981238][ T6372] loop2: detected capacity change from 0 to 4096 [pid 5067] umount2("./107", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./107", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./107/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./107/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./107/binderfs") = 0 [ 286.047838][ T6370] NILFS (loop5): invalid segment: Checksum error in segment payload [ 286.049843][ T6371] NILFS (loop4): invalid segment: Checksum error in segment payload [ 286.056338][ T6372] NILFS (loop2): invalid segment: Checksum error in segment payload [ 286.081467][ T6371] NILFS (loop4): trying rollback from an earlier position [ 286.092134][ T6370] NILFS (loop5): trying rollback from an earlier position [pid 5067] umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6370] <... mount resumed>) = 0 [pid 6370] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [ 286.130026][ T6372] NILFS (loop2): trying rollback from an earlier position [ 286.156895][ T6370] NILFS (loop5): recovery complete [pid 6370] chdir("./file0") = 0 [pid 6370] ioctl(4, LOOP_CLR_FD) = 0 [pid 6370] close(4) = 0 [pid 6370] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6370] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6370] ftruncate(5, 33587195) = 0 [ 286.171387][ T6374] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 286.188773][ T6371] NILFS (loop4): recovery complete [ 286.189799][ T6372] NILFS (loop2): recovery complete [pid 6370] sendfile(4, 5, NULL, 281474978811909 [pid 6371] <... mount resumed>) = 0 [pid 6371] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6371] chdir("./file0") = 0 [pid 6371] ioctl(4, LOOP_CLR_FD) = 0 [pid 6371] close(4) = 0 [pid 6371] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6371] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6371] ftruncate(5, 33587195) = 0 [ 286.227193][ T6375] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6371] sendfile(4, 5, NULL, 281474978811909 [pid 5067] <... umount2 resumed>) = 0 [pid 6372] <... mount resumed>) = 0 [pid 6372] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6372] chdir("./file0") = 0 [pid 6372] ioctl(4, LOOP_CLR_FD) = 0 [pid 6372] close(4) = 0 [pid 5067] umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6372] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6372] <... open resumed>) = 4 [pid 5067] lstat("./107/file0", [pid 6372] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6372] <... open resumed>) = 5 [pid 5067] umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6372] ftruncate(5, 33587195 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6372] <... ftruncate resumed>) = 0 [pid 5067] openat(AT_FDCWD, "./107/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6372] sendfile(4, 5, NULL, 281474978811909 [ 286.293932][ T6376] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5067] <... openat resumed>) = 4 [pid 5067] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./107/file0") = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./107") = 0 [pid 5067] mkdir("./108", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6377 ./strace-static-x86_64: Process 6377 attached [pid 6377] chdir("./108") = 0 [pid 6377] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6377] setpgid(0, 0) = 0 [pid 6377] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6377] write(3, "1000", 4) = 4 [pid 6377] close(3) = 0 [pid 6377] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6377] memfd_create("syzkaller", 0) = 3 [pid 6377] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6377] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6367] <... sendfile resumed>) = 1048576 [pid 6367] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6367] exit_group(0) = ? [pid 6367] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6367, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 5065] umount2("./105", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./105", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./105/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./105/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] unlink("./105/binderfs") = 0 [pid 5065] umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6377] <... write resumed>) = 2097152 [pid 6377] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6377] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6377] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6377] close(3) = 0 [pid 6377] mkdir("./file0", 0777) = 0 [ 286.712463][ T6377] loop3: detected capacity change from 0 to 4096 [ 286.769601][ T6377] NILFS (loop3): invalid segment: Checksum error in segment payload [pid 6377] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5065] <... umount2 resumed>) = 0 [pid 5065] umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./105/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./105/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [ 286.833013][ T6377] NILFS (loop3): trying rollback from an earlier position [pid 5065] rmdir("./105/file0") = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 5065] rmdir("./105") = 0 [pid 6377] <... mount resumed>) = 0 [pid 5065] mkdir("./106", 0777 [pid 6377] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5065] <... mkdir resumed>) = 0 [pid 6377] <... openat resumed>) = 3 [pid 6377] chdir("./file0" [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6377] <... chdir resumed>) = 0 [pid 5065] <... openat resumed>) = 3 [pid 6377] ioctl(4, LOOP_CLR_FD [pid 5065] ioctl(3, LOOP_CLR_FD [pid 6377] <... ioctl resumed>) = 0 [pid 5065] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6377] close(4 [pid 5065] close(3 [pid 6377] <... close resumed>) = 0 [pid 5065] <... close resumed>) = 0 [pid 6377] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6377] <... open resumed>) = 4 [pid 6377] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5065] <... clone resumed>, child_tidptr=0x555556c965d0) = 6379 [pid 6377] <... open resumed>) = 5 [pid 6377] ftruncate(5, 33587195) = 0 [ 286.923873][ T6377] NILFS (loop3): recovery complete [ 286.935273][ T6378] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6377] sendfile(4, 5, NULL, 281474978811909./strace-static-x86_64: Process 6379 attached [pid 6379] chdir("./106") = 0 [pid 6379] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6379] setpgid(0, 0) = 0 [pid 6379] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6379] write(3, "1000", 4) = 4 [pid 6379] close(3) = 0 [pid 6379] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6379] memfd_create("syzkaller", 0) = 3 [pid 6379] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6379] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6368] <... sendfile resumed>) = 1048576 [pid 6368] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6368] exit_group(0) = ? [pid 6379] <... write resumed>) = 2097152 [pid 6379] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6368] +++ exited with 0 +++ [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6368, si_uid=0, si_status=0, si_utime=0, si_stime=24 /* 0.24 s */} --- [pid 5064] umount2("./106", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./106", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5064] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] umount2("./106/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./106/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] unlink("./106/binderfs") = 0 [pid 5064] umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6379] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6379] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6379] close(3) = 0 [pid 6379] mkdir("./file0", 0777) = 0 [ 287.195272][ T6379] loop1: detected capacity change from 0 to 4096 [pid 6379] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6370] <... sendfile resumed>) = 1048576 [pid 6370] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6370] exit_group(0) = ? [pid 6370] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6370, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 5069] umount2("./108", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./108", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./108/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... umount2 resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./108/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./108/binderfs") = 0 [ 287.280726][ T6379] NILFS (loop1): invalid segment: Checksum error in segment payload [pid 5069] umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./106/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6372] <... sendfile resumed>) = 1048576 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6372] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6372] exit_group(0) = ? [pid 5064] openat(AT_FDCWD, "./106/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6372] +++ exited with 0 +++ [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6372, si_uid=0, si_status=0, si_utime=0, si_stime=30 /* 0.30 s */} --- [pid 5066] umount2("./106", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./106", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] <... openat resumed>) = 4 [pid 5066] <... openat resumed>) = 3 [pid 5066] fstat(3, [pid 5064] fstat(4, [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] close(4 [pid 5066] umount2("./106/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... close resumed>) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] rmdir("./106/file0" [pid 5066] lstat("./106/binderfs", [pid 5064] <... rmdir resumed>) = 0 [ 287.335085][ T6379] NILFS (loop1): trying rollback from an earlier position [pid 5066] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] getdents64(3, [pid 5066] unlink("./106/binderfs" [pid 5064] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] close(3) = 0 [pid 5064] rmdir("./106") = 0 [pid 5066] <... unlink resumed>) = 0 [pid 5064] mkdir("./107", 0777 [pid 5066] umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... mkdir resumed>) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5064] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5064] close(3) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6380 ./strace-static-x86_64: Process 6380 attached [pid 6379] <... mount resumed>) = 0 [pid 6380] chdir("./107" [pid 6379] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6380] <... chdir resumed>) = 0 [pid 6379] <... openat resumed>) = 3 [pid 6379] chdir("./file0") = 0 [pid 6380] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6379] ioctl(4, LOOP_CLR_FD [pid 6371] <... sendfile resumed>) = 1048576 [pid 6380] <... prctl resumed>) = 0 [pid 6379] <... ioctl resumed>) = 0 [pid 6371] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6380] setpgid(0, 0 [pid 6379] close(4 [pid 6371] <... open resumed>) = -1 EFAULT (Bad address) [pid 6380] <... setpgid resumed>) = 0 [pid 6379] <... close resumed>) = 0 [pid 6371] exit_group(0 [pid 6380] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6379] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6371] <... exit_group resumed>) = ? [pid 6380] <... openat resumed>) = 3 [pid 6371] +++ exited with 0 +++ [pid 6380] write(3, "1000", 4 [pid 6379] <... open resumed>) = 4 [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6371, si_uid=0, si_status=0, si_utime=0, si_stime=20 /* 0.20 s */} --- [pid 6380] <... write resumed>) = 4 [pid 6379] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6380] close(3 [pid 6379] <... open resumed>) = 5 [pid 6380] <... close resumed>) = 0 [pid 6379] ftruncate(5, 33587195 [ 287.447387][ T6379] NILFS (loop1): recovery complete [ 287.457994][ T6381] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5068] umount2("./107", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6380] symlink("/dev/binderfs", "./binderfs" [pid 6379] <... ftruncate resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6380] <... symlink resumed>) = 0 [pid 6379] sendfile(4, 5, NULL, 281474978811909 [pid 5068] openat(AT_FDCWD, "./107", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6380] memfd_create("syzkaller", 0 [pid 5068] <... openat resumed>) = 3 [pid 6380] <... memfd_create resumed>) = 3 [pid 5068] fstat(3, [pid 6380] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6380] <... mmap resumed>) = 0x7fc0314e0000 [pid 5068] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] umount2("./107/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./107/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] unlink("./107/binderfs") = 0 [pid 5069] <... umount2 resumed>) = 0 [pid 5068] umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./108/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./108/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6380] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5069] <... openat resumed>) = 4 [pid 5069] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 5069] rmdir("./108/file0") = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./108") = 0 [pid 5069] mkdir("./109", 0777) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5066] <... umount2 resumed>) = 0 [pid 5069] close(3 [pid 5066] umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... close resumed>) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5066] lstat("./106/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 6382 [pid 5066] umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 6382 attached [pid 6380] <... write resumed>) = 2097152 [pid 5066] openat(AT_FDCWD, "./106/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] fstat(4, [pid 6382] chdir("./109" [pid 6380] munmap(0x7fc0314e0000, 2097152 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6382] <... chdir resumed>) = 0 [pid 6380] <... munmap resumed>) = 0 [pid 5066] getdents64(4, [pid 6382] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6380] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6382] <... prctl resumed>) = 0 [pid 6380] <... openat resumed>) = 4 [pid 5066] getdents64(4, [pid 6382] setpgid(0, 0 [pid 6380] ioctl(4, LOOP_SET_FD, 3 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6382] <... setpgid resumed>) = 0 [pid 5066] close(4 [pid 6382] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5066] <... close resumed>) = 0 [pid 6382] <... openat resumed>) = 3 [pid 5066] rmdir("./106/file0" [pid 6382] write(3, "1000", 4 [pid 5066] <... rmdir resumed>) = 0 [pid 6382] <... write resumed>) = 4 [pid 6380] <... ioctl resumed>) = 0 [pid 5066] getdents64(3, [pid 6382] close(3 [pid 6380] close(3 [pid 5066] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6382] <... close resumed>) = 0 [pid 5066] close(3 [pid 6382] symlink("/dev/binderfs", "./binderfs" [pid 5066] <... close resumed>) = 0 [pid 6382] <... symlink resumed>) = 0 [pid 5066] rmdir("./106" [pid 6382] memfd_create("syzkaller", 0) = 3 [pid 6380] <... close resumed>) = 0 [pid 5066] <... rmdir resumed>) = 0 [pid 6382] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6380] mkdir("./file0", 0777 [pid 5066] mkdir("./107", 0777 [pid 6382] <... mmap resumed>) = 0x7fc0314e0000 [pid 5066] <... mkdir resumed>) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 6380] <... mkdir resumed>) = 0 [pid 5066] ioctl(3, LOOP_CLR_FD [pid 6380] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5066] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5066] close(3) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6383 [ 287.715947][ T6380] loop0: detected capacity change from 0 to 4096 ./strace-static-x86_64: Process 6383 attached [pid 6383] chdir("./107") = 0 [pid 6383] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6383] setpgid(0, 0) = 0 [pid 5068] <... umount2 resumed>) = 0 [pid 6383] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5068] umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6383] <... openat resumed>) = 3 [pid 6382] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6383] write(3, "1000", 4 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6383] <... write resumed>) = 4 [pid 5068] lstat("./107/file0", [pid 6383] close(3 [pid 5068] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6383] <... close resumed>) = 0 [pid 5068] umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6383] symlink("/dev/binderfs", "./binderfs" [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6383] <... symlink resumed>) = 0 [pid 5068] openat(AT_FDCWD, "./107/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6383] memfd_create("syzkaller", 0 [pid 5068] <... openat resumed>) = 4 [pid 6383] <... memfd_create resumed>) = 3 [pid 5068] fstat(4, [pid 6383] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6383] <... mmap resumed>) = 0x7fc0314e0000 [pid 5068] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5068] rmdir("./107/file0") = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5068] rmdir("./107") = 0 [pid 5068] mkdir("./108", 0777) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 287.817426][ T6380] NILFS (loop0): invalid segment: Checksum error in segment payload [ 287.852695][ T6380] NILFS (loop0): trying rollback from an earlier position [pid 5068] close(3 [pid 6383] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6382] <... write resumed>) = 2097152 [pid 5068] <... close resumed>) = 0 [pid 6382] munmap(0x7fc0314e0000, 2097152 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6384 attached [pid 6382] <... munmap resumed>) = 0 [pid 6382] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 6384 [pid 6382] <... openat resumed>) = 4 [pid 6382] ioctl(4, LOOP_SET_FD, 3 [pid 6384] chdir("./108" [pid 6382] <... ioctl resumed>) = 0 [pid 6382] close(3) = 0 [ 287.907795][ T6380] NILFS (loop0): recovery complete [pid 6382] mkdir("./file0", 0777 [pid 6384] <... chdir resumed>) = 0 [pid 6382] <... mkdir resumed>) = 0 [pid 6384] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6382] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6384] <... prctl resumed>) = 0 [pid 6384] setpgid(0, 0 [pid 6380] <... mount resumed>) = 0 [pid 6377] <... sendfile resumed>) = 1048576 [pid 6383] <... write resumed>) = 2097152 [pid 6377] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6377] exit_group(0 [pid 6384] <... setpgid resumed>) = 0 [pid 6380] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6377] <... exit_group resumed>) = ? [pid 6384] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6383] munmap(0x7fc0314e0000, 2097152 [pid 6380] <... openat resumed>) = 3 [pid 6377] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6377, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=25 /* 0.25 s */} --- [pid 5067] umount2("./108", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6384] <... openat resumed>) = 3 [pid 6383] <... munmap resumed>) = 0 [pid 6380] chdir("./file0" [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6384] write(3, "1000", 4 [pid 6383] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6380] <... chdir resumed>) = 0 [pid 6384] <... write resumed>) = 4 [pid 6383] <... openat resumed>) = 4 [pid 6380] ioctl(4, LOOP_CLR_FD [pid 5067] openat(AT_FDCWD, "./108", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6384] close(3 [ 287.928957][ T6382] loop5: detected capacity change from 0 to 4096 [ 287.944776][ T6385] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6383] ioctl(4, LOOP_SET_FD, 3 [pid 6380] <... ioctl resumed>) = 0 [pid 6384] <... close resumed>) = 0 [pid 6380] close(4 [pid 5067] <... openat resumed>) = 3 [pid 6384] symlink("/dev/binderfs", "./binderfs" [pid 6380] <... close resumed>) = 0 [pid 6384] <... symlink resumed>) = 0 [pid 6380] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] fstat(3, [pid 6384] memfd_create("syzkaller", 0 [pid 6383] <... ioctl resumed>) = 0 [pid 6380] <... open resumed>) = 4 [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6384] <... memfd_create resumed>) = 3 [pid 6383] close(3 [pid 6380] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] getdents64(3, [pid 6384] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6383] <... close resumed>) = 0 [pid 6380] <... open resumed>) = 5 [pid 5067] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6384] <... mmap resumed>) = 0x7fc0314e0000 [pid 6383] mkdir("./file0", 0777 [pid 6380] ftruncate(5, 33587195 [pid 5067] umount2("./108/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6383] <... mkdir resumed>) = 0 [pid 6380] <... ftruncate resumed>) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6383] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6380] sendfile(4, 5, NULL, 281474978811909 [pid 5067] lstat("./108/binderfs", [pid 6384] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5067] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./108/binderfs") = 0 [ 287.976995][ T6382] NILFS (loop5): invalid segment: Checksum error in segment payload [ 287.984436][ T6383] loop2: detected capacity change from 0 to 4096 [ 287.991516][ T6382] NILFS (loop5): trying rollback from an earlier position [ 288.055615][ T6383] NILFS (loop2): invalid segment: Checksum error in segment payload [ 288.063685][ T6383] NILFS (loop2): trying rollback from an earlier position [ 288.096505][ T6382] NILFS (loop5): recovery complete [pid 5067] umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6382] <... mount resumed>) = 0 [pid 6382] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6382] chdir("./file0" [pid 6384] <... write resumed>) = 2097152 [pid 6382] <... chdir resumed>) = 0 [pid 6382] ioctl(4, LOOP_CLR_FD) = 0 [pid 6382] close(4) = 0 [pid 6382] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6382] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6384] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6382] <... open resumed>) = 5 [pid 6382] ftruncate(5, 33587195) = 0 [pid 6384] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6382] sendfile(4, 5, NULL, 281474978811909 [pid 6384] <... openat resumed>) = 4 [ 288.120300][ T6386] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6384] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6384] close(3) = 0 [pid 6384] mkdir("./file0", 0777) = 0 [ 288.175081][ T6384] loop4: detected capacity change from 0 to 4096 [ 288.175333][ T6383] NILFS (loop2): recovery complete [pid 6384] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6383] <... mount resumed>) = 0 [pid 5067] <... umount2 resumed>) = 0 [pid 6383] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6383] chdir("./file0") = 0 [pid 6383] ioctl(4, LOOP_CLR_FD) = 0 [pid 6383] close(4) = 0 [pid 6383] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6383] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6383] ftruncate(5, 33587195 [pid 5067] umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6383] <... ftruncate resumed>) = 0 [pid 6383] sendfile(4, 5, NULL, 281474978811909 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./108/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./108/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 288.258389][ T6387] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 288.280248][ T6384] NILFS (loop4): invalid segment: Checksum error in segment payload [pid 5067] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./108/file0") = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./108") = 0 [pid 5067] mkdir("./109", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] close(3) = 0 [ 288.337486][ T6384] NILFS (loop4): trying rollback from an earlier position [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6388 ./strace-static-x86_64: Process 6388 attached [pid 6388] chdir("./109") = 0 [pid 6388] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6388] setpgid(0, 0) = 0 [pid 6388] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6388] write(3, "1000", 4) = 4 [pid 6388] close(3) = 0 [pid 6388] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6388] memfd_create("syzkaller", 0) = 3 [pid 6388] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6379] <... sendfile resumed>) = 1048576 [pid 6379] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [ 288.458015][ T6384] NILFS (loop4): recovery complete [pid 6379] exit_group(0) = ? [pid 6388] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6379] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6379, si_uid=0, si_status=0, si_utime=0, si_stime=24 /* 0.24 s */} --- [pid 5065] umount2("./106", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./106", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./106/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6384] <... mount resumed>) = 0 [pid 6384] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5065] lstat("./106/binderfs", [pid 6384] chdir("./file0" [pid 5065] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6384] <... chdir resumed>) = 0 [pid 5065] unlink("./106/binderfs" [pid 6384] ioctl(4, LOOP_CLR_FD) = 0 [pid 5065] <... unlink resumed>) = 0 [pid 6388] <... write resumed>) = 2097152 [pid 6384] close(4 [ 288.535172][ T6389] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5065] umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6388] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6388] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6384] <... close resumed>) = 0 [pid 6388] <... openat resumed>) = 4 [pid 6388] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6388] close(3) = 0 [pid 6388] mkdir("./file0", 0777) = 0 [pid 6388] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6384] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6384] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6384] ftruncate(5, 33587195) = 0 [ 288.575669][ T6388] loop3: detected capacity change from 0 to 4096 [ 288.675826][ T6388] NILFS (loop3): invalid segment: Checksum error in segment payload [ 288.683919][ T6388] NILFS (loop3): trying rollback from an earlier position [pid 6384] sendfile(4, 5, NULL, 281474978811909 [pid 5065] <... umount2 resumed>) = 0 [pid 5065] umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./106/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./106/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [pid 5065] rmdir("./106/file0") = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 5065] rmdir("./106") = 0 [pid 5065] mkdir("./107", 0777) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [ 288.814439][ T6388] NILFS (loop3): recovery complete [pid 5065] ioctl(3, LOOP_CLR_FD [pid 6388] <... mount resumed>) = 0 [pid 5065] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6388] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5065] close(3 [pid 6388] chdir("./file0") = 0 [pid 6388] ioctl(4, LOOP_CLR_FD [pid 5065] <... close resumed>) = 0 [pid 6388] <... ioctl resumed>) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6388] close(4) = 0 [pid 6388] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6388] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5065] <... clone resumed>, child_tidptr=0x555556c965d0) = 6391 [pid 6388] ftruncate(5, 33587195) = 0 ./strace-static-x86_64: Process 6391 attached [pid 6388] sendfile(4, 5, NULL, 281474978811909 [pid 6391] chdir("./107") = 0 [pid 6391] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6391] setpgid(0, 0) = 0 [pid 6391] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6391] write(3, "1000", 4) = 4 [pid 6391] close(3) = 0 [pid 6391] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6391] memfd_create("syzkaller", 0) = 3 [ 288.840200][ T6390] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6391] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6391] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152 [pid 6391] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6391] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6391] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6380] <... sendfile resumed>) = 1048576 [pid 6391] close(3 [pid 6380] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6391] <... close resumed>) = 0 [pid 6380] <... open resumed>) = -1 EFAULT (Bad address) [pid 6391] mkdir("./file0", 0777 [pid 6380] exit_group(0 [pid 6391] <... mkdir resumed>) = 0 [pid 6380] <... exit_group resumed>) = ? [pid 6391] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6380] +++ exited with 0 +++ [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6380, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5064] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5064] umount2("./107", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./107", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5064] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] umount2("./107/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 289.131893][ T6391] loop1: detected capacity change from 0 to 4096 [pid 5064] lstat("./107/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] unlink("./107/binderfs") = 0 [ 289.182687][ T6391] NILFS (loop1): invalid segment: Checksum error in segment payload [ 289.203367][ T6391] NILFS (loop1): trying rollback from an earlier position [pid 5064] umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6391] <... mount resumed>) = 0 [pid 6391] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6391] chdir("./file0") = 0 [pid 6391] ioctl(4, LOOP_CLR_FD) = 0 [pid 6391] close(4) = 0 [pid 6391] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [ 289.266464][ T6391] NILFS (loop1): recovery complete [ 289.279997][ T6392] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6391] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6391] ftruncate(5, 33587195) = 0 [pid 6391] sendfile(4, 5, NULL, 281474978811909 [pid 6382] <... sendfile resumed>) = 1048576 [pid 6382] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6382] exit_group(0) = ? [pid 6382] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6382, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=22 /* 0.22 s */} --- [pid 5069] umount2("./109", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./109", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6383] <... sendfile resumed>) = 1048576 [pid 5069] umount2("./109/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6383] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6383] <... open resumed>) = -1 EFAULT (Bad address) [pid 5069] lstat("./109/binderfs", [pid 6383] exit_group(0 [pid 5069] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6383] <... exit_group resumed>) = ? [pid 5069] unlink("./109/binderfs" [pid 6383] +++ exited with 0 +++ [pid 5069] <... unlink resumed>) = 0 [pid 5069] umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6383, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 5064] <... umount2 resumed>) = 0 [pid 5066] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5064] umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./107/file0", [pid 5066] umount2("./107", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] openat(AT_FDCWD, "./107", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... openat resumed>) = 3 [pid 5066] fstat(3, [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] openat(AT_FDCWD, "./107/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] <... openat resumed>) = 4 [pid 5066] umount2("./107/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] fstat(4, [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./107/binderfs", [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] getdents64(4, [pid 5066] unlink("./107/binderfs" [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] <... unlink resumed>) = 0 [pid 5066] umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] close(4) = 0 [pid 5064] rmdir("./107/file0") = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] close(3) = 0 [pid 5064] rmdir("./107") = 0 [pid 5064] mkdir("./108", 0777) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5064] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5064] close(3) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6393 ./strace-static-x86_64: Process 6393 attached [pid 6393] chdir("./108") = 0 [pid 6393] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6393] setpgid(0, 0) = 0 [pid 6393] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6393] write(3, "1000", 4) = 4 [pid 6393] close(3) = 0 [pid 6393] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6393] memfd_create("syzkaller", 0) = 3 [pid 6393] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5069] <... umount2 resumed>) = 0 [pid 5069] umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./109/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./109/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, [pid 6393] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 5069] rmdir("./109/file0") = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./109") = 0 [pid 5069] mkdir("./110", 0777) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5069] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6394 ./strace-static-x86_64: Process 6394 attached [pid 6394] chdir("./110") = 0 [pid 6394] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6394] setpgid(0, 0) = 0 [pid 6394] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6384] <... sendfile resumed>) = 1048576 [pid 6394] write(3, "1000", 4) = 4 [pid 6394] close(3) = 0 [pid 6394] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6384] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6394] memfd_create("syzkaller", 0 [pid 6384] <... open resumed>) = -1 EFAULT (Bad address) [pid 6394] <... memfd_create resumed>) = 3 [pid 6384] exit_group(0 [pid 5066] <... umount2 resumed>) = 0 [pid 6394] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6393] <... write resumed>) = 2097152 [pid 6384] <... exit_group resumed>) = ? [pid 5066] umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6394] <... mmap resumed>) = 0x7fc0314e0000 [pid 6393] munmap(0x7fc0314e0000, 2097152 [pid 6384] +++ exited with 0 +++ [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6393] <... munmap resumed>) = 0 [pid 5066] lstat("./107/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6393] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6393] <... openat resumed>) = 4 [pid 5066] openat(AT_FDCWD, "./107/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6393] ioctl(4, LOOP_SET_FD, 3 [pid 5066] <... openat resumed>) = 4 [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6384, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 5066] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] umount2("./108", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] getdents64(4, [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] openat(AT_FDCWD, "./108", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] close(4) = 0 [pid 5068] <... openat resumed>) = 3 [pid 5066] rmdir("./107/file0" [pid 5068] fstat(3, [pid 5066] <... rmdir resumed>) = 0 [pid 5066] getdents64(3, [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] getdents64(3, [pid 5066] close(3 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] <... close resumed>) = 0 [pid 5068] umount2("./108/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] rmdir("./107" [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... rmdir resumed>) = 0 [pid 5068] lstat("./108/binderfs", [pid 5066] mkdir("./108", 0777 [pid 5068] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] <... mkdir resumed>) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5066] close(3 [pid 6394] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6393] <... ioctl resumed>) = 0 [pid 5068] unlink("./108/binderfs" [pid 5066] <... close resumed>) = 0 [pid 6393] close(3 [pid 5068] <... unlink resumed>) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6393] <... close resumed>) = 0 [pid 5068] umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6393] mkdir("./file0", 0777) = 0 [pid 5066] <... clone resumed>, child_tidptr=0x555556c965d0) = 6395 [pid 6393] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, ""./strace-static-x86_64: Process 6395 attached [ 289.784183][ T6393] loop0: detected capacity change from 0 to 4096 [pid 6395] chdir("./108") = 0 [pid 6395] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6395] setpgid(0, 0) = 0 [pid 6395] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6395] write(3, "1000", 4) = 4 [pid 6395] close(3) = 0 [pid 6395] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6395] memfd_create("syzkaller", 0) = 3 [pid 6395] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6394] <... write resumed>) = 2097152 [pid 6394] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6394] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [ 289.874771][ T6393] NILFS (loop0): invalid segment: Checksum error in segment payload [ 289.899486][ T6393] NILFS (loop0): trying rollback from an earlier position [pid 6394] ioctl(4, LOOP_SET_FD, 3 [pid 6395] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6394] <... ioctl resumed>) = 0 [pid 6394] close(3) = 0 [pid 6394] mkdir("./file0", 0777) = 0 [pid 6394] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6388] <... sendfile resumed>) = 1048576 [ 289.933258][ T6394] loop5: detected capacity change from 0 to 4096 [pid 6388] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6388] exit_group(0) = ? [pid 6388] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6388, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=22 /* 0.22 s */} --- [pid 5067] umount2("./109", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./109", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6395] <... write resumed>) = 2097152 [pid 6393] <... mount resumed>) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./109/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 289.982126][ T6394] NILFS (loop5): invalid segment: Checksum error in segment payload [ 289.992582][ T6393] NILFS (loop0): recovery complete [pid 5067] lstat("./109/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./109/binderfs" [pid 6393] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5067] <... unlink resumed>) = 0 [pid 6395] munmap(0x7fc0314e0000, 2097152 [pid 6393] <... openat resumed>) = 3 [pid 5067] umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6395] <... munmap resumed>) = 0 [pid 6393] chdir("./file0") = 0 [pid 6393] ioctl(4, LOOP_CLR_FD) = 0 [pid 6393] close(4) = 0 [pid 5068] <... umount2 resumed>) = 0 [pid 6393] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6395] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6393] <... open resumed>) = 4 [pid 6395] <... openat resumed>) = 4 [pid 6393] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6395] ioctl(4, LOOP_SET_FD, 3 [pid 6393] <... open resumed>) = 5 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./108/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./108/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6395] <... ioctl resumed>) = 0 [pid 6393] ftruncate(5, 33587195 [pid 5068] <... openat resumed>) = 4 [ 290.023382][ T6396] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 290.055307][ T6394] NILFS (loop5): trying rollback from an earlier position [pid 6395] close(3 [pid 6393] <... ftruncate resumed>) = 0 [pid 5068] fstat(4, [pid 6395] <... close resumed>) = 0 [pid 6393] sendfile(4, 5, NULL, 281474978811909 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6395] mkdir("./file0", 0777 [pid 5068] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6395] <... mkdir resumed>) = 0 [pid 5068] getdents64(4, [pid 6395] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5068] rmdir("./108/file0") = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5068] rmdir("./108") = 0 [pid 5068] mkdir("./109", 0777) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5068] close(3) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6397 ./strace-static-x86_64: Process 6397 attached [pid 6397] chdir("./109") = 0 [pid 6397] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6397] setpgid(0, 0) = 0 [pid 6397] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 290.087506][ T6395] loop2: detected capacity change from 0 to 4096 [pid 6397] write(3, "1000", 4) = 4 [pid 6397] close(3) = 0 [pid 6397] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6397] memfd_create("syzkaller", 0) = 3 [pid 6397] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 290.167955][ T6395] NILFS (loop2): invalid segment: Checksum error in segment payload [ 290.195956][ T6394] NILFS (loop5): recovery complete [ 290.206146][ T6395] NILFS (loop2): trying rollback from an earlier position [pid 6397] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6394] <... mount resumed>) = 0 [pid 6394] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6394] chdir("./file0") = 0 [pid 6394] ioctl(4, LOOP_CLR_FD) = 0 [pid 6394] close(4) = 0 [pid 6394] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6394] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6394] ftruncate(5, 33587195) = 0 [ 290.221675][ T6398] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6394] sendfile(4, 5, NULL, 281474978811909 [pid 5067] <... umount2 resumed>) = 0 [pid 5067] umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./109/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./109/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] fstat(4, [pid 6397] <... write resumed>) = 2097152 [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./109/file0") = 0 [pid 5067] getdents64(3, [ 290.341668][ T6395] NILFS (loop2): recovery complete [pid 6397] munmap(0x7fc0314e0000, 2097152 [pid 5067] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6397] <... munmap resumed>) = 0 [pid 5067] close(3) = 0 [pid 6397] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5067] rmdir("./109" [pid 6397] <... openat resumed>) = 4 [pid 5067] <... rmdir resumed>) = 0 [pid 6397] ioctl(4, LOOP_SET_FD, 3 [pid 5067] mkdir("./110", 0777 [pid 6395] <... mount resumed>) = 0 [pid 6395] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6395] chdir("./file0") = 0 [pid 6395] ioctl(4, LOOP_CLR_FD) = 0 [pid 6395] close(4) = 0 [pid 6395] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6391] <... sendfile resumed>) = 1048576 [pid 6395] <... open resumed>) = 4 [pid 6391] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5067] <... mkdir resumed>) = 0 [pid 6395] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6391] <... open resumed>) = -1 EFAULT (Bad address) [pid 6395] ftruncate(5, 33587195 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6395] <... ftruncate resumed>) = 0 [pid 6391] exit_group(0 [pid 5067] <... openat resumed>) = 3 [pid 6395] sendfile(4, 5, NULL, 281474978811909 [pid 5067] ioctl(3, LOOP_CLR_FD [pid 6391] <... exit_group resumed>) = ? [pid 5067] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6391] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6391, si_uid=0, si_status=0, si_utime=0, si_stime=22 /* 0.22 s */} --- [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5065] umount2("./107", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... clone resumed>, child_tidptr=0x555556c965d0) = 6400 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 6400 attached [pid 6397] <... ioctl resumed>) = 0 [pid 5065] openat(AT_FDCWD, "./107", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [ 290.371396][ T6399] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 290.391755][ T6397] loop4: detected capacity change from 0 to 4096 [pid 6400] chdir("./110" [pid 6397] close(3 [pid 5065] <... openat resumed>) = 3 [pid 6400] <... chdir resumed>) = 0 [pid 6397] <... close resumed>) = 0 [pid 5065] fstat(3, [pid 6400] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6397] mkdir("./file0", 0777 [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6400] <... prctl resumed>) = 0 [pid 6397] <... mkdir resumed>) = 0 [pid 5065] getdents64(3, [pid 6400] setpgid(0, 0 [pid 6397] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5065] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6400] <... setpgid resumed>) = 0 [pid 5065] umount2("./107/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6400] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./107/binderfs", [pid 6400] <... openat resumed>) = 3 [pid 5065] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] unlink("./107/binderfs" [pid 6400] write(3, "1000", 4) = 4 [pid 5065] <... unlink resumed>) = 0 [pid 6400] close(3) = 0 [pid 5065] umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6400] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6400] memfd_create("syzkaller", 0) = 3 [pid 6400] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 290.513891][ T6397] NILFS (loop4): invalid segment: Checksum error in segment payload [ 290.553346][ T6397] NILFS (loop4): trying rollback from an earlier position [pid 6400] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152 [pid 6400] munmap(0x7fc0314e0000, 2097152 [pid 6397] <... mount resumed>) = 0 [pid 6400] <... munmap resumed>) = 0 [pid 6397] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6400] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6397] <... openat resumed>) = 3 [pid 6397] chdir("./file0" [pid 6400] <... openat resumed>) = 4 [pid 6397] <... chdir resumed>) = 0 [pid 6400] ioctl(4, LOOP_SET_FD, 3 [pid 6397] ioctl(4, LOOP_CLR_FD) = 0 [ 290.616768][ T6397] NILFS (loop4): recovery complete [ 290.626088][ T6401] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6397] close(4) = 0 [pid 6397] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6397] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6400] <... ioctl resumed>) = 0 [pid 6400] close(3 [pid 6397] <... open resumed>) = 5 [pid 6400] <... close resumed>) = 0 [pid 6397] ftruncate(5, 33587195 [pid 5065] <... umount2 resumed>) = 0 [pid 6400] mkdir("./file0", 0777 [pid 6397] <... ftruncate resumed>) = 0 [pid 6400] <... mkdir resumed>) = 0 [pid 6397] sendfile(4, 5, NULL, 281474978811909 [pid 6400] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [ 290.674337][ T6400] loop3: detected capacity change from 0 to 4096 [pid 5065] umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./107/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./107/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [pid 5065] rmdir("./107/file0") = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 5065] rmdir("./107") = 0 [pid 5065] mkdir("./108", 0777) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 290.748249][ T6400] NILFS (loop3): invalid segment: Checksum error in segment payload [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6402 ./strace-static-x86_64: Process 6402 attached [pid 6402] chdir("./108") = 0 [pid 6402] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6402] setpgid(0, 0) = 0 [ 290.795600][ T6400] NILFS (loop3): trying rollback from an earlier position [pid 6402] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6402] write(3, "1000", 4) = 4 [pid 6402] close(3) = 0 [pid 6402] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6402] memfd_create("syzkaller", 0) = 3 [pid 6402] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 290.866022][ T6400] NILFS (loop3): recovery complete [pid 6402] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6400] <... mount resumed>) = 0 [pid 6400] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6400] chdir("./file0") = 0 [pid 6400] ioctl(4, LOOP_CLR_FD) = 0 [pid 6400] close(4) = 0 [pid 6400] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6400] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6400] ftruncate(5, 33587195) = 0 [ 290.920177][ T6403] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6400] sendfile(4, 5, NULL, 281474978811909 [pid 6402] <... write resumed>) = 2097152 [pid 6402] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6402] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6402] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6402] close(3) = 0 [pid 6402] mkdir("./file0", 0777) = 0 [ 291.055961][ T6402] loop1: detected capacity change from 0 to 4096 [ 291.156475][ T6402] NILFS (loop1): invalid segment: Checksum error in segment payload [ 291.164557][ T6402] NILFS (loop1): trying rollback from an earlier position [pid 6402] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6393] <... sendfile resumed>) = 1048576 [pid 6393] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6393] exit_group(0) = ? [pid 6402] <... mount resumed>) = 0 [pid 6393] +++ exited with 0 +++ [ 291.230666][ T6402] NILFS (loop1): recovery complete [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6393, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 6402] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6402] chdir("./file0") = 0 [pid 5064] umount2("./108", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6402] ioctl(4, LOOP_CLR_FD [pid 6395] <... sendfile resumed>) = 1048576 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6402] <... ioctl resumed>) = 0 [pid 6395] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6402] close(4 [pid 6395] <... open resumed>) = -1 EFAULT (Bad address) [pid 6402] <... close resumed>) = 0 [pid 6395] exit_group(0 [pid 5064] openat(AT_FDCWD, "./108", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6402] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6395] <... exit_group resumed>) = ? [pid 6402] <... open resumed>) = 4 [pid 6395] +++ exited with 0 +++ [pid 5064] <... openat resumed>) = 3 [pid 6402] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6402] ftruncate(5, 33587195 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6395, si_uid=0, si_status=0, si_utime=0, si_stime=22 /* 0.22 s */} --- [pid 5064] fstat(3, [pid 6402] <... ftruncate resumed>) = 0 [pid 5066] restart_syscall(<... resuming interrupted clone ...> [ 291.257877][ T6404] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6402] sendfile(4, 5, NULL, 281474978811909 [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6394] <... sendfile resumed>) = 1048576 [pid 5066] <... restart_syscall resumed>) = 0 [pid 5064] getdents64(3, [pid 6394] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5064] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6394] <... open resumed>) = -1 EFAULT (Bad address) [pid 5064] umount2("./108/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6394] exit_group(0 [pid 5066] umount2("./108", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6394] <... exit_group resumed>) = ? [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./108/binderfs", [pid 6394] +++ exited with 0 +++ [pid 5066] openat(AT_FDCWD, "./108", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] <... openat resumed>) = 3 [pid 5064] unlink("./108/binderfs" [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6394, si_uid=0, si_status=0, si_utime=0, si_stime=24 /* 0.24 s */} --- [pid 5066] fstat(3, [pid 5064] <... unlink resumed>) = 0 [pid 5069] umount2("./110", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] getdents64(3, [pid 5069] openat(AT_FDCWD, "./110", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] <... openat resumed>) = 3 [pid 5066] umount2("./108/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] fstat(3, [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] lstat("./108/binderfs", [pid 5069] getdents64(3, [pid 5066] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] unlink("./108/binderfs" [pid 5069] umount2("./110/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... unlink resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] lstat("./110/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./110/binderfs") = 0 [pid 5069] umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... umount2 resumed>) = 0 [pid 5064] umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./108/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] <... umount2 resumed>) = 0 [pid 5064] openat(AT_FDCWD, "./108/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5064] fstat(4, [pid 5066] <... umount2 resumed>) = 0 [pid 5069] umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] getdents64(4, [pid 5069] lstat("./110/file0", [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] lstat("./108/file0", [pid 5069] umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] close(4 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... close resumed>) = 0 [pid 5069] openat(AT_FDCWD, "./110/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] rmdir("./108/file0" [pid 5069] <... openat resumed>) = 4 [pid 5066] openat(AT_FDCWD, "./108/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] fstat(4, [pid 5066] <... openat resumed>) = 4 [pid 5064] <... rmdir resumed>) = 0 [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(4, [pid 5066] fstat(4, [pid 5064] getdents64(3, [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] getdents64(4, [pid 5066] getdents64(4, [pid 5064] close(3 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] <... close resumed>) = 0 [pid 5066] getdents64(4, [pid 5069] <... close resumed>) = 0 [pid 5069] rmdir("./110/file0" [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] rmdir("./108" [pid 5069] <... rmdir resumed>) = 0 [pid 5066] close(4 [pid 5069] getdents64(3, [pid 5064] <... rmdir resumed>) = 0 [pid 5069] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] <... close resumed>) = 0 [pid 5064] mkdir("./109", 0777 [pid 5069] close(3 [pid 5066] rmdir("./108/file0" [pid 5064] <... mkdir resumed>) = 0 [pid 5069] <... close resumed>) = 0 [pid 5066] <... rmdir resumed>) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5069] rmdir("./110" [pid 5066] getdents64(3, [pid 5069] <... rmdir resumed>) = 0 [pid 5066] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] <... openat resumed>) = 3 [pid 5069] mkdir("./111", 0777 [pid 5066] close(3 [pid 5064] ioctl(3, LOOP_CLR_FD [pid 5069] <... mkdir resumed>) = 0 [pid 5066] <... close resumed>) = 0 [pid 5064] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5066] rmdir("./108" [pid 5064] close(3 [pid 5069] <... openat resumed>) = 3 [pid 5066] <... rmdir resumed>) = 0 [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5066] mkdir("./109", 0777 [pid 5064] <... close resumed>) = 0 [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5069] close(3 [pid 5066] <... mkdir resumed>) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5069] <... close resumed>) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5066] <... openat resumed>) = 3 [pid 5064] <... clone resumed>, child_tidptr=0x555556c965d0) = 6405 [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 6406 [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5066] close(3) = 0 ./strace-static-x86_64: Process 6405 attached [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6406 attached [pid 6405] chdir("./109" [pid 6397] <... sendfile resumed>) = 1048576 [pid 6406] chdir("./111" [pid 6405] <... chdir resumed>) = 0 [pid 6397] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6406] <... chdir resumed>) = 0 [pid 6406] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6406] setpgid(0, 0 [pid 6405] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6397] <... open resumed>) = -1 EFAULT (Bad address) [pid 5066] <... clone resumed>, child_tidptr=0x555556c965d0) = 6407 [pid 6406] <... setpgid resumed>) = 0 [pid 6405] <... prctl resumed>) = 0 [pid 6397] exit_group(0 [pid 6406] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6405] setpgid(0, 0 [pid 6397] <... exit_group resumed>) = ? ./strace-static-x86_64: Process 6407 attached [pid 6406] <... openat resumed>) = 3 [pid 6405] <... setpgid resumed>) = 0 [pid 6406] write(3, "1000", 4 [pid 6397] +++ exited with 0 +++ [pid 6407] chdir("./109" [pid 6406] <... write resumed>) = 4 [pid 6405] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6397, si_uid=0, si_status=0, si_utime=0, si_stime=28 /* 0.28 s */} --- [pid 6407] <... chdir resumed>) = 0 [pid 6406] close(3 [pid 6405] <... openat resumed>) = 3 [pid 5068] restart_syscall(<... resuming interrupted clone ...> [pid 6407] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6406] <... close resumed>) = 0 [pid 6405] write(3, "1000", 4 [pid 5068] <... restart_syscall resumed>) = 0 [pid 6407] <... prctl resumed>) = 0 [pid 6406] symlink("/dev/binderfs", "./binderfs" [pid 6405] <... write resumed>) = 4 [pid 6407] setpgid(0, 0 [pid 6406] <... symlink resumed>) = 0 [pid 6405] close(3 [pid 6407] <... setpgid resumed>) = 0 [pid 6406] memfd_create("syzkaller", 0 [pid 6405] <... close resumed>) = 0 [pid 5068] umount2("./109", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6407] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6406] <... memfd_create resumed>) = 3 [pid 6405] symlink("/dev/binderfs", "./binderfs" [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6407] <... openat resumed>) = 3 [pid 6406] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6405] <... symlink resumed>) = 0 [pid 5068] openat(AT_FDCWD, "./109", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6407] write(3, "1000", 4 [pid 6406] <... mmap resumed>) = 0x7fc0314e0000 [pid 6405] memfd_create("syzkaller", 0 [pid 5068] <... openat resumed>) = 3 [pid 6407] <... write resumed>) = 4 [pid 6405] <... memfd_create resumed>) = 3 [pid 5068] fstat(3, [pid 6407] close(3 [pid 6405] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6407] <... close resumed>) = 0 [pid 6406] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6405] <... mmap resumed>) = 0x7fc0314e0000 [pid 5068] getdents64(3, [pid 6407] symlink("/dev/binderfs", "./binderfs" [pid 5068] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] umount2("./109/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./109/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] unlink("./109/binderfs") = 0 [pid 5068] umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6407] <... symlink resumed>) = 0 [pid 6407] memfd_create("syzkaller", 0) = 3 [pid 6407] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6407] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6405] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6406] <... write resumed>) = 2097152 [pid 6406] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6406] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 6406] ioctl(4, LOOP_SET_FD, 3 [pid 6405] <... write resumed>) = 2097152 [pid 6407] <... write resumed>) = 2097152 [pid 6405] munmap(0x7fc0314e0000, 2097152 [pid 6407] munmap(0x7fc0314e0000, 2097152 [pid 6406] <... ioctl resumed>) = 0 [pid 5068] <... umount2 resumed>) = 0 [pid 6407] <... munmap resumed>) = 0 [pid 6406] close(3 [pid 6405] <... munmap resumed>) = 0 [pid 6407] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6406] <... close resumed>) = 0 [pid 6405] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6407] <... openat resumed>) = 4 [pid 6406] mkdir("./file0", 0777 [pid 6405] <... openat resumed>) = 4 [pid 6407] ioctl(4, LOOP_SET_FD, 3 [pid 6406] <... mkdir resumed>) = 0 [pid 6405] ioctl(4, LOOP_SET_FD, 3 [ 291.961580][ T6406] loop5: detected capacity change from 0 to 4096 [pid 6406] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6407] <... ioctl resumed>) = 0 [pid 6405] <... ioctl resumed>) = 0 [pid 6407] close(3 [pid 6405] close(3 [pid 6407] <... close resumed>) = 0 [pid 6405] <... close resumed>) = 0 [pid 6407] mkdir("./file0", 0777 [pid 6405] mkdir("./file0", 0777 [pid 6407] <... mkdir resumed>) = 0 [pid 6407] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6405] <... mkdir resumed>) = 0 [pid 6405] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./109/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./109/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5068] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(4, [pid 6400] <... sendfile resumed>) = 1048576 [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6400] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5068] getdents64(4, [pid 6400] <... open resumed>) = -1 EFAULT (Bad address) [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6400] exit_group(0 [pid 5068] close(4 [pid 6400] <... exit_group resumed>) = ? [pid 5068] <... close resumed>) = 0 [pid 5068] rmdir("./109/file0" [pid 6400] +++ exited with 0 +++ [pid 5068] <... rmdir resumed>) = 0 [pid 5068] getdents64(3, [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6400, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=28 /* 0.28 s */} --- [pid 5068] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5067] umount2("./110", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] rmdir("./109" [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... rmdir resumed>) = 0 [pid 5067] openat(AT_FDCWD, "./110", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] mkdir("./110", 0777 [pid 5067] <... openat resumed>) = 3 [pid 5068] <... mkdir resumed>) = 0 [pid 5067] fstat(3, [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] <... openat resumed>) = 3 [ 292.022610][ T6407] loop2: detected capacity change from 0 to 4096 [ 292.029567][ T6405] loop0: detected capacity change from 0 to 4096 [ 292.042535][ T6406] NILFS (loop5): invalid segment: Checksum error in segment payload [pid 5067] getdents64(3, [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5067] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5067] umount2("./110/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] close(3 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... close resumed>) = 0 [pid 5067] lstat("./110/binderfs", [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5067] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./110/binderfs" [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 6408 [pid 5067] <... unlink resumed>) = 0 [pid 5067] umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6408 attached [pid 6408] chdir("./110") = 0 [pid 6408] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6408] setpgid(0, 0) = 0 [pid 6408] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6408] write(3, "1000", 4) = 4 [pid 6408] close(3) = 0 [pid 6408] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6408] memfd_create("syzkaller", 0 [pid 6402] <... sendfile resumed>) = 1048576 [pid 6408] <... memfd_create resumed>) = 3 [pid 6402] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6408] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6402] <... open resumed>) = -1 EFAULT (Bad address) [pid 6408] <... mmap resumed>) = 0x7fc0314e0000 [pid 6402] exit_group(0) = ? [pid 6402] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6402, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=18 /* 0.18 s */} --- [pid 5065] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5065] umount2("./108", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./108", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [ 292.100124][ T6405] NILFS (loop0): invalid segment: Checksum error in segment payload [ 292.108975][ T6407] NILFS (loop2): invalid segment: Checksum error in segment payload [ 292.122936][ T6406] NILFS (loop5): trying rollback from an earlier position [ 292.130999][ T6405] NILFS (loop0): trying rollback from an earlier position [ 292.138893][ T6407] NILFS (loop2): trying rollback from an earlier position [pid 5065] umount2("./108/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./108/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] unlink("./108/binderfs") = 0 [pid 5065] umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW [ 292.184847][ T6406] NILFS (loop5): recovery complete [pid 6408] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6407] <... mount resumed>) = 0 [pid 6407] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6406] <... mount resumed>) = 0 [pid 6407] <... openat resumed>) = 3 [pid 6406] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [ 292.214926][ T6405] NILFS (loop0): recovery complete [ 292.220932][ T6407] NILFS (loop2): recovery complete [ 292.232957][ T6410] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 292.244145][ T6409] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6407] chdir("./file0" [pid 6406] <... openat resumed>) = 3 [pid 6407] <... chdir resumed>) = 0 [pid 6406] chdir("./file0" [pid 6405] <... mount resumed>) = 0 [pid 5067] <... umount2 resumed>) = 0 [pid 6407] ioctl(4, LOOP_CLR_FD [pid 6406] <... chdir resumed>) = 0 [pid 6405] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5067] umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6407] <... ioctl resumed>) = 0 [pid 6406] ioctl(4, LOOP_CLR_FD [pid 6405] <... openat resumed>) = 3 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6407] close(4 [pid 6406] <... ioctl resumed>) = 0 [pid 6405] chdir("./file0" [pid 6407] <... close resumed>) = 0 [pid 6406] close(4 [pid 6405] <... chdir resumed>) = 0 [pid 5067] lstat("./110/file0", [pid 5065] <... umount2 resumed>) = 0 [pid 6407] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6406] <... close resumed>) = 0 [pid 6405] ioctl(4, LOOP_CLR_FD [pid 5067] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6407] <... open resumed>) = 4 [pid 6406] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6405] <... ioctl resumed>) = 0 [pid 5067] umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6407] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6406] <... open resumed>) = 4 [pid 6405] close(4 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./108/file0", [pid 6407] <... open resumed>) = 5 [ 292.259146][ T6411] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6406] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6405] <... close resumed>) = 0 [pid 5067] openat(AT_FDCWD, "./110/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6407] ftruncate(5, 33587195 [pid 6406] <... open resumed>) = 5 [pid 6405] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] <... openat resumed>) = 4 [pid 5065] umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6407] <... ftruncate resumed>) = 0 [pid 6406] ftruncate(5, 33587195 [pid 6405] <... open resumed>) = 4 [pid 5067] fstat(4, [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6407] sendfile(4, 5, NULL, 281474978811909 [pid 6406] <... ftruncate resumed>) = 0 [pid 6405] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] openat(AT_FDCWD, "./108/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6406] sendfile(4, 5, NULL, 281474978811909 [pid 6405] <... open resumed>) = 5 [pid 5067] getdents64(4, [pid 5065] <... openat resumed>) = 4 [pid 6405] ftruncate(5, 33587195 [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] fstat(4, [pid 6408] <... write resumed>) = 2097152 [pid 6405] <... ftruncate resumed>) = 0 [pid 5067] getdents64(4, [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6405] sendfile(4, 5, NULL, 281474978811909 [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] getdents64(4, [pid 6408] munmap(0x7fc0314e0000, 2097152 [pid 5067] close(4 [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6408] <... munmap resumed>) = 0 [pid 5067] <... close resumed>) = 0 [pid 5065] getdents64(4, [pid 5067] rmdir("./110/file0" [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6408] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5067] <... rmdir resumed>) = 0 [pid 5065] close(4 [pid 5067] getdents64(3, [pid 5065] <... close resumed>) = 0 [pid 5067] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] rmdir("./108/file0" [pid 6408] <... openat resumed>) = 4 [pid 5067] close(3 [pid 5065] <... rmdir resumed>) = 0 [pid 6408] ioctl(4, LOOP_SET_FD, 3 [pid 5067] <... close resumed>) = 0 [pid 5065] getdents64(3, [pid 5067] rmdir("./110" [pid 5065] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] <... rmdir resumed>) = 0 [pid 5065] close(3 [pid 5067] mkdir("./111", 0777 [pid 5065] <... close resumed>) = 0 [pid 5067] <... mkdir resumed>) = 0 [pid 5065] rmdir("./108" [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5065] <... rmdir resumed>) = 0 [pid 5067] <... openat resumed>) = 3 [pid 5065] mkdir("./109", 0777 [pid 5067] ioctl(3, LOOP_CLR_FD [pid 5065] <... mkdir resumed>) = 0 [pid 5067] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5067] close(3 [pid 5065] <... openat resumed>) = 3 [pid 5067] <... close resumed>) = 0 [pid 5065] ioctl(3, LOOP_CLR_FD [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5065] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5065] close(3 [pid 5067] <... clone resumed>, child_tidptr=0x555556c965d0) = 6412 [pid 5065] <... close resumed>) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6408] <... ioctl resumed>) = 0 [pid 5065] <... clone resumed>, child_tidptr=0x555556c965d0) = 6413 ./strace-static-x86_64: Process 6412 attached [pid 6408] close(3 [pid 6412] chdir("./111") = 0 [pid 6412] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6412] setpgid(0, 0) = 0 [pid 6408] <... close resumed>) = 0 [pid 6412] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6408] mkdir("./file0", 0777./strace-static-x86_64: Process 6413 attached [pid 6412] <... openat resumed>) = 3 [pid 6412] write(3, "1000", 4 [pid 6408] <... mkdir resumed>) = 0 [pid 6413] chdir("./109" [pid 6412] <... write resumed>) = 4 [pid 6408] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6413] <... chdir resumed>) = 0 [pid 6412] close(3 [pid 6413] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6412] <... close resumed>) = 0 [pid 6412] symlink("/dev/binderfs", "./binderfs" [pid 6413] <... prctl resumed>) = 0 [pid 6413] setpgid(0, 0 [pid 6412] <... symlink resumed>) = 0 [pid 6413] <... setpgid resumed>) = 0 [ 292.392127][ T6408] loop4: detected capacity change from 0 to 4096 [pid 6412] memfd_create("syzkaller", 0 [pid 6413] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6412] <... memfd_create resumed>) = 3 [pid 6413] <... openat resumed>) = 3 [pid 6412] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6413] write(3, "1000", 4 [pid 6412] <... mmap resumed>) = 0x7fc0314e0000 [pid 6413] <... write resumed>) = 4 [pid 6413] close(3) = 0 [pid 6413] symlink("/dev/binderfs", "./binderfs" [pid 6412] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6413] <... symlink resumed>) = 0 [pid 6413] memfd_create("syzkaller", 0) = 3 [pid 6413] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 292.474147][ T6408] NILFS (loop4): invalid segment: Checksum error in segment payload [ 292.537659][ T6408] NILFS (loop4): trying rollback from an earlier position [pid 6413] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6412] <... write resumed>) = 2097152 [ 292.621164][ T6408] NILFS (loop4): recovery complete [pid 6408] <... mount resumed>) = 0 [pid 6408] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6413] <... write resumed>) = 2097152 [pid 6412] munmap(0x7fc0314e0000, 2097152 [pid 6408] <... openat resumed>) = 3 [pid 6413] munmap(0x7fc0314e0000, 2097152 [pid 6412] <... munmap resumed>) = 0 [pid 6408] chdir("./file0" [pid 6413] <... munmap resumed>) = 0 [pid 6412] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6408] <... chdir resumed>) = 0 [pid 6413] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6412] <... openat resumed>) = 4 [pid 6408] ioctl(4, LOOP_CLR_FD [pid 6413] <... openat resumed>) = 4 [ 292.648399][ T6414] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6412] ioctl(4, LOOP_SET_FD, 3 [pid 6408] <... ioctl resumed>) = 0 [pid 6413] ioctl(4, LOOP_SET_FD, 3 [pid 6408] close(4 [pid 6413] <... ioctl resumed>) = 0 [pid 6408] <... close resumed>) = 0 [pid 6412] <... ioctl resumed>) = 0 [pid 6408] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6413] close(3 [pid 6412] close(3 [pid 6408] <... open resumed>) = 4 [pid 6413] <... close resumed>) = 0 [pid 6412] <... close resumed>) = 0 [pid 6408] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6413] mkdir("./file0", 0777 [pid 6412] mkdir("./file0", 0777 [pid 6408] <... open resumed>) = 5 [pid 6413] <... mkdir resumed>) = 0 [pid 6412] <... mkdir resumed>) = 0 [pid 6408] ftruncate(5, 33587195 [pid 6413] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6412] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6408] <... ftruncate resumed>) = 0 [ 292.705146][ T6412] loop3: detected capacity change from 0 to 4096 [ 292.717792][ T6413] loop1: detected capacity change from 0 to 4096 [ 292.799317][ T6412] NILFS (loop3): invalid segment: Checksum error in segment payload [ 292.810420][ T6413] NILFS (loop1): invalid segment: Checksum error in segment payload [ 292.823420][ T6412] NILFS (loop3): trying rollback from an earlier position [ 292.832315][ T6413] NILFS (loop1): trying rollback from an earlier position [pid 6408] sendfile(4, 5, NULL, 281474978811909 [pid 6413] <... mount resumed>) = 0 [pid 6413] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6413] chdir("./file0") = 0 [pid 6413] ioctl(4, LOOP_CLR_FD) = 0 [pid 6413] close(4) = 0 [ 292.896095][ T6413] NILFS (loop1): recovery complete [ 292.903160][ T6412] NILFS (loop3): recovery complete [ 292.911358][ T6415] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 292.936038][ T6416] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6413] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6412] <... mount resumed>) = 0 [pid 6413] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6412] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6413] <... open resumed>) = 5 [pid 6412] <... openat resumed>) = 3 [pid 6413] ftruncate(5, 33587195 [pid 6412] chdir("./file0" [pid 6413] <... ftruncate resumed>) = 0 [pid 6412] <... chdir resumed>) = 0 [pid 6413] sendfile(4, 5, NULL, 281474978811909 [pid 6412] ioctl(4, LOOP_CLR_FD) = 0 [pid 6412] close(4) = 0 [pid 6412] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6412] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6412] ftruncate(5, 33587195) = 0 [pid 6412] sendfile(4, 5, NULL, 281474978811909 [pid 6407] <... sendfile resumed>) = 1048576 [pid 6407] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6407] exit_group(0) = ? [pid 6407] +++ exited with 0 +++ [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6407, si_uid=0, si_status=0, si_utime=0, si_stime=31 /* 0.31 s */} --- [pid 5066] umount2("./109", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./109", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5066] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] umount2("./109/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./109/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] unlink("./109/binderfs") = 0 [pid 5066] umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6406] <... sendfile resumed>) = 1048576 [pid 6406] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6406] exit_group(0) = ? [pid 6406] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6406, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 5069] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5069] umount2("./111", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./111", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./111/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./111/binderfs", [pid 6405] <... sendfile resumed>) = 1048576 [pid 5069] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6405] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5069] unlink("./111/binderfs" [pid 6405] <... open resumed>) = -1 EFAULT (Bad address) [pid 5069] <... unlink resumed>) = 0 [pid 6405] exit_group(0 [pid 5069] umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6405] <... exit_group resumed>) = ? [pid 6405] +++ exited with 0 +++ [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6405, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5064] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5064] umount2("./109", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./109", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5064] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] umount2("./109/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./109/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] unlink("./109/binderfs") = 0 [pid 5064] umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... umount2 resumed>) = 0 [pid 5066] umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./109/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./109/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 5066] rmdir("./109/file0") = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./109") = 0 [pid 5066] mkdir("./110", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5066] close(3) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6417 ./strace-static-x86_64: Process 6417 attached [pid 6417] chdir("./110") = 0 [pid 5069] <... umount2 resumed>) = 0 [pid 6417] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6417] setpgid(0, 0 [pid 5069] umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6417] <... setpgid resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6417] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5069] lstat("./111/file0", [pid 6417] <... openat resumed>) = 3 [pid 5069] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6417] write(3, "1000", 4 [pid 5069] umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6417] <... write resumed>) = 4 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6417] close(3 [pid 5069] openat(AT_FDCWD, "./111/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6417] <... close resumed>) = 0 [pid 5069] <... openat resumed>) = 4 [pid 6417] symlink("/dev/binderfs", "./binderfs" [pid 5069] fstat(4, [pid 6417] <... symlink resumed>) = 0 [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] <... umount2 resumed>) = 0 [pid 6417] memfd_create("syzkaller", 0 [pid 5069] getdents64(4, [pid 6417] <... memfd_create resumed>) = 3 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6417] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5069] getdents64(4, [pid 6417] <... mmap resumed>) = 0x7fc0314e0000 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4 [pid 5064] umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... close resumed>) = 0 [pid 5069] rmdir("./111/file0" [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... rmdir resumed>) = 0 [pid 5069] getdents64(3, [pid 5064] lstat("./109/file0", [pid 5069] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3 [pid 5064] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] <... close resumed>) = 0 [pid 5064] umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] rmdir("./111" [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... rmdir resumed>) = 0 [pid 5064] openat(AT_FDCWD, "./109/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] mkdir("./112", 0777 [pid 5064] <... openat resumed>) = 4 [pid 5069] <... mkdir resumed>) = 0 [pid 5064] fstat(4, [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] <... openat resumed>) = 3 [pid 5064] getdents64(4, [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5064] getdents64(4, [pid 5069] close(3 [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] <... close resumed>) = 0 [pid 5064] close(4 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5064] <... close resumed>) = 0 [pid 5064] rmdir("./109/file0" [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 6418 [pid 5064] <... rmdir resumed>) = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6417] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5064] close(3) = 0 ./strace-static-x86_64: Process 6418 attached [pid 5064] rmdir("./109" [pid 6418] chdir("./112" [pid 5064] <... rmdir resumed>) = 0 [pid 6418] <... chdir resumed>) = 0 [pid 5064] mkdir("./110", 0777 [pid 6418] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5064] <... mkdir resumed>) = 0 [pid 6418] <... prctl resumed>) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6418] setpgid(0, 0 [pid 5064] <... openat resumed>) = 3 [pid 6418] <... setpgid resumed>) = 0 [pid 5064] ioctl(3, LOOP_CLR_FD [pid 6418] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5064] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6418] <... openat resumed>) = 3 [pid 5064] close(3 [pid 6418] write(3, "1000", 4 [pid 5064] <... close resumed>) = 0 [pid 6418] <... write resumed>) = 4 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6418] close(3) = 0 [pid 5064] <... clone resumed>, child_tidptr=0x555556c965d0) = 6419 [pid 6418] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6418] memfd_create("syzkaller", 0) = 3 [pid 6418] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0./strace-static-x86_64: Process 6419 attached ) = 0x7fc0314e0000 [pid 6419] chdir("./110" [pid 6408] <... sendfile resumed>) = 1048576 [pid 6419] <... chdir resumed>) = 0 [pid 6419] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6419] setpgid(0, 0) = 0 [pid 6419] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6408] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6419] <... openat resumed>) = 3 [pid 6408] <... open resumed>) = -1 EFAULT (Bad address) [pid 6419] write(3, "1000", 4 [pid 6408] exit_group(0 [pid 6419] <... write resumed>) = 4 [pid 6418] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6417] <... write resumed>) = 2097152 [pid 6408] <... exit_group resumed>) = ? [pid 6419] close(3 [pid 6417] munmap(0x7fc0314e0000, 2097152 [pid 6408] +++ exited with 0 +++ [pid 6419] <... close resumed>) = 0 [pid 6419] symlink("/dev/binderfs", "./binderfs" [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6408, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=25 /* 0.25 s */} --- [pid 5068] restart_syscall(<... resuming interrupted clone ...> [pid 6419] <... symlink resumed>) = 0 [pid 6417] <... munmap resumed>) = 0 [pid 5068] <... restart_syscall resumed>) = 0 [pid 6417] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5068] umount2("./110", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6419] memfd_create("syzkaller", 0 [pid 6417] <... openat resumed>) = 4 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6417] ioctl(4, LOOP_SET_FD, 3 [pid 5068] openat(AT_FDCWD, "./110", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6419] <... memfd_create resumed>) = 3 [pid 5068] <... openat resumed>) = 3 [pid 5068] fstat(3, [pid 6419] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(3, [pid 6417] <... ioctl resumed>) = 0 [pid 6417] close(3 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6417] <... close resumed>) = 0 [pid 5068] umount2("./110/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6419] <... mmap resumed>) = 0x7fc0314e0000 [pid 6417] mkdir("./file0", 0777 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./110/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] unlink("./110/binderfs" [pid 6417] <... mkdir resumed>) = 0 [pid 5068] <... unlink resumed>) = 0 [pid 5068] umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW [ 293.892510][ T6417] loop2: detected capacity change from 0 to 4096 [ 293.928043][ T6417] NILFS (loop2): invalid segment: Checksum error in segment payload [pid 6417] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6419] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6418] <... write resumed>) = 2097152 [pid 6418] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6418] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 6418] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6418] close(3) = 0 [pid 6418] mkdir("./file0", 0777) = 0 [ 293.944198][ T6417] NILFS (loop2): trying rollback from an earlier position [ 293.979267][ T6418] loop5: detected capacity change from 0 to 4096 [pid 6418] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6419] <... write resumed>) = 2097152 [ 294.024959][ T6417] NILFS (loop2): recovery complete [pid 6419] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6419] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6419] ioctl(4, LOOP_SET_FD, 3 [pid 6417] <... mount resumed>) = 0 [pid 6417] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6417] chdir("./file0") = 0 [pid 6417] ioctl(4, LOOP_CLR_FD) = 0 [pid 6417] close(4) = 0 [pid 6419] <... ioctl resumed>) = 0 [pid 6417] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6419] close(3 [pid 6417] <... open resumed>) = 4 [pid 6417] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6419] <... close resumed>) = 0 [pid 6417] <... open resumed>) = 5 [pid 6417] ftruncate(5, 33587195) = 0 [ 294.051860][ T6418] NILFS (loop5): invalid segment: Checksum error in segment payload [ 294.080479][ T6419] loop0: detected capacity change from 0 to 4096 [ 294.086806][ T6420] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6419] mkdir("./file0", 0777 [pid 6417] sendfile(4, 5, NULL, 281474978811909 [pid 6419] <... mkdir resumed>) = 0 [pid 6419] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] <... umount2 resumed>) = 0 [pid 5068] umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./110/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./110/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6412] <... sendfile resumed>) = 1048576 [pid 5068] <... openat resumed>) = 4 [pid 5068] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6412] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5068] getdents64(4, [pid 6412] <... open resumed>) = -1 EFAULT (Bad address) [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6413] <... sendfile resumed>) = 1048576 [pid 5068] getdents64(4, [pid 6412] exit_group(0 [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6413] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6412] <... exit_group resumed>) = ? [pid 6413] <... open resumed>) = -1 EFAULT (Bad address) [pid 6413] exit_group(0) = ? [pid 6413] +++ exited with 0 +++ [pid 6412] +++ exited with 0 +++ [pid 5068] close(4) = 0 [pid 5068] rmdir("./110/file0" [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6412, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6413, si_uid=0, si_status=0, si_utime=0, si_stime=24 /* 0.24 s */} --- [pid 5068] <... rmdir resumed>) = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] close(3 [pid 5067] umount2("./111", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... close resumed>) = 0 [pid 5065] umount2("./109", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] rmdir("./110" [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./111", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] <... rmdir resumed>) = 0 [pid 5065] openat(AT_FDCWD, "./109", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [ 294.125004][ T6418] NILFS (loop5): trying rollback from an earlier position [pid 5068] mkdir("./111", 0777 [pid 5067] <... openat resumed>) = 3 [pid 5068] <... mkdir resumed>) = 0 [pid 5067] fstat(3, [pid 5065] <... openat resumed>) = 3 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] <... openat resumed>) = 3 [pid 5065] fstat(3, [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5067] getdents64(3, [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] close(3) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5067] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] getdents64(3, [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 6421 [pid 5067] umount2("./111/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./111/binderfs", [pid 5065] umount2("./109/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] unlink("./111/binderfs" [pid 5065] lstat("./109/binderfs", [pid 5067] <... unlink resumed>) = 0 ./strace-static-x86_64: Process 6421 attached [pid 5065] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] unlink("./109/binderfs" [pid 6421] chdir("./111") = 0 [pid 5065] <... unlink resumed>) = 0 [pid 6421] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5065] umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6421] <... prctl resumed>) = 0 [pid 6421] setpgid(0, 0) = 0 [pid 6421] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6421] write(3, "1000", 4) = 4 [pid 6421] close(3) = 0 [ 294.173435][ T6419] NILFS (loop0): invalid segment: Checksum error in segment payload [pid 6421] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6421] memfd_create("syzkaller", 0) = 3 [pid 6421] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6418] <... mount resumed>) = 0 [pid 6418] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6418] chdir("./file0") = 0 [pid 6418] ioctl(4, LOOP_CLR_FD) = 0 [ 294.217280][ T6418] NILFS (loop5): recovery complete [ 294.227004][ T6419] NILFS (loop0): trying rollback from an earlier position [ 294.255633][ T6422] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6418] close(4) = 0 [pid 6421] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6419] <... mount resumed>) = 0 [pid 6418] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6419] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6418] <... open resumed>) = 4 [pid 6419] <... openat resumed>) = 3 [pid 6418] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6419] chdir("./file0" [pid 6418] <... open resumed>) = 5 [pid 6419] <... chdir resumed>) = 0 [pid 6418] ftruncate(5, 33587195 [pid 6419] ioctl(4, LOOP_CLR_FD [pid 6418] <... ftruncate resumed>) = 0 [pid 6419] <... ioctl resumed>) = 0 [pid 6418] sendfile(4, 5, NULL, 281474978811909 [pid 6419] close(4) = 0 [pid 6419] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6419] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6419] ftruncate(5, 33587195) = 0 [ 294.275783][ T6419] NILFS (loop0): recovery complete [ 294.289919][ T6423] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6419] sendfile(4, 5, NULL, 281474978811909 [pid 5065] <... umount2 resumed>) = 0 [pid 5065] umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./109/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./109/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] close(4 [pid 6421] <... write resumed>) = 2097152 [pid 5067] <... umount2 resumed>) = 0 [pid 5065] <... close resumed>) = 0 [pid 6421] munmap(0x7fc0314e0000, 2097152 [pid 5065] rmdir("./109/file0") = 0 [pid 6421] <... munmap resumed>) = 0 [pid 5065] getdents64(3, [pid 6421] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5065] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6421] ioctl(4, LOOP_SET_FD, 3 [pid 5065] close(3 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./111/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] <... close resumed>) = 0 [pid 5067] umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./111/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./111/file0") = 0 [pid 5065] rmdir("./109" [pid 5067] getdents64(3, [pid 5065] <... rmdir resumed>) = 0 [pid 5067] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3 [pid 5065] mkdir("./110", 0777 [pid 6421] <... ioctl resumed>) = 0 [pid 5067] <... close resumed>) = 0 [pid 6421] close(3 [pid 5067] rmdir("./111" [pid 5065] <... mkdir resumed>) = 0 [pid 6421] <... close resumed>) = 0 [pid 5067] <... rmdir resumed>) = 0 [pid 6421] mkdir("./file0", 0777 [pid 5067] mkdir("./112", 0777 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6421] <... mkdir resumed>) = 0 [pid 5067] <... mkdir resumed>) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6421] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5067] <... openat resumed>) = 3 [pid 5065] <... openat resumed>) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5065] ioctl(3, LOOP_CLR_FD [pid 5067] close(3 [pid 5065] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5067] <... close resumed>) = 0 [pid 5065] close(3 [ 294.474977][ T6421] loop4: detected capacity change from 0 to 4096 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5065] <... close resumed>) = 0 [pid 5067] <... clone resumed>, child_tidptr=0x555556c965d0) = 6424 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6424 attached , child_tidptr=0x555556c965d0) = 6425 [pid 6424] chdir("./112") = 0 ./strace-static-x86_64: Process 6425 attached [pid 6424] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6425] chdir("./110" [pid 6424] setpgid(0, 0 [pid 6425] <... chdir resumed>) = 0 [pid 6424] <... setpgid resumed>) = 0 [pid 6425] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6424] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6425] setpgid(0, 0 [pid 6424] <... openat resumed>) = 3 [pid 6425] <... setpgid resumed>) = 0 [pid 6424] write(3, "1000", 4) = 4 [pid 6425] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6424] close(3 [pid 6425] <... openat resumed>) = 3 [pid 6424] <... close resumed>) = 0 [pid 6425] write(3, "1000", 4 [pid 6424] symlink("/dev/binderfs", "./binderfs" [pid 6425] <... write resumed>) = 4 [pid 6424] <... symlink resumed>) = 0 [pid 6425] close(3 [pid 6424] memfd_create("syzkaller", 0 [pid 6425] <... close resumed>) = 0 [pid 6424] <... memfd_create resumed>) = 3 [pid 6424] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [ 294.552768][ T6421] NILFS (loop4): invalid segment: Checksum error in segment payload [pid 6425] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6424] <... mmap resumed>) = 0x7fc0314e0000 [pid 6425] memfd_create("syzkaller", 0) = 3 [pid 6425] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 294.611021][ T6421] NILFS (loop4): trying rollback from an earlier position [pid 6424] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6425] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6424] <... write resumed>) = 2097152 [ 294.709856][ T6421] NILFS (loop4): recovery complete [pid 6424] munmap(0x7fc0314e0000, 2097152 [pid 6425] <... write resumed>) = 2097152 [pid 6425] munmap(0x7fc0314e0000, 2097152 [pid 6424] <... munmap resumed>) = 0 [pid 6424] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6425] <... munmap resumed>) = 0 [pid 6424] <... openat resumed>) = 4 [pid 6425] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6424] ioctl(4, LOOP_SET_FD, 3 [pid 6421] <... mount resumed>) = 0 [pid 6425] <... openat resumed>) = 4 [pid 6421] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6425] ioctl(4, LOOP_SET_FD, 3 [pid 6421] <... openat resumed>) = 3 [pid 6421] chdir("./file0") = 0 [pid 6424] <... ioctl resumed>) = 0 [pid 6421] ioctl(4, LOOP_CLR_FD [pid 6424] close(3) = 0 [pid 6421] <... ioctl resumed>) = 0 [pid 6424] mkdir("./file0", 0777 [pid 6421] close(4 [pid 6424] <... mkdir resumed>) = 0 [pid 6421] <... close resumed>) = 0 [pid 6424] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6421] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6421] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6421] ftruncate(5, 33587195) = 0 [pid 6421] sendfile(4, 5, NULL, 281474978811909 [pid 6425] <... ioctl resumed>) = 0 [pid 6425] close(3) = 0 [ 294.780305][ T6426] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 294.791985][ T6424] loop3: detected capacity change from 0 to 4096 [ 294.800748][ T6425] loop1: detected capacity change from 0 to 4096 [pid 6425] mkdir("./file0", 0777) = 0 [ 294.875885][ T6424] NILFS (loop3): invalid segment: Checksum error in segment payload [ 294.891311][ T6425] NILFS (loop1): invalid segment: Checksum error in segment payload [ 294.908917][ T6424] NILFS (loop3): trying rollback from an earlier position [ 294.940936][ T6425] NILFS (loop1): trying rollback from an earlier position [ 295.012215][ T6424] NILFS (loop3): recovery complete [ 295.014335][ T6425] NILFS (loop1): recovery complete [pid 6425] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6424] <... mount resumed>) = 0 [pid 6424] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6424] chdir("./file0") = 0 [pid 6424] ioctl(4, LOOP_CLR_FD [pid 6425] <... mount resumed>) = 0 [pid 6424] <... ioctl resumed>) = 0 [pid 6425] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6424] close(4 [pid 6425] <... openat resumed>) = 3 [pid 6424] <... close resumed>) = 0 [pid 6424] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6425] chdir("./file0") = 0 [pid 6424] <... open resumed>) = 4 [pid 6424] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6425] ioctl(4, LOOP_CLR_FD) = 0 [pid 6424] <... open resumed>) = 5 [pid 6425] close(4 [pid 6424] ftruncate(5, 33587195 [pid 6425] <... close resumed>) = 0 [pid 6424] <... ftruncate resumed>) = 0 [pid 6425] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6424] sendfile(4, 5, NULL, 281474978811909 [pid 6425] <... open resumed>) = 4 [pid 6425] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6425] ftruncate(5, 33587195) = 0 [ 295.052226][ T6427] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 295.075684][ T6428] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6425] sendfile(4, 5, NULL, 281474978811909 [pid 6417] <... sendfile resumed>) = 1048576 [pid 6417] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6417] exit_group(0) = ? [pid 6417] +++ exited with 0 +++ [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6417, si_uid=0, si_status=0, si_utime=0, si_stime=33 /* 0.33 s */} --- [pid 5066] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5066] umount2("./110", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./110", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5066] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] umount2("./110/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./110/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] unlink("./110/binderfs") = 0 [pid 5066] umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6418] <... sendfile resumed>) = 1048576 [pid 6418] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6418] exit_group(0) = ? [pid 6418] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6418, si_uid=0, si_status=0, si_utime=0, si_stime=24 /* 0.24 s */} --- [pid 5069] umount2("./112", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./112", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./112/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./112/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./112/binderfs") = 0 [pid 5069] umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6419] <... sendfile resumed>) = 1048576 [pid 6419] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6419] exit_group(0) = ? [pid 6419] +++ exited with 0 +++ [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6419, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=23 /* 0.23 s */} --- [pid 5064] umount2("./110", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./110", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5064] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] umount2("./110/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./110/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] <... umount2 resumed>) = 0 [pid 5064] unlink("./110/binderfs") = 0 [pid 5064] umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... umount2 resumed>) = 0 [pid 5066] umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./110/file0", [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] lstat("./112/file0", [pid 5066] umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] openat(AT_FDCWD, "./110/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... openat resumed>) = 4 [pid 5069] openat(AT_FDCWD, "./112/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] fstat(4, [pid 5069] <... openat resumed>) = 4 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] fstat(4, [pid 5066] getdents64(4, [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, [pid 5066] getdents64(4, [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] getdents64(4, [pid 5066] close(4 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] <... close resumed>) = 0 [pid 5069] close(4 [pid 5066] rmdir("./110/file0" [pid 5069] <... close resumed>) = 0 [pid 5066] <... rmdir resumed>) = 0 [pid 5069] rmdir("./112/file0" [pid 5066] getdents64(3, [pid 5069] <... rmdir resumed>) = 0 [pid 5069] getdents64(3, [pid 5066] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] close(3 [pid 5069] close(3 [pid 5066] <... close resumed>) = 0 [pid 5069] <... close resumed>) = 0 [pid 5066] rmdir("./110" [pid 5069] rmdir("./112" [pid 5066] <... rmdir resumed>) = 0 [pid 5069] <... rmdir resumed>) = 0 [pid 5066] mkdir("./111", 0777 [pid 5069] mkdir("./113", 0777 [pid 5066] <... mkdir resumed>) = 0 [pid 5069] <... mkdir resumed>) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5066] <... openat resumed>) = 3 [pid 5069] <... openat resumed>) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5066] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5066] close(3 [pid 5069] close(3 [pid 5066] <... close resumed>) = 0 [pid 5069] <... close resumed>) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5066] <... clone resumed>, child_tidptr=0x555556c965d0) = 6429 [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 6430 ./strace-static-x86_64: Process 6429 attached ./strace-static-x86_64: Process 6430 attached [pid 6429] chdir("./111" [pid 6430] chdir("./113" [pid 6429] <... chdir resumed>) = 0 [pid 6430] <... chdir resumed>) = 0 [pid 6429] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6430] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6429] <... prctl resumed>) = 0 [pid 6430] <... prctl resumed>) = 0 [pid 6429] setpgid(0, 0 [pid 6430] setpgid(0, 0 [pid 6429] <... setpgid resumed>) = 0 [pid 6430] <... setpgid resumed>) = 0 [pid 6429] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6430] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6429] <... openat resumed>) = 3 [pid 6430] <... openat resumed>) = 3 [pid 6429] write(3, "1000", 4 [pid 6430] write(3, "1000", 4 [pid 6429] <... write resumed>) = 4 [pid 6421] <... sendfile resumed>) = 1048576 [pid 6430] <... write resumed>) = 4 [pid 6429] close(3 [pid 6421] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6430] close(3 [pid 6429] <... close resumed>) = 0 [pid 6421] <... open resumed>) = -1 EFAULT (Bad address) [pid 6430] <... close resumed>) = 0 [pid 6429] symlink("/dev/binderfs", "./binderfs" [pid 6421] exit_group(0 [pid 6430] symlink("/dev/binderfs", "./binderfs" [pid 6429] <... symlink resumed>) = 0 [pid 6421] <... exit_group resumed>) = ? [pid 6430] <... symlink resumed>) = 0 [pid 6429] memfd_create("syzkaller", 0 [pid 6430] memfd_create("syzkaller", 0 [pid 6429] <... memfd_create resumed>) = 3 [pid 6421] +++ exited with 0 +++ [pid 6430] <... memfd_create resumed>) = 3 [pid 6429] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6430] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6429] <... mmap resumed>) = 0x7fc0314e0000 [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6421, si_uid=0, si_status=0, si_utime=0, si_stime=30 /* 0.30 s */} --- [pid 6430] <... mmap resumed>) = 0x7fc0314e0000 [pid 5068] umount2("./111", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./111", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] umount2("./111/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./111/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] unlink("./111/binderfs") = 0 [pid 5068] umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6430] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5064] <... umount2 resumed>) = 0 [pid 5064] umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./110/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6429] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5064] umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./110/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5064] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] close(4) = 0 [pid 5064] rmdir("./110/file0") = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] close(3) = 0 [pid 5064] rmdir("./110") = 0 [pid 5064] mkdir("./111", 0777) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5064] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5064] close(3) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6431 ./strace-static-x86_64: Process 6431 attached [pid 6431] chdir("./111") = 0 [pid 6429] <... write resumed>) = 2097152 [pid 6431] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6429] munmap(0x7fc0314e0000, 2097152 [pid 6431] setpgid(0, 0 [pid 6429] <... munmap resumed>) = 0 [pid 6431] <... setpgid resumed>) = 0 [pid 6430] <... write resumed>) = 2097152 [pid 6429] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6431] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6429] <... openat resumed>) = 4 [pid 6431] <... openat resumed>) = 3 [pid 6429] ioctl(4, LOOP_SET_FD, 3 [pid 6431] write(3, "1000", 4 [pid 6430] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6430] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 6430] ioctl(4, LOOP_SET_FD, 3 [pid 6431] <... write resumed>) = 4 [pid 6430] <... ioctl resumed>) = 0 [pid 6429] <... ioctl resumed>) = 0 [pid 6431] close(3 [pid 6429] close(3 [pid 6431] <... close resumed>) = 0 [pid 6429] <... close resumed>) = 0 [pid 6431] symlink("/dev/binderfs", "./binderfs" [pid 6429] mkdir("./file0", 0777 [pid 6431] <... symlink resumed>) = 0 [pid 6431] memfd_create("syzkaller", 0 [pid 6429] <... mkdir resumed>) = 0 [pid 6431] <... memfd_create resumed>) = 3 [pid 6429] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6431] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6430] close(3) = 0 [pid 6430] mkdir("./file0", 0777) = 0 [pid 6430] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] <... umount2 resumed>) = 0 [ 295.976841][ T6429] loop2: detected capacity change from 0 to 4096 [ 295.987447][ T6430] loop5: detected capacity change from 0 to 4096 [pid 5068] umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./111/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6425] <... sendfile resumed>) = 1048576 [pid 5068] umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6425] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6425] <... open resumed>) = -1 EFAULT (Bad address) [pid 6431] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6425] exit_group(0 [pid 5068] openat(AT_FDCWD, "./111/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6425] <... exit_group resumed>) = ? [pid 5068] <... openat resumed>) = 4 [pid 5068] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(4, [pid 6425] +++ exited with 0 +++ [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6425, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=27 /* 0.27 s */} --- [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [ 296.044244][ T6430] NILFS (loop5): invalid segment: Checksum error in segment payload [ 296.052245][ T6429] NILFS (loop2): invalid segment: Checksum error in segment payload [pid 5065] umount2("./110", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] rmdir("./111/file0" [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... rmdir resumed>) = 0 [pid 5065] openat(AT_FDCWD, "./110", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] getdents64(3, [pid 5065] <... openat resumed>) = 3 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] fstat(3, [pid 5068] close(3 [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] <... close resumed>) = 0 [pid 5065] getdents64(3, [pid 5068] rmdir("./111" [pid 5065] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] <... rmdir resumed>) = 0 [pid 5065] umount2("./110/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] mkdir("./112", 0777 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... mkdir resumed>) = 0 [pid 5065] lstat("./110/binderfs", [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5065] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] <... openat resumed>) = 3 [pid 5065] unlink("./110/binderfs" [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5065] <... unlink resumed>) = 0 [pid 6431] <... write resumed>) = 2097152 [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [ 296.095571][ T6429] NILFS (loop2): trying rollback from an earlier position [ 296.102386][ T6430] NILFS (loop5): trying rollback from an earlier position [ 296.133751][ T6429] NILFS (loop2): recovery complete [pid 5065] umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6431] munmap(0x7fc0314e0000, 2097152 [pid 5068] close(3 [pid 6431] <... munmap resumed>) = 0 [pid 6429] <... mount resumed>) = 0 [pid 5068] <... close resumed>) = 0 [pid 6431] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6429] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6424] <... sendfile resumed>) = 1048576 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6431] <... openat resumed>) = 4 [pid 6429] <... openat resumed>) = 3 [pid 6424] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY./strace-static-x86_64: Process 6434 attached [pid 6431] ioctl(4, LOOP_SET_FD, 3 [pid 6429] chdir("./file0" [pid 6424] <... open resumed>) = -1 EFAULT (Bad address) [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 6434 [pid 6431] <... ioctl resumed>) = 0 [pid 6434] chdir("./112" [pid 6431] close(3 [pid 6430] <... mount resumed>) = 0 [pid 6429] <... chdir resumed>) = 0 [pid 6424] exit_group(0 [pid 6434] <... chdir resumed>) = 0 [pid 6431] <... close resumed>) = 0 [pid 6430] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6429] ioctl(4, LOOP_CLR_FD [pid 6424] <... exit_group resumed>) = ? [pid 6434] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6431] mkdir("./file0", 0777 [pid 6430] <... openat resumed>) = 3 [pid 6429] <... ioctl resumed>) = 0 [pid 6434] <... prctl resumed>) = 0 [pid 6430] chdir("./file0" [pid 6424] +++ exited with 0 +++ [pid 6434] setpgid(0, 0 [pid 6431] <... mkdir resumed>) = 0 [pid 6430] <... chdir resumed>) = 0 [pid 6429] close(4 [pid 6434] <... setpgid resumed>) = 0 [pid 6431] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6430] ioctl(4, LOOP_CLR_FD [pid 6429] <... close resumed>) = 0 [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6424, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=26 /* 0.26 s */} --- [pid 6434] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6430] <... ioctl resumed>) = 0 [pid 6429] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] restart_syscall(<... resuming interrupted clone ...> [pid 6430] close(4 [pid 6434] <... openat resumed>) = 3 [pid 5067] <... restart_syscall resumed>) = 0 [pid 6434] write(3, "1000", 4 [pid 6430] <... close resumed>) = 0 [pid 6429] <... open resumed>) = 4 [pid 6434] <... write resumed>) = 4 [pid 6430] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6429] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6434] close(3 [pid 5067] umount2("./112", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6434] <... close resumed>) = 0 [pid 6429] <... open resumed>) = 5 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6430] <... open resumed>) = 4 [pid 6434] symlink("/dev/binderfs", "./binderfs" [pid 6430] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6429] ftruncate(5, 33587195 [pid 5067] openat(AT_FDCWD, "./112", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6434] <... symlink resumed>) = 0 [pid 6430] <... open resumed>) = 5 [pid 6429] <... ftruncate resumed>) = 0 [pid 5067] <... openat resumed>) = 3 [pid 6434] memfd_create("syzkaller", 0 [pid 6430] ftruncate(5, 33587195 [ 296.156399][ T6430] NILFS (loop5): recovery complete [ 296.162660][ T6432] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 296.185781][ T6431] loop0: detected capacity change from 0 to 4096 [ 296.192776][ T6433] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6429] sendfile(4, 5, NULL, 281474978811909 [pid 5067] fstat(3, [pid 6434] <... memfd_create resumed>) = 3 [pid 6430] <... ftruncate resumed>) = 0 [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6430] sendfile(4, 5, NULL, 281474978811909 [pid 6434] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5067] getdents64(3, [pid 6434] <... mmap resumed>) = 0x7fc0314e0000 [pid 5067] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./112/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./112/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./112/binderfs") = 0 [pid 5067] umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... umount2 resumed>) = 0 [pid 5065] umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6434] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./110/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./110/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [pid 5065] rmdir("./110/file0") = 0 [ 296.280281][ T6431] NILFS (loop0): invalid segment: Checksum error in segment payload [ 296.319946][ T6431] NILFS (loop0): trying rollback from an earlier position [pid 5065] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 5065] rmdir("./110") = 0 [pid 5065] mkdir("./111", 0777) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6435 attached , child_tidptr=0x555556c965d0) = 6435 [pid 6435] chdir("./111") = 0 [pid 6435] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6435] setpgid(0, 0) = 0 [pid 6435] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6435] write(3, "1000", 4) = 4 [pid 6435] close(3) = 0 [pid 6435] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6434] <... write resumed>) = 2097152 [pid 6435] memfd_create("syzkaller", 0 [pid 6434] munmap(0x7fc0314e0000, 2097152 [pid 6435] <... memfd_create resumed>) = 3 [pid 6435] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6434] <... munmap resumed>) = 0 [pid 6435] <... mmap resumed>) = 0x7fc0314e0000 [ 296.423474][ T6431] NILFS (loop0): recovery complete [pid 6434] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6431] <... mount resumed>) = 0 [pid 6434] <... openat resumed>) = 4 [pid 6434] ioctl(4, LOOP_SET_FD, 3 [pid 6431] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6435] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6434] <... ioctl resumed>) = 0 [pid 6431] <... openat resumed>) = 3 [pid 6434] close(3 [pid 6431] chdir("./file0" [pid 6434] <... close resumed>) = 0 [pid 6431] <... chdir resumed>) = 0 [pid 6434] mkdir("./file0", 0777 [pid 6431] ioctl(4, LOOP_CLR_FD [pid 6434] <... mkdir resumed>) = 0 [pid 6431] <... ioctl resumed>) = 0 [pid 6434] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6431] close(4 [pid 5067] <... umount2 resumed>) = 0 [ 296.456468][ T6436] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 296.492900][ T6434] loop4: detected capacity change from 0 to 4096 [pid 6435] <... write resumed>) = 2097152 [pid 6431] <... close resumed>) = 0 [pid 6431] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6431] <... open resumed>) = 4 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6431] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] lstat("./112/file0", [pid 6431] <... open resumed>) = 5 [pid 5067] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6431] ftruncate(5, 33587195 [pid 5067] umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6431] <... ftruncate resumed>) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6431] sendfile(4, 5, NULL, 281474978811909 [pid 5067] openat(AT_FDCWD, "./112/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6435] munmap(0x7fc0314e0000, 2097152 [pid 5067] <... openat resumed>) = 4 [pid 6435] <... munmap resumed>) = 0 [pid 5067] fstat(4, [pid 6435] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6435] <... openat resumed>) = 4 [pid 5067] getdents64(4, [ 296.524703][ T6434] NILFS (loop4): invalid segment: Checksum error in segment payload [ 296.558467][ T6434] NILFS (loop4): trying rollback from an earlier position [pid 6435] ioctl(4, LOOP_SET_FD, 3 [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./112/file0") = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./112") = 0 [pid 5067] mkdir("./113", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 6435] <... ioctl resumed>) = 0 [pid 5067] ioctl(3, LOOP_CLR_FD [pid 6435] close(3 [pid 5067] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6435] <... close resumed>) = 0 [pid 5067] close(3 [pid 6435] mkdir("./file0", 0777 [pid 5067] <... close resumed>) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6437 [pid 6435] <... mkdir resumed>) = 0 [pid 6435] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, ""./strace-static-x86_64: Process 6437 attached [pid 6437] chdir("./113") = 0 [pid 6437] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6437] setpgid(0, 0) = 0 [pid 6437] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 296.576389][ T6435] loop1: detected capacity change from 0 to 4096 [ 296.607697][ T6434] NILFS (loop4): recovery complete [pid 6437] write(3, "1000", 4) = 4 [pid 6434] <... mount resumed>) = 0 [pid 6437] close(3 [pid 6434] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6437] <... close resumed>) = 0 [pid 6434] <... openat resumed>) = 3 [pid 6437] symlink("/dev/binderfs", "./binderfs" [pid 6434] chdir("./file0" [pid 6437] <... symlink resumed>) = 0 [pid 6434] <... chdir resumed>) = 0 [pid 6437] memfd_create("syzkaller", 0 [pid 6434] ioctl(4, LOOP_CLR_FD [pid 6437] <... memfd_create resumed>) = 3 [pid 6434] <... ioctl resumed>) = 0 [pid 6437] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6434] close(4 [ 296.665927][ T6435] NILFS (loop1): invalid segment: Checksum error in segment payload [ 296.676649][ T6438] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6437] <... mmap resumed>) = 0x7fc0314e0000 [pid 6434] <... close resumed>) = 0 [pid 6434] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6434] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6434] ftruncate(5, 33587195) = 0 [pid 6434] sendfile(4, 5, NULL, 281474978811909 [ 296.715553][ T6435] NILFS (loop1): trying rollback from an earlier position [ 296.827248][ T6435] NILFS (loop1): recovery complete [pid 6437] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6435] <... mount resumed>) = 0 [pid 6437] <... write resumed>) = 2097152 [pid 6435] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6435] chdir("./file0") = 0 [pid 6435] ioctl(4, LOOP_CLR_FD) = 0 [pid 6435] close(4 [pid 6437] munmap(0x7fc0314e0000, 2097152 [pid 6435] <... close resumed>) = 0 [pid 6437] <... munmap resumed>) = 0 [pid 6435] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6437] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6435] <... open resumed>) = 4 [pid 6437] <... openat resumed>) = 4 [pid 6435] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [ 296.864011][ T6439] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6437] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6435] <... open resumed>) = 5 [pid 6435] ftruncate(5, 33587195) = 0 [pid 6435] sendfile(4, 5, NULL, 281474978811909 [pid 6437] close(3) = 0 [pid 6437] mkdir("./file0", 0777) = 0 [ 296.915414][ T6437] loop3: detected capacity change from 0 to 4096 [ 296.994238][ T6437] NILFS (loop3): invalid segment: Checksum error in segment payload [ 297.053752][ T6437] NILFS (loop3): trying rollback from an earlier position [ 297.107218][ T6437] NILFS (loop3): recovery complete [pid 6437] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0 [pid 6437] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6437] chdir("./file0") = 0 [pid 6437] ioctl(4, LOOP_CLR_FD) = 0 [pid 6437] close(4) = 0 [pid 6437] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6437] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6437] ftruncate(5, 33587195) = 0 [ 297.138223][ T6440] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6437] sendfile(4, 5, NULL, 281474978811909 [pid 6430] <... sendfile resumed>) = 1048576 [pid 6430] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6430] exit_group(0) = ? [pid 6430] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6430, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=25 /* 0.25 s */} --- [pid 5069] umount2("./113", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./113", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./113/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./113/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./113/binderfs") = 0 [pid 5069] umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6429] <... sendfile resumed>) = 1048576 [pid 6429] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6429] exit_group(0) = ? [pid 6429] +++ exited with 0 +++ [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6429, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 5066] umount2("./111", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./111", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5066] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] umount2("./111/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./111/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] unlink("./111/binderfs") = 0 [pid 5066] umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... umount2 resumed>) = 0 [pid 5069] umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./113/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./113/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 5069] rmdir("./113/file0") = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./113") = 0 [pid 5069] mkdir("./114", 0777) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5069] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6441 ./strace-static-x86_64: Process 6441 attached [pid 5066] <... umount2 resumed>) = 0 [pid 6441] chdir("./114") = 0 [pid 5066] umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6441] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6441] <... prctl resumed>) = 0 [pid 5066] lstat("./111/file0", [pid 6441] setpgid(0, 0 [pid 5066] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6441] <... setpgid resumed>) = 0 [pid 6434] <... sendfile resumed>) = 1048576 [pid 6431] <... sendfile resumed>) = 1048576 [pid 5066] umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6441] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6434] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6431] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6441] <... openat resumed>) = 3 [pid 6434] <... open resumed>) = -1 EFAULT (Bad address) [pid 6431] <... open resumed>) = -1 EFAULT (Bad address) [pid 5066] openat(AT_FDCWD, "./111/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6441] write(3, "1000", 4 [pid 6434] exit_group(0 [pid 6431] exit_group(0 [pid 5066] <... openat resumed>) = 4 [pid 6441] <... write resumed>) = 4 [pid 6434] <... exit_group resumed>) = ? [pid 6431] <... exit_group resumed>) = ? [pid 5066] fstat(4, [pid 6441] close(3 [pid 6434] +++ exited with 0 +++ [pid 6431] +++ exited with 0 +++ [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6441] <... close resumed>) = 0 [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6434, si_uid=0, si_status=0, si_utime=0, si_stime=31 /* 0.31 s */} --- [pid 5066] getdents64(4, [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6431, si_uid=0, si_status=0, si_utime=0, si_stime=24 /* 0.24 s */} --- [pid 6441] symlink("/dev/binderfs", "./binderfs" [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6441] <... symlink resumed>) = 0 [pid 5066] getdents64(4, [pid 6441] memfd_create("syzkaller", 0 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6441] <... memfd_create resumed>) = 3 [pid 5066] close(4 [pid 6441] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5066] <... close resumed>) = 0 [pid 6441] <... mmap resumed>) = 0x7fc0314e0000 [pid 5066] rmdir("./111/file0" [pid 5068] umount2("./112", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] umount2("./111", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... rmdir resumed>) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./112", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] getdents64(3, [pid 5064] openat(AT_FDCWD, "./111", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] <... openat resumed>) = 3 [pid 5066] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] <... openat resumed>) = 3 [pid 6441] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5068] fstat(3, [pid 5066] close(3 [pid 5064] fstat(3, [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] <... close resumed>) = 0 [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(3, [pid 5066] rmdir("./111" [pid 5064] getdents64(3, [pid 5068] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] <... rmdir resumed>) = 0 [pid 5064] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] umount2("./112/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] mkdir("./112", 0777 [pid 5064] umount2("./111/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... mkdir resumed>) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./112/binderfs", [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5064] lstat("./111/binderfs", [pid 5068] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] <... openat resumed>) = 3 [pid 5064] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] unlink("./112/binderfs" [pid 5066] ioctl(3, LOOP_CLR_FD [pid 5064] unlink("./111/binderfs" [pid 5068] <... unlink resumed>) = 0 [pid 5066] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5064] <... unlink resumed>) = 0 [pid 5068] umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] close(3 [pid 5064] umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... close resumed>) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6442 attached [pid 6442] chdir("./112") = 0 [pid 6442] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5066] <... clone resumed>, child_tidptr=0x555556c965d0) = 6442 [pid 6442] setpgid(0, 0) = 0 [pid 6442] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6442] write(3, "1000", 4) = 4 [pid 6442] close(3) = 0 [pid 6442] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6442] memfd_create("syzkaller", 0) = 3 [pid 6442] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6441] <... write resumed>) = 2097152 [pid 6441] munmap(0x7fc0314e0000, 2097152 [pid 6442] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6441] <... munmap resumed>) = 0 [pid 6441] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 6441] ioctl(4, LOOP_SET_FD, 3 [pid 6435] <... sendfile resumed>) = 1048576 [pid 6435] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6435] exit_group(0) = ? [pid 6435] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6435, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=21 /* 0.21 s */} --- [pid 6441] <... ioctl resumed>) = 0 [pid 5065] umount2("./111", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./111", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6441] close(3 [pid 5065] <... openat resumed>) = 3 [pid 6441] <... close resumed>) = 0 [pid 5065] fstat(3, [pid 6441] mkdir("./file0", 0777 [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6441] <... mkdir resumed>) = 0 [pid 5065] getdents64(3, [pid 6441] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5065] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./111/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./111/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] unlink("./111/binderfs") = 0 [pid 5065] umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6442] <... write resumed>) = 2097152 [ 297.968488][ T6441] loop5: detected capacity change from 0 to 4096 [pid 6442] munmap(0x7fc0314e0000, 2097152 [pid 5068] <... umount2 resumed>) = 0 [pid 5064] <... umount2 resumed>) = 0 [pid 5064] umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./111/file0", [pid 6442] <... munmap resumed>) = 0 [pid 6442] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5064] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6442] ioctl(4, LOOP_SET_FD, 3 [pid 5064] umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./112/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./111/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 298.049079][ T6441] NILFS (loop5): invalid segment: Checksum error in segment payload [ 298.082274][ T6441] NILFS (loop5): trying rollback from an earlier position [pid 5068] umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] getdents64(4, [pid 5068] openat(AT_FDCWD, "./112/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] <... openat resumed>) = 4 [pid 5064] close(4) = 0 [pid 5064] rmdir("./111/file0" [pid 5068] fstat(4, [pid 5064] <... rmdir resumed>) = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] close(3 [pid 6437] <... sendfile resumed>) = 1048576 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] <... close resumed>) = 0 [pid 5068] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6437] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5068] close(4 [pid 5064] rmdir("./111" [pid 6437] <... open resumed>) = -1 EFAULT (Bad address) [pid 5068] <... close resumed>) = 0 [pid 6442] <... ioctl resumed>) = 0 [ 298.093448][ T6442] loop2: detected capacity change from 0 to 4096 [pid 5068] rmdir("./112/file0" [pid 5064] <... rmdir resumed>) = 0 [pid 6442] close(3 [pid 6441] <... mount resumed>) = 0 [pid 6437] exit_group(0 [pid 5068] <... rmdir resumed>) = 0 [pid 6442] <... close resumed>) = 0 [pid 5068] getdents64(3, [pid 6442] mkdir("./file0", 0777 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6442] <... mkdir resumed>) = 0 [pid 5068] close(3 [pid 6442] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] <... close resumed>) = 0 [pid 5068] rmdir("./112") = 0 [pid 5068] mkdir("./113", 0777) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD [pid 6437] <... exit_group resumed>) = ? [pid 5064] mkdir("./112", 0777 [pid 6441] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6441] <... openat resumed>) = 3 [pid 6437] +++ exited with 0 +++ [pid 5068] close(3 [pid 5065] <... umount2 resumed>) = 0 [pid 5064] <... mkdir resumed>) = 0 [pid 6441] chdir("./file0" [pid 5065] umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6441] <... chdir resumed>) = 0 [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6437, si_uid=0, si_status=0, si_utime=0, si_stime=24 /* 0.24 s */} --- [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... openat resumed>) = 3 [pid 6441] ioctl(4, LOOP_CLR_FD [pid 5067] umount2("./113", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] lstat("./111/file0", [pid 5064] ioctl(3, LOOP_CLR_FD [pid 6441] <... ioctl resumed>) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5068] <... close resumed>) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6444 ./strace-static-x86_64: Process 6444 attached [pid 6444] chdir("./113" [pid 6441] close(4) = 0 [pid 5067] openat(AT_FDCWD, "./113", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] close(3 [pid 6441] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] <... openat resumed>) = 3 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... close resumed>) = 0 [pid 5067] fstat(3, [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, [pid 6441] <... open resumed>) = 4 [pid 6441] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] <... clone resumed>, child_tidptr=0x555556c965d0) = 6445 [pid 5065] openat(AT_FDCWD, "./111/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6444] <... chdir resumed>) = 0 [pid 6441] <... open resumed>) = 5 [pid 5067] umount2("./113/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6444] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6441] ftruncate(5, 33587195 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... openat resumed>) = 4 [pid 6444] <... prctl resumed>) = 0 [pid 6441] <... ftruncate resumed>) = 0 [pid 5067] lstat("./113/binderfs", [pid 5065] fstat(4, ./strace-static-x86_64: Process 6445 attached [pid 6444] setpgid(0, 0 [pid 6441] sendfile(4, 5, NULL, 281474978811909 [pid 5067] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6445] chdir("./112" [pid 6444] <... setpgid resumed>) = 0 [pid 5067] unlink("./113/binderfs" [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6445] <... chdir resumed>) = 0 [pid 6444] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6445] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6444] <... openat resumed>) = 3 [pid 5067] <... unlink resumed>) = 0 [pid 5065] getdents64(4, [pid 6445] <... prctl resumed>) = 0 [pid 6444] write(3, "1000", 4 [pid 5067] umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6445] setpgid(0, 0 [pid 6444] <... write resumed>) = 4 [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6445] <... setpgid resumed>) = 0 [pid 6444] close(3 [pid 6445] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6444] <... close resumed>) = 0 [pid 5065] getdents64(4, [pid 6445] <... openat resumed>) = 3 [pid 6444] symlink("/dev/binderfs", "./binderfs" [pid 6445] write(3, "1000", 4 [pid 6444] <... symlink resumed>) = 0 [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6445] <... write resumed>) = 4 [pid 6444] memfd_create("syzkaller", 0 [pid 5065] close(4 [pid 6445] close(3 [pid 6444] <... memfd_create resumed>) = 3 [pid 5065] <... close resumed>) = 0 [pid 6445] <... close resumed>) = 0 [pid 6444] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5065] rmdir("./111/file0" [ 298.123754][ T6441] NILFS (loop5): recovery complete [ 298.132612][ T6443] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 298.161603][ T6442] NILFS (loop2): invalid segment: Checksum error in segment payload [pid 6445] symlink("/dev/binderfs", "./binderfs" [pid 6444] <... mmap resumed>) = 0x7fc0314e0000 [pid 6445] <... symlink resumed>) = 0 [pid 5065] <... rmdir resumed>) = 0 [pid 6445] memfd_create("syzkaller", 0 [pid 5065] getdents64(3, [pid 6445] <... memfd_create resumed>) = 3 [pid 5065] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6445] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5065] close(3) = 0 [pid 5065] rmdir("./111" [pid 6445] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5065] <... rmdir resumed>) = 0 [pid 5065] mkdir("./112", 0777 [pid 6444] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5065] <... mkdir resumed>) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6446 ./strace-static-x86_64: Process 6446 attached [pid 6446] chdir("./112") = 0 [pid 6446] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6446] setpgid(0, 0) = 0 [pid 6446] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6446] write(3, "1000", 4) = 4 [ 298.229690][ T6442] NILFS (loop2): trying rollback from an earlier position [pid 6446] close(3) = 0 [pid 6446] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6446] memfd_create("syzkaller", 0) = 3 [pid 6446] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6444] <... write resumed>) = 2097152 [ 298.316336][ T6442] NILFS (loop2): recovery complete [pid 6442] <... mount resumed>) = 0 [pid 6445] <... write resumed>) = 2097152 [pid 6442] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6442] chdir("./file0") = 0 [pid 6442] ioctl(4, LOOP_CLR_FD) = 0 [pid 6442] close(4) = 0 [pid 6444] munmap(0x7fc0314e0000, 2097152 [pid 6442] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6446] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6444] <... munmap resumed>) = 0 [pid 6442] <... open resumed>) = 4 [pid 6444] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6442] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6445] munmap(0x7fc0314e0000, 2097152 [pid 6444] <... openat resumed>) = 4 [pid 6442] <... open resumed>) = 5 [pid 6445] <... munmap resumed>) = 0 [pid 6444] ioctl(4, LOOP_SET_FD, 3 [pid 6442] ftruncate(5, 33587195 [pid 6445] openat(AT_FDCWD, "/dev/loop0", O_RDWR [ 298.345709][ T6447] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6444] <... ioctl resumed>) = 0 [pid 6442] <... ftruncate resumed>) = 0 [pid 6445] <... openat resumed>) = 4 [pid 6442] sendfile(4, 5, NULL, 281474978811909 [pid 6445] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5067] <... umount2 resumed>) = 0 [pid 5067] umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./113/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6444] close(3 [pid 5067] umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6444] <... close resumed>) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6444] mkdir("./file0", 0777 [pid 5067] openat(AT_FDCWD, "./113/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6444] <... mkdir resumed>) = 0 [pid 5067] <... openat resumed>) = 4 [pid 6445] close(3 [pid 6444] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5067] fstat(4, [pid 6445] <... close resumed>) = 0 [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6445] mkdir("./file0", 0777 [pid 5067] getdents64(4, [pid 6445] <... mkdir resumed>) = 0 [pid 6445] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4 [pid 6446] <... write resumed>) = 2097152 [pid 5067] <... close resumed>) = 0 [pid 5067] rmdir("./113/file0") = 0 [ 298.386523][ T6444] loop4: detected capacity change from 0 to 4096 [ 298.407021][ T6445] loop0: detected capacity change from 0 to 4096 [pid 5067] getdents64(3, [pid 6446] munmap(0x7fc0314e0000, 2097152 [pid 5067] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./113" [pid 6446] <... munmap resumed>) = 0 [pid 5067] <... rmdir resumed>) = 0 [pid 6446] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5067] mkdir("./114", 0777 [pid 6446] <... openat resumed>) = 4 [pid 5067] <... mkdir resumed>) = 0 [pid 6446] ioctl(4, LOOP_SET_FD, 3 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] close(3) = 0 [ 298.479202][ T6444] NILFS (loop4): invalid segment: Checksum error in segment payload [ 298.493658][ T6445] NILFS (loop0): invalid segment: Checksum error in segment payload [ 298.516252][ T6446] loop1: detected capacity change from 0 to 4096 [pid 6446] <... ioctl resumed>) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6446] close(3) = 0 [pid 5067] <... clone resumed>, child_tidptr=0x555556c965d0) = 6448 [pid 6446] mkdir("./file0", 0777) = 0 ./strace-static-x86_64: Process 6448 attached [pid 6446] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6448] chdir("./114") = 0 [ 298.521841][ T6444] NILFS (loop4): trying rollback from an earlier position [pid 6448] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6448] setpgid(0, 0) = 0 [pid 6448] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6448] write(3, "1000", 4) = 4 [pid 6448] close(3) = 0 [pid 6448] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6448] memfd_create("syzkaller", 0) = 3 [pid 6448] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 298.571825][ T6445] NILFS (loop0): trying rollback from an earlier position [ 298.585113][ T6446] NILFS (loop1): invalid segment: Checksum error in segment payload [ 298.629111][ T6446] NILFS (loop1): trying rollback from an earlier position [ 298.657802][ T6444] NILFS (loop4): recovery complete [ 298.664578][ T6445] NILFS (loop0): recovery complete [pid 6448] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6445] <... mount resumed>) = 0 [pid 6444] <... mount resumed>) = 0 [pid 6445] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6444] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6445] <... openat resumed>) = 3 [pid 6444] <... openat resumed>) = 3 [pid 6445] chdir("./file0" [pid 6444] chdir("./file0" [pid 6445] <... chdir resumed>) = 0 [pid 6444] <... chdir resumed>) = 0 [pid 6445] ioctl(4, LOOP_CLR_FD [pid 6444] ioctl(4, LOOP_CLR_FD [pid 6445] <... ioctl resumed>) = 0 [pid 6444] <... ioctl resumed>) = 0 [pid 6445] close(4 [pid 6444] close(4 [pid 6448] <... write resumed>) = 2097152 [pid 6445] <... close resumed>) = 0 [pid 6444] <... close resumed>) = 0 [pid 6445] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [ 298.701263][ T6450] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 298.705609][ T6449] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 298.724720][ T6446] NILFS (loop1): recovery complete [pid 6444] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6445] <... open resumed>) = 4 [pid 6444] <... open resumed>) = 4 [pid 6446] <... mount resumed>) = 0 [pid 6445] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6444] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6448] munmap(0x7fc0314e0000, 2097152 [pid 6446] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6445] <... open resumed>) = 5 [pid 6444] <... open resumed>) = 5 [pid 6448] <... munmap resumed>) = 0 [pid 6446] <... openat resumed>) = 3 [pid 6445] ftruncate(5, 33587195 [pid 6444] ftruncate(5, 33587195 [pid 6448] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6446] chdir("./file0" [pid 6445] <... ftruncate resumed>) = 0 [pid 6444] <... ftruncate resumed>) = 0 [pid 6448] <... openat resumed>) = 4 [pid 6446] <... chdir resumed>) = 0 [ 298.742306][ T6451] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6445] sendfile(4, 5, NULL, 281474978811909 [pid 6444] sendfile(4, 5, NULL, 281474978811909 [pid 6448] ioctl(4, LOOP_SET_FD, 3 [pid 6446] ioctl(4, LOOP_CLR_FD) = 0 [pid 6446] close(4) = 0 [pid 6448] <... ioctl resumed>) = 0 [pid 6446] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6448] close(3 [pid 6446] <... open resumed>) = 4 [pid 6448] <... close resumed>) = 0 [pid 6446] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6448] mkdir("./file0", 0777 [pid 6446] ftruncate(5, 33587195) = 0 [pid 6446] sendfile(4, 5, NULL, 281474978811909 [pid 6448] <... mkdir resumed>) = 0 [ 298.822811][ T6448] loop3: detected capacity change from 0 to 4096 [ 298.930384][ T6448] NILFS (loop3): invalid segment: Checksum error in segment payload [ 298.980824][ T6448] NILFS (loop3): trying rollback from an earlier position [ 299.013865][ T6448] NILFS (loop3): recovery complete [pid 6448] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0 [pid 6448] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6448] chdir("./file0") = 0 [pid 6448] ioctl(4, LOOP_CLR_FD) = 0 [pid 6448] close(4) = 0 [pid 6448] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6448] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6448] ftruncate(5, 33587195) = 0 [ 299.031468][ T6452] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6448] sendfile(4, 5, NULL, 281474978811909 [pid 6441] <... sendfile resumed>) = 1048576 [pid 6441] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6441] exit_group(0) = ? [pid 6441] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6441, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} --- [pid 5069] umount2("./114", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./114", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./114/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./114/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./114/binderfs") = 0 [pid 5069] umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6442] <... sendfile resumed>) = 1048576 [pid 6442] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5069] <... umount2 resumed>) = 0 [pid 6442] exit_group(0) = ? [pid 6442] +++ exited with 0 +++ [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6442, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 5066] umount2("./112", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./112", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] lstat("./114/file0", [pid 5066] <... openat resumed>) = 3 [pid 5069] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] getdents64(3, [pid 5069] openat(AT_FDCWD, "./114/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] fstat(4, [pid 5066] umount2("./112/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] getdents64(4, [pid 5066] lstat("./112/binderfs", [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] getdents64(4, [pid 5066] unlink("./112/binderfs" [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] <... unlink resumed>) = 0 [pid 5069] close(4) = 0 [pid 5066] umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] rmdir("./114/file0") = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./114") = 0 [pid 5069] mkdir("./115", 0777) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5069] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6453 ./strace-static-x86_64: Process 6453 attached [pid 6453] chdir("./115") = 0 [pid 6453] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6453] setpgid(0, 0) = 0 [pid 6453] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6453] write(3, "1000", 4) = 4 [pid 6453] close(3) = 0 [pid 6453] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6453] memfd_create("syzkaller", 0) = 3 [pid 6453] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6453] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5066] <... umount2 resumed>) = 0 [pid 5066] umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./112/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6445] <... sendfile resumed>) = 1048576 [pid 5066] umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6445] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6445] <... open resumed>) = -1 EFAULT (Bad address) [pid 5066] openat(AT_FDCWD, "./112/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6445] exit_group(0 [pid 5066] <... openat resumed>) = 4 [pid 6445] <... exit_group resumed>) = ? [pid 5066] fstat(4, [pid 6445] +++ exited with 0 +++ [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6445, si_uid=0, si_status=0, si_utime=0, si_stime=29 /* 0.29 s */} --- [pid 5066] getdents64(4, [pid 5064] restart_syscall(<... resuming interrupted clone ...> [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] <... restart_syscall resumed>) = 0 [pid 5066] close(4) = 0 [pid 5066] rmdir("./112/file0" [pid 5064] umount2("./112", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... rmdir resumed>) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] getdents64(3, [pid 5064] openat(AT_FDCWD, "./112", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] <... openat resumed>) = 3 [pid 5066] close(3 [pid 5064] fstat(3, [pid 5066] <... close resumed>) = 0 [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] rmdir("./112" [pid 5064] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] umount2("./112/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] <... rmdir resumed>) = 0 [pid 5064] lstat("./112/binderfs", [pid 5066] mkdir("./113", 0777 [pid 5064] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6453] <... write resumed>) = 2097152 [pid 5066] <... mkdir resumed>) = 0 [pid 5064] unlink("./112/binderfs" [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5064] <... unlink resumed>) = 0 [pid 5064] umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... openat resumed>) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5066] close(3 [pid 6453] munmap(0x7fc0314e0000, 2097152) = 0 [pid 5066] <... close resumed>) = 0 [pid 6453] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 6453] ioctl(4, LOOP_SET_FD, 3 [pid 6444] <... sendfile resumed>) = 1048576 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6446] <... sendfile resumed>) = 1048576 [pid 6444] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6444] exit_group(0) = ? [pid 6444] +++ exited with 0 +++ [pid 6446] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6444, si_uid=0, si_status=0, si_utime=0, si_stime=24 /* 0.24 s */} --- [pid 5066] <... clone resumed>, child_tidptr=0x555556c965d0) = 6454 [pid 6446] <... open resumed>) = -1 EFAULT (Bad address) [pid 6446] exit_group(0 [pid 5068] restart_syscall(<... resuming interrupted clone ...> [pid 6446] <... exit_group resumed>) = ? [pid 5068] <... restart_syscall resumed>) = 0 ./strace-static-x86_64: Process 6454 attached [pid 6454] chdir("./113" [pid 6446] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6446, si_uid=0, si_status=0, si_utime=0, si_stime=24 /* 0.24 s */} --- [pid 5068] umount2("./113", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] umount2("./112", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] openat(AT_FDCWD, "./113", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... openat resumed>) = 3 [pid 5065] openat(AT_FDCWD, "./112", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6454] <... chdir resumed>) = 0 [pid 5068] fstat(3, [pid 5065] <... openat resumed>) = 3 [pid 6454] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] fstat(3, [pid 6454] <... prctl resumed>) = 0 [pid 5068] getdents64(3, [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6454] setpgid(0, 0 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] getdents64(3, [pid 6454] <... setpgid resumed>) = 0 [pid 5068] umount2("./113/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6454] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] umount2("./112/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6454] <... openat resumed>) = 3 [pid 5068] lstat("./113/binderfs", [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6454] write(3, "1000", 4 [pid 5065] lstat("./112/binderfs", [pid 6454] <... write resumed>) = 4 [pid 5068] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6454] close(3 [pid 5068] unlink("./113/binderfs" [pid 5065] unlink("./112/binderfs" [pid 6454] <... close resumed>) = 0 [pid 5068] <... unlink resumed>) = 0 [pid 5065] <... unlink resumed>) = 0 [pid 6454] symlink("/dev/binderfs", "./binderfs" [pid 5068] umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6454] <... symlink resumed>) = 0 [pid 6453] <... ioctl resumed>) = 0 [pid 6454] memfd_create("syzkaller", 0) = 3 [pid 6453] close(3 [pid 6454] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6453] <... close resumed>) = 0 [pid 6454] <... mmap resumed>) = 0x7fc0314e0000 [pid 6453] mkdir("./file0", 0777) = 0 [pid 6448] <... sendfile resumed>) = 1048576 [pid 6453] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6448] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6448] exit_group(0) = ? [ 300.002573][ T6453] loop5: detected capacity change from 0 to 4096 [pid 6448] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6448, si_uid=0, si_status=0, si_utime=0, si_stime=22 /* 0.22 s */} --- [pid 5067] umount2("./114", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./114", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./114/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./114/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] <... umount2 resumed>) = 0 [pid 5067] unlink("./114/binderfs") = 0 [pid 5067] umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6454] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5064] umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./112/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./112/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5064] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] close(4) = 0 [pid 5064] rmdir("./112/file0") = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [ 300.090544][ T6453] NILFS (loop5): invalid segment: Checksum error in segment payload [pid 5064] close(3) = 0 [pid 5064] rmdir("./112") = 0 [pid 5064] mkdir("./113", 0777) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5064] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5064] close(3) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6455 ./strace-static-x86_64: Process 6455 attached [pid 6455] chdir("./113") = 0 [pid 6455] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6454] <... write resumed>) = 2097152 [pid 6455] <... prctl resumed>) = 0 [pid 6455] setpgid(0, 0) = 0 [ 300.149097][ T6453] NILFS (loop5): trying rollback from an earlier position [pid 6455] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6455] write(3, "1000", 4 [pid 6454] munmap(0x7fc0314e0000, 2097152 [pid 6455] <... write resumed>) = 4 [pid 6454] <... munmap resumed>) = 0 [pid 5068] <... umount2 resumed>) = 0 [pid 6455] close(3 [pid 6454] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5068] umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... umount2 resumed>) = 0 [pid 6455] <... close resumed>) = 0 [pid 6455] symlink("/dev/binderfs", "./binderfs" [pid 6454] <... openat resumed>) = 4 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6455] <... symlink resumed>) = 0 [pid 5068] lstat("./113/file0", [pid 6455] memfd_create("syzkaller", 0 [pid 6454] ioctl(4, LOOP_SET_FD, 3 [pid 6455] <... memfd_create resumed>) = 3 [pid 5068] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6455] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5068] umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6455] <... mmap resumed>) = 0x7fc0314e0000 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./113/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5068] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] rmdir("./113/file0" [pid 5065] lstat("./112/file0", [pid 5068] <... rmdir resumed>) = 0 [pid 5065] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5068] rmdir("./113" [pid 5065] umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... rmdir resumed>) = 0 [pid 6454] <... ioctl resumed>) = 0 [pid 5068] mkdir("./114", 0777 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6454] close(3 [pid 5065] openat(AT_FDCWD, "./112/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6454] <... close resumed>) = 0 [pid 5068] <... mkdir resumed>) = 0 [pid 5065] <... openat resumed>) = 4 [pid 6454] mkdir("./file0", 0777 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5065] fstat(4, [pid 6454] <... mkdir resumed>) = 0 [pid 5068] <... openat resumed>) = 3 [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6454] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5065] getdents64(4, [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] close(3 [pid 5065] getdents64(4, [pid 5068] <... close resumed>) = 0 [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [ 300.243814][ T6454] loop2: detected capacity change from 0 to 4096 [ 300.251563][ T6453] NILFS (loop5): recovery complete [pid 6453] <... mount resumed>) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5065] close(4 [pid 6453] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5065] <... close resumed>) = 0 [pid 6453] <... openat resumed>) = 3 [pid 5065] rmdir("./112/file0" [pid 6453] chdir("./file0" [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 6457 [pid 6453] <... chdir resumed>) = 0 [pid 6453] ioctl(4, LOOP_CLR_FD./strace-static-x86_64: Process 6457 attached ) = 0 [pid 5065] <... rmdir resumed>) = 0 [pid 6457] chdir("./114" [pid 6453] close(4 [pid 5065] getdents64(3, [pid 6457] <... chdir resumed>) = 0 [pid 6453] <... close resumed>) = 0 [pid 5067] <... umount2 resumed>) = 0 [pid 5065] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6457] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6453] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] close(3 [pid 6453] <... open resumed>) = 4 [pid 5065] <... close resumed>) = 0 [pid 6457] <... prctl resumed>) = 0 [pid 6453] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] rmdir("./112" [pid 6457] setpgid(0, 0 [pid 6455] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6453] <... open resumed>) = 5 [pid 5067] lstat("./114/file0", [pid 5065] <... rmdir resumed>) = 0 [pid 6457] <... setpgid resumed>) = 0 [ 300.290257][ T6456] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6453] ftruncate(5, 33587195 [pid 5067] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] mkdir("./113", 0777 [pid 6457] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6453] <... ftruncate resumed>) = 0 [pid 5067] umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... mkdir resumed>) = 0 [pid 6457] <... openat resumed>) = 3 [pid 6453] sendfile(4, 5, NULL, 281474978811909 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6457] write(3, "1000", 4 [pid 5067] openat(AT_FDCWD, "./114/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] <... openat resumed>) = 3 [pid 6457] <... write resumed>) = 4 [pid 5065] ioctl(3, LOOP_CLR_FD [pid 6457] close(3 [pid 5067] <... openat resumed>) = 4 [pid 5065] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6457] <... close resumed>) = 0 [pid 5067] fstat(4, [pid 5065] close(3 [pid 6457] symlink("/dev/binderfs", "./binderfs" [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] <... close resumed>) = 0 [pid 6457] <... symlink resumed>) = 0 [pid 5067] getdents64(4, [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6457] memfd_create("syzkaller", 0 [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6457] <... memfd_create resumed>) = 3 [pid 6457] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5067] getdents64(4, [pid 5065] <... clone resumed>, child_tidptr=0x555556c965d0) = 6458 [pid 6457] <... mmap resumed>) = 0x7fc0314e0000 [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./114/file0") = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [ 300.338644][ T6454] NILFS (loop2): invalid segment: Checksum error in segment payload [pid 5067] rmdir("./114") = 0 ./strace-static-x86_64: Process 6458 attached [pid 6457] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6455] <... write resumed>) = 2097152 [pid 5067] mkdir("./115", 0777 [pid 6458] chdir("./113" [pid 6455] munmap(0x7fc0314e0000, 2097152 [pid 5067] <... mkdir resumed>) = 0 [pid 6455] <... munmap resumed>) = 0 [pid 6458] <... chdir resumed>) = 0 [pid 6458] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6455] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6458] <... prctl resumed>) = 0 [pid 5067] <... openat resumed>) = 3 [pid 6458] setpgid(0, 0) = 0 [pid 6455] <... openat resumed>) = 4 [pid 5067] ioctl(3, LOOP_CLR_FD [pid 6458] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6455] ioctl(4, LOOP_SET_FD, 3 [pid 5067] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6458] <... openat resumed>) = 3 [pid 6458] write(3, "1000", 4 [pid 6455] <... ioctl resumed>) = 0 [pid 5067] close(3 [pid 6458] <... write resumed>) = 4 [pid 6455] close(3 [pid 5067] <... close resumed>) = 0 [pid 6458] close(3 [pid 6455] <... close resumed>) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6458] <... close resumed>) = 0 [pid 6458] symlink("/dev/binderfs", "./binderfs" [pid 6455] mkdir("./file0", 0777 [pid 6458] <... symlink resumed>) = 0 [pid 6457] <... write resumed>) = 2097152 [pid 6455] <... mkdir resumed>) = 0 [pid 5067] <... clone resumed>, child_tidptr=0x555556c965d0) = 6459 [pid 6458] memfd_create("syzkaller", 0 [pid 6455] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, ""./strace-static-x86_64: Process 6459 attached [pid 6458] <... memfd_create resumed>) = 3 [pid 6459] chdir("./115" [pid 6458] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6459] <... chdir resumed>) = 0 [pid 6458] <... mmap resumed>) = 0x7fc0314e0000 [pid 6459] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6459] setpgid(0, 0) = 0 [pid 6457] munmap(0x7fc0314e0000, 2097152 [pid 6459] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6457] <... munmap resumed>) = 0 [pid 6459] <... openat resumed>) = 3 [pid 6457] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6459] write(3, "1000", 4 [pid 6457] <... openat resumed>) = 4 [pid 6459] <... write resumed>) = 4 [ 300.379517][ T6454] NILFS (loop2): trying rollback from an earlier position [ 300.414598][ T6455] loop0: detected capacity change from 0 to 4096 [pid 6457] ioctl(4, LOOP_SET_FD, 3 [pid 6459] close(3) = 0 [pid 6459] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6459] memfd_create("syzkaller", 0) = 3 [pid 6459] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6457] <... ioctl resumed>) = 0 [pid 6457] close(3) = 0 [pid 6457] mkdir("./file0", 0777) = 0 [pid 6457] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [ 300.458391][ T6454] NILFS (loop2): recovery complete [ 300.467184][ T6457] loop4: detected capacity change from 0 to 4096 [ 300.476771][ T6455] NILFS (loop0): invalid segment: Checksum error in segment payload [pid 6458] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6454] <... mount resumed>) = 0 [pid 6454] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6454] chdir("./file0") = 0 [pid 6454] ioctl(4, LOOP_CLR_FD) = 0 [pid 6454] close(4) = 0 [pid 6454] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6454] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6454] ftruncate(5, 33587195) = 0 [pid 6454] sendfile(4, 5, NULL, 281474978811909 [pid 6459] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6458] <... write resumed>) = 2097152 [ 300.503024][ T6455] NILFS (loop0): trying rollback from an earlier position [ 300.505526][ T6460] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6458] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6458] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [ 300.565120][ T6457] NILFS (loop4): invalid segment: Checksum error in segment payload [ 300.577271][ T6455] NILFS (loop0): recovery complete [ 300.590648][ T6457] NILFS (loop4): trying rollback from an earlier position [pid 6458] ioctl(4, LOOP_SET_FD, 3 [pid 6455] <... mount resumed>) = 0 [pid 6455] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6455] chdir("./file0") = 0 [pid 6455] ioctl(4, LOOP_CLR_FD) = 0 [pid 6455] close(4) = 0 [pid 6455] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6455] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6455] ftruncate(5, 33587195) = 0 [pid 6455] sendfile(4, 5, NULL, 281474978811909 [pid 6458] <... ioctl resumed>) = 0 [pid 6458] close(3) = 0 [ 300.606056][ T6461] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 300.620814][ T6458] loop1: detected capacity change from 0 to 4096 [ 300.637005][ T6457] NILFS (loop4): recovery complete [pid 6459] <... write resumed>) = 2097152 [pid 6458] mkdir("./file0", 0777 [pid 6459] munmap(0x7fc0314e0000, 2097152 [pid 6458] <... mkdir resumed>) = 0 [pid 6459] <... munmap resumed>) = 0 [pid 6458] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6457] <... mount resumed>) = 0 [pid 6459] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6457] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6459] <... openat resumed>) = 4 [pid 6457] <... openat resumed>) = 3 [ 300.660317][ T6462] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6459] ioctl(4, LOOP_SET_FD, 3 [pid 6457] chdir("./file0") = 0 [pid 6459] <... ioctl resumed>) = 0 [pid 6457] ioctl(4, LOOP_CLR_FD [pid 6459] close(3 [pid 6457] <... ioctl resumed>) = 0 [pid 6457] close(4 [pid 6459] <... close resumed>) = 0 [pid 6457] <... close resumed>) = 0 [pid 6459] mkdir("./file0", 0777) = 0 [pid 6459] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6457] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [ 300.713934][ T6459] loop3: detected capacity change from 0 to 4096 [ 300.751369][ T6459] NILFS (loop3): invalid segment: Checksum error in segment payload [pid 6457] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6457] ftruncate(5, 33587195) = 0 [ 300.756619][ T6458] NILFS (loop1): invalid segment: Checksum error in segment payload [ 300.760882][ T6459] NILFS (loop3): trying rollback from an earlier position [ 300.813189][ T6458] NILFS (loop1): trying rollback from an earlier position [ 300.834179][ T6459] NILFS (loop3): recovery complete [pid 6457] sendfile(4, 5, NULL, 281474978811909 [pid 6459] <... mount resumed>) = 0 [pid 6459] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6459] chdir("./file0") = 0 [pid 6459] ioctl(4, LOOP_CLR_FD) = 0 [pid 6459] close(4) = 0 [pid 6459] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6459] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6459] ftruncate(5, 33587195) = 0 [ 300.880485][ T6463] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 300.907067][ T6458] NILFS (loop1): recovery complete [pid 6459] sendfile(4, 5, NULL, 281474978811909 [pid 6458] <... mount resumed>) = 0 [pid 6458] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6458] chdir("./file0") = 0 [pid 6458] ioctl(4, LOOP_CLR_FD) = 0 [pid 6458] close(4) = 0 [pid 6458] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6458] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6458] ftruncate(5, 33587195) = 0 [ 300.975059][ T6464] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6458] sendfile(4, 5, NULL, 281474978811909 [pid 6453] <... sendfile resumed>) = 1048576 [pid 6453] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6453] exit_group(0) = ? [pid 6453] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6453, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 5069] umount2("./115", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./115", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./115/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./115/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./115/binderfs") = 0 [pid 5069] umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5069] umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./115/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./115/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] fstat(4, [pid 6455] <... sendfile resumed>) = 1048576 [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6455] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5069] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6455] <... open resumed>) = -1 EFAULT (Bad address) [pid 5069] getdents64(4, [pid 6455] exit_group(0 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6455] <... exit_group resumed>) = ? [pid 5069] close(4 [pid 6455] +++ exited with 0 +++ [pid 5069] <... close resumed>) = 0 [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6455, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 5069] rmdir("./115/file0" [pid 5064] restart_syscall(<... resuming interrupted clone ...> [pid 5069] <... rmdir resumed>) = 0 [pid 5064] <... restart_syscall resumed>) = 0 [pid 5069] getdents64(3, [pid 6457] <... sendfile resumed>) = 1048576 [pid 5069] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6454] <... sendfile resumed>) = 1048576 [pid 5064] umount2("./113", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./113", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5064] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] umount2("./113/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6457] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6454] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5069] close(3 [pid 5064] lstat("./113/binderfs", [pid 6457] <... open resumed>) = -1 EFAULT (Bad address) [pid 6454] <... open resumed>) = -1 EFAULT (Bad address) [pid 5069] <... close resumed>) = 0 [pid 5064] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6457] exit_group(0 [pid 6454] exit_group(0 [pid 5069] rmdir("./115" [pid 5064] unlink("./113/binderfs" [pid 6457] <... exit_group resumed>) = ? [pid 6454] <... exit_group resumed>) = ? [pid 5069] <... rmdir resumed>) = 0 [pid 5064] <... unlink resumed>) = 0 [pid 5064] umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6457] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6457, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=18 /* 0.18 s */} --- [pid 6454] +++ exited with 0 +++ [pid 5069] mkdir("./116", 0777) = 0 [pid 5068] umount2("./114", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6454, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5068] openat(AT_FDCWD, "./114", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] restart_syscall(<... resuming interrupted clone ...> [pid 5069] <... openat resumed>) = 3 [pid 5068] <... openat resumed>) = 3 [pid 5066] <... restart_syscall resumed>) = 0 [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5068] fstat(3, [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] close(3 [pid 5068] getdents64(3, [pid 5066] umount2("./113", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... close resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] umount2("./114/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] openat(AT_FDCWD, "./113", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... openat resumed>) = 3 [pid 5068] lstat("./114/binderfs", [pid 5066] fstat(3, [pid 5068] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] unlink("./114/binderfs" [pid 5066] getdents64(3, [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] <... unlink resumed>) = 0 [pid 5066] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] umount2("./113/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 6465 [pid 5066] lstat("./113/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 ./strace-static-x86_64: Process 6465 attached [pid 5066] unlink("./113/binderfs" [pid 6465] chdir("./116" [pid 5066] <... unlink resumed>) = 0 [pid 6465] <... chdir resumed>) = 0 [pid 5066] umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6465] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6465] setpgid(0, 0) = 0 [pid 6465] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6465] write(3, "1000", 4) = 4 [pid 6465] close(3) = 0 [pid 6465] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6465] memfd_create("syzkaller", 0) = 3 [pid 6465] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6465] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6459] <... sendfile resumed>) = 1048576 [pid 6459] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6459] exit_group(0) = ? [pid 6459] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6459, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5067] umount2("./115", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./115", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./115/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] <... umount2 resumed>) = 0 [pid 5067] lstat("./115/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./115/binderfs") = 0 [pid 5067] umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./114/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... umount2 resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] openat(AT_FDCWD, "./114/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... openat resumed>) = 4 [pid 5064] lstat("./113/file0", [pid 5068] fstat(4, [pid 5064] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6465] <... write resumed>) = 2097152 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6465] munmap(0x7fc0314e0000, 2097152 [pid 5068] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6465] <... munmap resumed>) = 0 [pid 5068] getdents64(4, [pid 5064] openat(AT_FDCWD, "./113/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6465] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6465] <... openat resumed>) = 4 [pid 5068] close(4 [pid 5064] <... openat resumed>) = 4 [pid 6465] ioctl(4, LOOP_SET_FD, 3 [pid 5068] <... close resumed>) = 0 [pid 5064] fstat(4, [pid 5068] rmdir("./114/file0") = 0 [pid 5066] <... umount2 resumed>) = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5068] rmdir("./114" [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6465] <... ioctl resumed>) = 0 [pid 5068] <... rmdir resumed>) = 0 [pid 5064] getdents64(4, [pid 6465] close(3 [pid 5068] mkdir("./115", 0777 [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6465] <... close resumed>) = 0 [pid 5068] <... mkdir resumed>) = 0 [pid 5064] getdents64(4, [pid 6465] mkdir("./file0", 0777 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5066] umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6465] <... mkdir resumed>) = 0 [pid 5068] <... openat resumed>) = 3 [pid 5064] close(4 [pid 6465] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... close resumed>) = 0 [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5064] rmdir("./113/file0" [pid 5068] close(3 [pid 5066] lstat("./113/file0", [pid 5068] <... close resumed>) = 0 [pid 5066] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] <... rmdir resumed>) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5066] umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] getdents64(3, [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 6466 [pid 5066] openat(AT_FDCWD, "./113/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] <... openat resumed>) = 4 [pid 5064] close(3 [pid 5066] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] <... close resumed>) = 0 [pid 5066] getdents64(4, [pid 5064] rmdir("./113" [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 ./strace-static-x86_64: Process 6466 attached [pid 5066] getdents64(4, [pid 5064] <... rmdir resumed>) = 0 [pid 6466] chdir("./115" [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] mkdir("./114", 0777 [pid 6466] <... chdir resumed>) = 0 [pid 5066] close(4 [pid 6466] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5066] <... close resumed>) = 0 [pid 5064] <... mkdir resumed>) = 0 [pid 6466] <... prctl resumed>) = 0 [pid 5066] rmdir("./113/file0" [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6466] setpgid(0, 0 [pid 5066] <... rmdir resumed>) = 0 [pid 6466] <... setpgid resumed>) = 0 [pid 5066] getdents64(3, [pid 5064] <... openat resumed>) = 3 [pid 6466] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5066] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6466] <... openat resumed>) = 3 [pid 5066] close(3 [pid 6466] write(3, "1000", 4 [pid 5066] <... close resumed>) = 0 [pid 6466] <... write resumed>) = 4 [pid 5066] rmdir("./113" [pid 6466] close(3 [pid 5066] <... rmdir resumed>) = 0 [pid 6466] <... close resumed>) = 0 [pid 5066] mkdir("./114", 0777 [ 302.070822][ T6465] loop5: detected capacity change from 0 to 4096 [pid 6466] symlink("/dev/binderfs", "./binderfs" [pid 5066] <... mkdir resumed>) = 0 [pid 6466] <... symlink resumed>) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5064] ioctl(3, LOOP_CLR_FD [pid 6466] memfd_create("syzkaller", 0 [pid 5066] <... openat resumed>) = 3 [pid 5064] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6466] <... memfd_create resumed>) = 3 [pid 6458] <... sendfile resumed>) = 1048576 [pid 5066] ioctl(3, LOOP_CLR_FD [pid 5064] close(3 [pid 6466] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6458] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5066] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5064] <... close resumed>) = 0 [pid 6466] <... mmap resumed>) = 0x7fc0314e0000 [pid 5066] close(3 [pid 6458] <... open resumed>) = -1 EFAULT (Bad address) [pid 5066] <... close resumed>) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6466] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6458] exit_group(0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6458] <... exit_group resumed>) = ? [pid 5066] <... clone resumed>, child_tidptr=0x555556c965d0) = 6468 [pid 6458] +++ exited with 0 +++ [pid 5064] <... clone resumed>, child_tidptr=0x555556c965d0) = 6467 [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6458, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5065] umount2("./113", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./113", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 6468 attached [pid 6468] chdir("./114" [pid 5065] <... openat resumed>) = 3 [pid 6468] <... chdir resumed>) = 0 [pid 6468] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6468] setpgid(0, 0) = 0 [pid 6468] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6468] write(3, "1000", 4) = 4 [pid 5065] fstat(3, [pid 6468] close(3./strace-static-x86_64: Process 6467 attached ) = 0 [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6468] symlink("/dev/binderfs", "./binderfs" [pid 6467] chdir("./114" [pid 5065] getdents64(3, [pid 6468] <... symlink resumed>) = 0 [pid 6467] <... chdir resumed>) = 0 [ 302.124885][ T6465] NILFS (loop5): invalid segment: Checksum error in segment payload [ 302.143596][ T6465] NILFS (loop5): trying rollback from an earlier position [pid 6468] memfd_create("syzkaller", 0 [pid 6467] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5065] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6468] <... memfd_create resumed>) = 3 [pid 6467] <... prctl resumed>) = 0 [pid 5065] umount2("./113/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6468] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6467] setpgid(0, 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6468] <... mmap resumed>) = 0x7fc0314e0000 [pid 6467] <... setpgid resumed>) = 0 [pid 5067] <... umount2 resumed>) = 0 [pid 5065] lstat("./113/binderfs", [pid 6467] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6465] <... mount resumed>) = 0 [pid 5067] umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6467] <... openat resumed>) = 3 [pid 6465] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6467] write(3, "1000", 4 [pid 6465] <... openat resumed>) = 3 [pid 5067] lstat("./115/file0", [pid 5065] unlink("./113/binderfs" [pid 6467] <... write resumed>) = 4 [pid 6466] <... write resumed>) = 2097152 [pid 6465] chdir("./file0" [pid 5067] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6467] close(3 [pid 6466] munmap(0x7fc0314e0000, 2097152 [pid 6465] <... chdir resumed>) = 0 [pid 6468] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5067] umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... unlink resumed>) = 0 [pid 6467] <... close resumed>) = 0 [pid 6466] <... munmap resumed>) = 0 [pid 6465] ioctl(4, LOOP_CLR_FD [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6467] symlink("/dev/binderfs", "./binderfs" [pid 6466] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6465] <... ioctl resumed>) = 0 [pid 5067] openat(AT_FDCWD, "./115/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6468] <... write resumed>) = 2097152 [pid 6467] <... symlink resumed>) = 0 [pid 6466] <... openat resumed>) = 4 [pid 6465] close(4 [pid 5067] <... openat resumed>) = 4 [ 302.181815][ T6465] NILFS (loop5): recovery complete [ 302.199586][ T6469] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6468] munmap(0x7fc0314e0000, 2097152 [pid 6467] memfd_create("syzkaller", 0 [pid 6466] ioctl(4, LOOP_SET_FD, 3 [pid 6465] <... close resumed>) = 0 [pid 5067] fstat(4, [pid 6468] <... munmap resumed>) = 0 [pid 6467] <... memfd_create resumed>) = 3 [pid 6465] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6468] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6467] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5067] getdents64(4, [pid 6468] <... openat resumed>) = 4 [pid 6467] <... mmap resumed>) = 0x7fc0314e0000 [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6468] ioctl(4, LOOP_SET_FD, 3 [pid 6465] <... open resumed>) = 4 [pid 5067] getdents64(4, [pid 6465] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6466] <... ioctl resumed>) = 0 [pid 5067] close(4 [pid 6466] close(3 [pid 5067] <... close resumed>) = 0 [pid 6466] <... close resumed>) = 0 [pid 5067] rmdir("./115/file0" [pid 6466] mkdir("./file0", 0777 [pid 5067] <... rmdir resumed>) = 0 [pid 6466] <... mkdir resumed>) = 0 [pid 6465] <... open resumed>) = 5 [pid 5067] getdents64(3, [pid 6466] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6465] ftruncate(5, 33587195 [pid 5067] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6465] <... ftruncate resumed>) = 0 [pid 5067] close(3 [pid 6467] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6465] sendfile(4, 5, NULL, 281474978811909 [pid 5067] <... close resumed>) = 0 [pid 5067] rmdir("./115") = 0 [pid 5067] mkdir("./116", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] close(3 [pid 6468] <... ioctl resumed>) = 0 [pid 5067] <... close resumed>) = 0 [pid 6468] close(3 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6468] <... close resumed>) = 0 [ 302.276439][ T6466] loop4: detected capacity change from 0 to 4096 [ 302.283136][ T6468] loop2: detected capacity change from 0 to 4096 [pid 6468] mkdir("./file0", 0777 [pid 5067] <... clone resumed>, child_tidptr=0x555556c965d0) = 6470 [pid 6468] <... mkdir resumed>) = 0 [pid 6468] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, ""./strace-static-x86_64: Process 6470 attached [pid 6470] chdir("./116") = 0 [pid 6470] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6470] setpgid(0, 0) = 0 [pid 6470] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6470] write(3, "1000", 4) = 4 [pid 6470] close(3) = 0 [pid 6470] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6470] memfd_create("syzkaller", 0) = 3 [pid 6470] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 302.320771][ T6466] NILFS (loop4): invalid segment: Checksum error in segment payload [ 302.344151][ T6468] NILFS (loop2): invalid segment: Checksum error in segment payload [pid 6467] <... write resumed>) = 2097152 [pid 6467] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6467] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 302.386798][ T6466] NILFS (loop4): trying rollback from an earlier position [ 302.424268][ T6467] loop0: detected capacity change from 0 to 4096 [pid 6467] ioctl(4, LOOP_SET_FD, 3 [pid 5065] <... umount2 resumed>) = 0 [pid 6470] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5065] umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./113/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 302.425025][ T6468] NILFS (loop2): trying rollback from an earlier position [pid 6467] <... ioctl resumed>) = 0 [pid 5065] umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6467] close(3) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./113/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6467] mkdir("./file0", 0777 [pid 5065] <... openat resumed>) = 4 [pid 6467] <... mkdir resumed>) = 0 [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6467] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6470] <... write resumed>) = 2097152 [pid 6468] <... mount resumed>) = 0 [pid 5065] getdents64(4, [pid 6470] munmap(0x7fc0314e0000, 2097152 [pid 6468] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6468] <... openat resumed>) = 3 [pid 5065] getdents64(4, [pid 6470] <... munmap resumed>) = 0 [pid 6470] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [ 302.477468][ T6466] NILFS (loop4): recovery complete [ 302.486563][ T6468] NILFS (loop2): recovery complete [ 302.508322][ T6472] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6470] ioctl(4, LOOP_SET_FD, 3 [pid 6468] chdir("./file0" [pid 6466] <... mount resumed>) = 0 [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6468] <... chdir resumed>) = 0 [pid 6466] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6468] ioctl(4, LOOP_CLR_FD [pid 6466] <... openat resumed>) = 3 [pid 5065] close(4 [pid 6466] chdir("./file0" [pid 6468] <... ioctl resumed>) = 0 [pid 6466] <... chdir resumed>) = 0 [pid 5065] <... close resumed>) = 0 [pid 6468] close(4 [pid 6466] ioctl(4, LOOP_CLR_FD [pid 6468] <... close resumed>) = 0 [pid 6466] <... ioctl resumed>) = 0 [pid 5065] rmdir("./113/file0" [pid 6466] close(4) = 0 [pid 6466] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6466] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6466] ftruncate(5, 33587195) = 0 [pid 6466] sendfile(4, 5, NULL, 281474978811909 [pid 5065] <... rmdir resumed>) = 0 [pid 6468] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5065] getdents64(3, [pid 6470] <... ioctl resumed>) = 0 [pid 5065] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] close(3 [pid 6468] <... open resumed>) = 4 [pid 5065] <... close resumed>) = 0 [pid 5065] rmdir("./113" [pid 6468] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6470] close(3 [pid 6468] <... open resumed>) = 5 [pid 5065] <... rmdir resumed>) = 0 [pid 6470] <... close resumed>) = 0 [pid 6468] ftruncate(5, 33587195 [pid 5065] mkdir("./114", 0777 [pid 6470] mkdir("./file0", 0777 [pid 6468] <... ftruncate resumed>) = 0 [pid 6470] <... mkdir resumed>) = 0 [pid 6468] sendfile(4, 5, NULL, 281474978811909 [pid 5065] <... mkdir resumed>) = 0 [pid 6470] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [ 302.512205][ T6471] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 302.522762][ T6470] loop3: detected capacity change from 0 to 4096 [ 302.537146][ T6467] NILFS (loop0): invalid segment: Checksum error in segment payload [ 302.567377][ T6467] NILFS (loop0): trying rollback from an earlier position [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6467] <... mount resumed>) = 0 [pid 5065] <... clone resumed>, child_tidptr=0x555556c965d0) = 6474 [pid 6467] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6467] chdir("./file0") = 0 [pid 6467] ioctl(4, LOOP_CLR_FD) = 0 [pid 6467] close(4) = 0 [pid 6467] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6467] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000./strace-static-x86_64: Process 6474 attached ) = 5 [pid 6467] ftruncate(5, 33587195 [pid 6474] chdir("./114" [pid 6467] <... ftruncate resumed>) = 0 [pid 6467] sendfile(4, 5, NULL, 281474978811909 [pid 6474] <... chdir resumed>) = 0 [pid 6474] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 302.596521][ T6467] NILFS (loop0): recovery complete [ 302.614224][ T6470] NILFS (loop3): invalid segment: Checksum error in segment payload [ 302.620093][ T6473] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6474] setpgid(0, 0) = 0 [pid 6474] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6474] write(3, "1000", 4) = 4 [pid 6474] close(3) = 0 [pid 6474] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6474] memfd_create("syzkaller", 0) = 3 [pid 6474] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 302.673477][ T6470] NILFS (loop3): trying rollback from an earlier position [ 302.758627][ T6470] NILFS (loop3): recovery complete [pid 6474] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6470] <... mount resumed>) = 0 [pid 6470] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6470] chdir("./file0") = 0 [pid 6470] ioctl(4, LOOP_CLR_FD) = 0 [pid 6470] close(4) = 0 [ 302.799867][ T6475] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6470] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6474] <... write resumed>) = 2097152 [pid 6474] munmap(0x7fc0314e0000, 2097152 [pid 6470] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6470] ftruncate(5, 33587195 [pid 6474] <... munmap resumed>) = 0 [pid 6470] <... ftruncate resumed>) = 0 [pid 6474] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6470] sendfile(4, 5, NULL, 281474978811909 [pid 6474] <... openat resumed>) = 4 [pid 6474] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6474] close(3) = 0 [pid 6474] mkdir("./file0", 0777) = 0 [ 302.908904][ T6474] loop1: detected capacity change from 0 to 4096 [ 302.999488][ T6474] NILFS (loop1): invalid segment: Checksum error in segment payload [ 303.016771][ T6474] NILFS (loop1): trying rollback from an earlier position [pid 6474] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0 [pid 6474] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6474] chdir("./file0") = 0 [pid 6474] ioctl(4, LOOP_CLR_FD) = 0 [ 303.070041][ T6474] NILFS (loop1): recovery complete [ 303.078127][ T6476] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6474] close(4) = 0 [pid 6474] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6474] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6474] ftruncate(5, 33587195) = 0 [pid 6474] sendfile(4, 5, NULL, 281474978811909 [pid 6465] <... sendfile resumed>) = 1048576 [pid 6465] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6465] exit_group(0) = ? [pid 6465] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6465, si_uid=0, si_status=0, si_utime=0, si_stime=28 /* 0.28 s */} --- [pid 5069] umount2("./116", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./116", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./116/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./116/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./116/binderfs") = 0 [pid 5069] umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5069] umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./116/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./116/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 5069] rmdir("./116/file0") = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./116") = 0 [pid 5069] mkdir("./117", 0777) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 6466] <... sendfile resumed>) = 1048576 [pid 5069] ioctl(3, LOOP_CLR_FD [pid 6466] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6466] <... open resumed>) = -1 EFAULT (Bad address) [pid 5069] close(3 [pid 6466] exit_group(0 [pid 5069] <... close resumed>) = 0 [pid 6466] <... exit_group resumed>) = ? [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6466] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6466, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 6477 [pid 5068] umount2("./115", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./115", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] fstat(3, ./strace-static-x86_64: Process 6477 attached {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6477] chdir("./117" [pid 5068] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6477] <... chdir resumed>) = 0 [pid 5068] umount2("./115/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6477] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6468] <... sendfile resumed>) = 1048576 [pid 5068] lstat("./115/binderfs", [pid 6477] <... prctl resumed>) = 0 [pid 6468] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5068] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6477] setpgid(0, 0 [pid 6468] <... open resumed>) = -1 EFAULT (Bad address) [pid 5068] unlink("./115/binderfs" [pid 6477] <... setpgid resumed>) = 0 [pid 6468] exit_group(0 [pid 5068] <... unlink resumed>) = 0 [pid 5068] umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6477] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6468] <... exit_group resumed>) = ? [pid 6477] <... openat resumed>) = 3 [pid 6468] +++ exited with 0 +++ [pid 6477] write(3, "1000", 4 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6468, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=21 /* 0.21 s */} --- [pid 6477] <... write resumed>) = 4 [pid 6477] close(3) = 0 [pid 6477] symlink("/dev/binderfs", "./binderfs" [pid 5066] umount2("./114", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6477] <... symlink resumed>) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6477] memfd_create("syzkaller", 0 [pid 5066] openat(AT_FDCWD, "./114", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6477] <... memfd_create resumed>) = 3 [pid 6477] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5066] <... openat resumed>) = 3 [pid 5066] fstat(3, [pid 6477] <... mmap resumed>) = 0x7fc0314e0000 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] umount2("./114/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./114/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6477] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6467] <... sendfile resumed>) = 1048576 [pid 5066] unlink("./114/binderfs" [pid 6467] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5066] <... unlink resumed>) = 0 [pid 6467] exit_group(0 [pid 5066] umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6467] <... exit_group resumed>) = ? [pid 6467] +++ exited with 0 +++ [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6467, si_uid=0, si_status=0, si_utime=0, si_stime=28 /* 0.28 s */} --- [pid 5064] umount2("./114", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./114", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5064] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] umount2("./114/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./114/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] unlink("./114/binderfs") = 0 [pid 5064] umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6470] <... sendfile resumed>) = 1048576 [pid 6470] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6470] exit_group(0) = ? [pid 6470] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6470, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=26 /* 0.26 s */} --- [pid 6477] <... write resumed>) = 2097152 [pid 6477] munmap(0x7fc0314e0000, 2097152 [pid 5067] umount2("./116", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6477] <... munmap resumed>) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6477] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5067] openat(AT_FDCWD, "./116", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6477] <... openat resumed>) = 4 [pid 5067] <... openat resumed>) = 3 [pid 6477] ioctl(4, LOOP_SET_FD, 3 [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./116/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./116/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./116/binderfs") = 0 [pid 5067] umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... umount2 resumed>) = 0 [pid 5068] umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./115/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6477] <... ioctl resumed>) = 0 [pid 5068] umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6477] close(3) = 0 [pid 6477] mkdir("./file0", 0777 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./115/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6477] <... mkdir resumed>) = 0 [pid 5068] fstat(4, [pid 6477] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5068] rmdir("./115/file0") = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5068] rmdir("./115") = 0 [pid 5068] mkdir("./116", 0777) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 303.943392][ T6477] loop5: detected capacity change from 0 to 4096 [pid 5068] close(3) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6478 ./strace-static-x86_64: Process 6478 attached [pid 6478] chdir("./116") = 0 [pid 6478] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6478] setpgid(0, 0) = 0 [pid 6478] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6478] write(3, "1000", 4) = 4 [pid 6478] close(3) = 0 [pid 6478] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5066] <... umount2 resumed>) = 0 [pid 6478] memfd_create("syzkaller", 0) = 3 [pid 5066] umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6478] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... umount2 resumed>) = 0 [pid 5064] umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./114/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] lstat("./114/file0", [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./114/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] openat(AT_FDCWD, "./114/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5064] <... openat resumed>) = 4 [pid 5066] fstat(4, [pid 5064] fstat(4, [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] getdents64(4, [pid 5066] getdents64(4, [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] getdents64(4, [pid 5066] close(4 [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] <... close resumed>) = 0 [pid 5064] close(4 [pid 5066] rmdir("./114/file0" [pid 5064] <... close resumed>) = 0 [pid 5064] rmdir("./114/file0" [pid 5066] <... rmdir resumed>) = 0 [pid 5064] <... rmdir resumed>) = 0 [pid 5066] getdents64(3, [pid 5064] getdents64(3, [pid 6478] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5066] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] close(3 [pid 5064] close(3 [pid 5066] <... close resumed>) = 0 [pid 5064] <... close resumed>) = 0 [pid 5066] rmdir("./114" [pid 5064] rmdir("./114" [pid 5066] <... rmdir resumed>) = 0 [pid 5064] <... rmdir resumed>) = 0 [pid 5066] mkdir("./115", 0777 [ 304.036750][ T6477] NILFS (loop5): invalid segment: Checksum error in segment payload [ 304.076549][ T6477] NILFS (loop5): trying rollback from an earlier position [pid 5064] mkdir("./115", 0777 [pid 5066] <... mkdir resumed>) = 0 [pid 5064] <... mkdir resumed>) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5066] <... openat resumed>) = 3 [pid 5064] <... openat resumed>) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD [pid 5064] ioctl(3, LOOP_CLR_FD [pid 5066] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5064] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5067] <... umount2 resumed>) = 0 [pid 5066] close(3 [pid 5064] close(3 [pid 5066] <... close resumed>) = 0 [pid 5064] <... close resumed>) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6479 ./strace-static-x86_64: Process 6479 attached [pid 6479] chdir("./115") = 0 [pid 6479] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6479] setpgid(0, 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6479] <... setpgid resumed>) = 0 [pid 6479] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6479] write(3, "1000", 4 [pid 5066] <... clone resumed>, child_tidptr=0x555556c965d0) = 6480 [pid 6479] <... write resumed>) = 4 [pid 6479] close(3./strace-static-x86_64: Process 6480 attached [pid 6480] chdir("./115" [pid 6479] <... close resumed>) = 0 [pid 5067] umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6480] <... chdir resumed>) = 0 [pid 6479] symlink("/dev/binderfs", "./binderfs" [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 304.128752][ T6477] NILFS (loop5): recovery complete [pid 6480] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6479] <... symlink resumed>) = 0 [pid 5067] lstat("./116/file0", [pid 6480] <... prctl resumed>) = 0 [pid 6479] memfd_create("syzkaller", 0 [pid 6477] <... mount resumed>) = 0 [pid 5067] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6480] setpgid(0, 0 [pid 6479] <... memfd_create resumed>) = 3 [pid 6477] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5067] umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6480] <... setpgid resumed>) = 0 [pid 6479] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6477] <... openat resumed>) = 3 [pid 6480] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6479] <... mmap resumed>) = 0x7fc0314e0000 [pid 6477] chdir("./file0" [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6480] <... openat resumed>) = 3 [pid 6478] <... write resumed>) = 2097152 [pid 6477] <... chdir resumed>) = 0 [pid 5067] openat(AT_FDCWD, "./116/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6480] write(3, "1000", 4 [pid 6478] munmap(0x7fc0314e0000, 2097152 [pid 6477] ioctl(4, LOOP_CLR_FD [pid 5067] <... openat resumed>) = 4 [pid 6480] <... write resumed>) = 4 [pid 6478] <... munmap resumed>) = 0 [pid 6477] <... ioctl resumed>) = 0 [pid 5067] fstat(4, [pid 6480] close(3 [pid 6478] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6477] close(4 [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6480] <... close resumed>) = 0 [pid 6478] <... openat resumed>) = 4 [pid 6477] <... close resumed>) = 0 [pid 5067] getdents64(4, [pid 6480] symlink("/dev/binderfs", "./binderfs" [pid 6478] ioctl(4, LOOP_SET_FD, 3 [ 304.179651][ T6481] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6477] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6480] <... symlink resumed>) = 0 [pid 6477] <... open resumed>) = 4 [pid 5067] getdents64(4, [pid 6480] memfd_create("syzkaller", 0 [pid 6477] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6480] <... memfd_create resumed>) = 3 [pid 6477] <... open resumed>) = 5 [pid 5067] close(4 [pid 6480] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6477] ftruncate(5, 33587195 [pid 5067] <... close resumed>) = 0 [pid 6480] <... mmap resumed>) = 0x7fc0314e0000 [pid 6477] <... ftruncate resumed>) = 0 [pid 5067] rmdir("./116/file0" [pid 6480] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6479] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6477] sendfile(4, 5, NULL, 281474978811909 [pid 5067] <... rmdir resumed>) = 0 [pid 5067] getdents64(3, [pid 6478] <... ioctl resumed>) = 0 [pid 5067] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./116" [pid 6478] close(3 [pid 5067] <... rmdir resumed>) = 0 [pid 6478] <... close resumed>) = 0 [pid 6474] <... sendfile resumed>) = 1048576 [pid 5067] mkdir("./117", 0777 [pid 6478] mkdir("./file0", 0777 [pid 6474] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5067] <... mkdir resumed>) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6478] <... mkdir resumed>) = 0 [pid 6474] <... open resumed>) = -1 EFAULT (Bad address) [pid 5067] <... openat resumed>) = 3 [pid 6478] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6474] exit_group(0 [ 304.230486][ T6478] loop4: detected capacity change from 0 to 4096 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 6474] <... exit_group resumed>) = ? [pid 5067] close(3 [pid 6474] +++ exited with 0 +++ [pid 5067] <... close resumed>) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6474, si_uid=0, si_status=0, si_utime=0, si_stime=20 /* 0.20 s */} --- [pid 5067] <... clone resumed>, child_tidptr=0x555556c965d0) = 6482 [pid 5065] umount2("./114", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6479] <... write resumed>) = 2097152 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./114", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 ./strace-static-x86_64: Process 6482 attached [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./114/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6482] chdir("./117" [pid 6479] munmap(0x7fc0314e0000, 2097152 [pid 5065] lstat("./114/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] unlink("./114/binderfs") = 0 [pid 5065] umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6482] <... chdir resumed>) = 0 [pid 6479] <... munmap resumed>) = 0 [pid 6482] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6479] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6482] <... prctl resumed>) = 0 [pid 6479] <... openat resumed>) = 4 [pid 6482] setpgid(0, 0 [pid 6479] ioctl(4, LOOP_SET_FD, 3 [pid 6482] <... setpgid resumed>) = 0 [pid 6479] <... ioctl resumed>) = 0 [pid 6482] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6479] close(3 [pid 6482] write(3, "1000", 4 [pid 6479] <... close resumed>) = 0 [pid 6482] <... write resumed>) = 4 [pid 6479] mkdir("./file0", 0777 [pid 6482] close(3 [pid 6479] <... mkdir resumed>) = 0 [pid 6482] <... close resumed>) = 0 [pid 6479] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6482] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6482] memfd_create("syzkaller", 0) = 3 [pid 6482] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6480] <... write resumed>) = 2097152 [ 304.321177][ T6478] NILFS (loop4): invalid segment: Checksum error in segment payload [ 304.330343][ T6478] NILFS (loop4): trying rollback from an earlier position [ 304.355879][ T6479] loop0: detected capacity change from 0 to 4096 [pid 6480] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6480] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6480] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6480] close(3) = 0 [pid 6480] mkdir("./file0", 0777) = 0 [pid 6480] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6482] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6478] <... mount resumed>) = 0 [pid 6478] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6478] chdir("./file0") = 0 [pid 6478] ioctl(4, LOOP_CLR_FD) = 0 [ 304.409551][ T6479] NILFS (loop0): invalid segment: Checksum error in segment payload [ 304.416873][ T6480] loop2: detected capacity change from 0 to 4096 [ 304.425624][ T6478] NILFS (loop4): recovery complete [ 304.439656][ T6483] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6478] close(4) = 0 [pid 6478] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6478] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6478] ftruncate(5, 33587195 [pid 6482] <... write resumed>) = 2097152 [pid 6478] <... ftruncate resumed>) = 0 [ 304.465572][ T6479] NILFS (loop0): trying rollback from an earlier position [ 304.502696][ T6480] NILFS (loop2): invalid segment: Checksum error in segment payload [pid 6478] sendfile(4, 5, NULL, 281474978811909 [pid 6482] munmap(0x7fc0314e0000, 2097152) = 0 [pid 5065] <... umount2 resumed>) = 0 [ 304.513020][ T6479] NILFS (loop0): recovery complete [pid 6482] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6479] <... mount resumed>) = 0 [pid 5065] umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6482] ioctl(4, LOOP_SET_FD, 3 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6479] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5065] lstat("./114/file0", [pid 6479] <... openat resumed>) = 3 [pid 5065] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6479] chdir("./file0" [pid 5065] umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6482] <... ioctl resumed>) = 0 [pid 6479] <... chdir resumed>) = 0 [pid 6482] close(3 [pid 6479] ioctl(4, LOOP_CLR_FD [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6479] <... ioctl resumed>) = 0 [pid 6482] <... close resumed>) = 0 [pid 6479] close(4 [pid 5065] openat(AT_FDCWD, "./114/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6482] mkdir("./file0", 0777 [pid 6479] <... close resumed>) = 0 [pid 5065] <... openat resumed>) = 4 [pid 6482] <... mkdir resumed>) = 0 [pid 6479] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5065] fstat(4, [pid 6482] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6479] <... open resumed>) = 4 [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 304.548491][ T6484] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 304.561459][ T6482] loop3: detected capacity change from 0 to 4096 [ 304.567830][ T6480] NILFS (loop2): trying rollback from an earlier position [pid 6479] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5065] getdents64(4, [pid 6479] <... open resumed>) = 5 [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, [pid 6479] ftruncate(5, 33587195) = 0 [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6479] sendfile(4, 5, NULL, 281474978811909 [pid 5065] close(4) = 0 [pid 5065] rmdir("./114/file0") = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 5065] rmdir("./114") = 0 [pid 5065] mkdir("./115", 0777) = 0 [ 304.609666][ T6480] NILFS (loop2): recovery complete [ 304.627165][ T6482] NILFS (loop3): invalid segment: Checksum error in segment payload [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6480] <... mount resumed>) = 0 [pid 6480] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6480] chdir("./file0") = 0 [pid 6480] ioctl(4, LOOP_CLR_FD) = 0 [pid 6480] close(4) = 0 [pid 5065] <... openat resumed>) = 3 [pid 6480] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6480] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6480] ftruncate(5, 33587195 [pid 5065] ioctl(3, LOOP_CLR_FD [pid 6480] <... ftruncate resumed>) = 0 [pid 6480] sendfile(4, 5, NULL, 281474978811909 [pid 5065] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5065] close(3) = 0 [ 304.668762][ T6485] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 304.680855][ T6482] NILFS (loop3): trying rollback from an earlier position [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6486 ./strace-static-x86_64: Process 6486 attached [pid 6486] chdir("./115") = 0 [pid 6486] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6486] setpgid(0, 0) = 0 [pid 6486] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6486] write(3, "1000", 4) = 4 [ 304.743437][ T6482] NILFS (loop3): recovery complete [pid 6486] close(3 [pid 6482] <... mount resumed>) = 0 [pid 6486] <... close resumed>) = 0 [pid 6482] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6486] symlink("/dev/binderfs", "./binderfs" [pid 6482] <... openat resumed>) = 3 [pid 6486] <... symlink resumed>) = 0 [pid 6482] chdir("./file0" [pid 6486] memfd_create("syzkaller", 0 [pid 6482] <... chdir resumed>) = 0 [pid 6482] ioctl(4, LOOP_CLR_FD [pid 6486] <... memfd_create resumed>) = 3 [pid 6486] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6482] <... ioctl resumed>) = 0 [pid 6482] close(4 [pid 6486] <... mmap resumed>) = 0x7fc0314e0000 [pid 6482] <... close resumed>) = 0 [pid 6482] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [ 304.787288][ T6487] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6482] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6482] ftruncate(5, 33587195) = 0 [pid 6482] sendfile(4, 5, NULL, 281474978811909 [pid 6486] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152 [pid 6486] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6486] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6486] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6486] close(3) = 0 [pid 6486] mkdir("./file0", 0777) = 0 [ 305.034682][ T6486] loop1: detected capacity change from 0 to 4096 [ 305.139304][ T6486] NILFS (loop1): invalid segment: Checksum error in segment payload [ 305.163610][ T6486] NILFS (loop1): trying rollback from an earlier position [ 305.222462][ T6486] NILFS (loop1): recovery complete [pid 6486] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "") = 0 [pid 6486] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6486] chdir("./file0") = 0 [pid 6486] ioctl(4, LOOP_CLR_FD) = 0 [pid 6486] close(4) = 0 [pid 6486] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6486] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6486] ftruncate(5, 33587195) = 0 [ 305.244435][ T6488] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6486] sendfile(4, 5, NULL, 281474978811909 [pid 6477] <... sendfile resumed>) = 1048576 [pid 6477] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6477] exit_group(0) = ? [pid 6477] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6477, si_uid=0, si_status=0, si_utime=0, si_stime=30 /* 0.30 s */} --- [pid 5069] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5069] umount2("./117", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./117", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./117/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./117/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./117/binderfs") = 0 [pid 5069] umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5069] umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./117/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./117/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 5069] rmdir("./117/file0") = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./117") = 0 [pid 5069] mkdir("./118", 0777) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5069] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6489 attached [pid 6489] chdir("./118") = 0 [pid 6489] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6489] setpgid(0, 0 [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 6489 [pid 6489] <... setpgid resumed>) = 0 [pid 6489] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6489] write(3, "1000", 4) = 4 [pid 6489] close(3) = 0 [pid 6489] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6489] memfd_create("syzkaller", 0) = 3 [pid 6489] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6489] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152 [pid 6489] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6478] <... sendfile resumed>) = 1048576 [pid 6478] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6478] exit_group(0) = ? [pid 6478] +++ exited with 0 +++ [pid 6489] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6478, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 6489] <... openat resumed>) = 4 [pid 5068] umount2("./116", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6489] ioctl(4, LOOP_SET_FD, 3 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./116", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(3, [pid 6489] <... ioctl resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6489] close(3 [pid 5068] umount2("./116/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6489] <... close resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6489] mkdir("./file0", 0777 [pid 5068] lstat("./116/binderfs", [pid 6489] <... mkdir resumed>) = 0 [pid 5068] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6489] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] unlink("./116/binderfs") = 0 [ 305.721400][ T6489] loop5: detected capacity change from 0 to 4096 [pid 5068] umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6479] <... sendfile resumed>) = 1048576 [pid 6479] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6479] exit_group(0) = ? [pid 6479] +++ exited with 0 +++ [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6479, si_uid=0, si_status=0, si_utime=0, si_stime=19 /* 0.19 s */} --- [pid 5064] umount2("./115", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./115", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5064] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] umount2("./115/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./115/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] unlink("./115/binderfs") = 0 [pid 5064] umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6480] <... sendfile resumed>) = 1048576 [pid 6480] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6480] exit_group(0) = ? [ 305.784441][ T6489] NILFS (loop5): invalid segment: Checksum error in segment payload [ 305.804319][ T6489] NILFS (loop5): trying rollback from an earlier position [pid 6480] +++ exited with 0 +++ [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6480, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5066] umount2("./115", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./115", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5066] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] umount2("./115/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./115/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] unlink("./115/binderfs") = 0 [pid 5066] umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6489] <... mount resumed>) = 0 [pid 6489] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5068] <... umount2 resumed>) = 0 [pid 6489] chdir("./file0") = 0 [pid 6489] ioctl(4, LOOP_CLR_FD) = 0 [pid 6489] close(4) = 0 [ 305.877305][ T6489] NILFS (loop5): recovery complete [ 305.889332][ T6490] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6489] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6489] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6489] ftruncate(5, 33587195) = 0 [pid 5068] umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6489] sendfile(4, 5, NULL, 281474978811909 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./116/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./116/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5068] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5068] rmdir("./116/file0") = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5068] rmdir("./116") = 0 [pid 5068] mkdir("./117", 0777) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD [pid 6482] <... sendfile resumed>) = 1048576 [pid 6482] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6482] <... open resumed>) = -1 EFAULT (Bad address) [pid 5068] close(3 [pid 6482] exit_group(0) = ? [pid 5068] <... close resumed>) = 0 [pid 5064] <... umount2 resumed>) = 0 [pid 6482] +++ exited with 0 +++ [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6482, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=28 /* 0.28 s */} --- [pid 5064] umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./115/file0", [pid 5067] umount2("./117", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./117", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./117/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./117/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./117/binderfs" [pid 5064] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 6491 [pid 5067] <... unlink resumed>) = 0 [pid 5067] umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./115/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 6491 attached ) = 4 [pid 6491] chdir("./117" [pid 5064] fstat(4, [pid 6491] <... chdir resumed>) = 0 [pid 6491] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6491] <... prctl resumed>) = 0 [pid 5064] getdents64(4, [pid 6491] setpgid(0, 0 [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6491] <... setpgid resumed>) = 0 [pid 5064] getdents64(4, [pid 6491] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6491] <... openat resumed>) = 3 [pid 5064] close(4 [pid 6491] write(3, "1000", 4 [pid 5064] <... close resumed>) = 0 [pid 6491] <... write resumed>) = 4 [pid 5064] rmdir("./115/file0" [pid 6491] close(3 [pid 5064] <... rmdir resumed>) = 0 [pid 6491] <... close resumed>) = 0 [pid 5064] getdents64(3, [pid 6491] symlink("/dev/binderfs", "./binderfs" [pid 5064] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6491] <... symlink resumed>) = 0 [pid 5064] close(3 [pid 6491] memfd_create("syzkaller", 0 [pid 5064] <... close resumed>) = 0 [pid 6491] <... memfd_create resumed>) = 3 [pid 5064] rmdir("./115" [pid 6491] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5064] <... rmdir resumed>) = 0 [pid 6491] <... mmap resumed>) = 0x7fc0314e0000 [pid 5064] mkdir("./116", 0777) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5064] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5064] close(3) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6492 ./strace-static-x86_64: Process 6492 attached [pid 6492] chdir("./116") = 0 [pid 6492] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6492] setpgid(0, 0) = 0 [pid 6492] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6492] write(3, "1000", 4) = 4 [pid 6492] close(3 [pid 6491] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6492] <... close resumed>) = 0 [pid 6492] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6492] memfd_create("syzkaller", 0) = 3 [pid 6492] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5066] <... umount2 resumed>) = 0 [pid 5066] umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6492] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./115/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./115/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, [pid 5067] <... umount2 resumed>) = 0 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 5066] rmdir("./115/file0" [pid 6491] <... write resumed>) = 2097152 [pid 5066] <... rmdir resumed>) = 0 [pid 6491] munmap(0x7fc0314e0000, 2097152) = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6491] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5066] close(3 [pid 6491] <... openat resumed>) = 4 [pid 5066] <... close resumed>) = 0 [pid 6491] ioctl(4, LOOP_SET_FD, 3 [pid 5066] rmdir("./115") = 0 [pid 5066] mkdir("./116", 0777 [pid 5067] umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... mkdir resumed>) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./117/file0", [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5067] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] <... openat resumed>) = 3 [pid 5067] umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] ioctl(3, LOOP_CLR_FD [pid 5067] openat(AT_FDCWD, "./117/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5067] <... openat resumed>) = 4 [pid 5066] close(3 [pid 5067] fstat(4, [pid 5066] <... close resumed>) = 0 [pid 6492] <... write resumed>) = 2097152 [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./117/file0" [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5067] <... rmdir resumed>) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3 [pid 6491] <... ioctl resumed>) = 0 [pid 5067] <... close resumed>) = 0 [pid 5066] <... clone resumed>, child_tidptr=0x555556c965d0) = 6493 [pid 6491] close(3 [pid 5067] rmdir("./117" [pid 6491] <... close resumed>) = 0 [pid 5067] <... rmdir resumed>) = 0 [pid 6491] mkdir("./file0", 0777 [pid 5067] mkdir("./118", 0777 [pid 6491] <... mkdir resumed>) = 0 [pid 5067] <... mkdir resumed>) = 0 [pid 6492] munmap(0x7fc0314e0000, 2097152 [pid 6491] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR./strace-static-x86_64: Process 6493 attached [pid 6492] <... munmap resumed>) = 0 [pid 5067] <... openat resumed>) = 3 [pid 6492] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5067] ioctl(3, LOOP_CLR_FD [pid 6493] chdir("./116" [pid 6492] <... openat resumed>) = 4 [pid 5067] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6493] <... chdir resumed>) = 0 [pid 6492] ioctl(4, LOOP_SET_FD, 3 [pid 5067] close(3 [ 306.250742][ T6491] loop4: detected capacity change from 0 to 4096 [pid 6493] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5067] <... close resumed>) = 0 [pid 6493] <... prctl resumed>) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6493] setpgid(0, 0 [pid 5067] <... clone resumed>, child_tidptr=0x555556c965d0) = 6494 ./strace-static-x86_64: Process 6494 attached [pid 6493] <... setpgid resumed>) = 0 [pid 6494] chdir("./118" [pid 6493] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6494] <... chdir resumed>) = 0 [pid 6493] <... openat resumed>) = 3 [pid 6494] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6493] write(3, "1000", 4 [pid 6492] <... ioctl resumed>) = 0 [pid 6494] <... prctl resumed>) = 0 [pid 6493] <... write resumed>) = 4 [pid 6492] close(3 [pid 6494] setpgid(0, 0 [pid 6493] close(3 [pid 6492] <... close resumed>) = 0 [pid 6494] <... setpgid resumed>) = 0 [pid 6493] <... close resumed>) = 0 [pid 6492] mkdir("./file0", 0777 [pid 6494] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6493] symlink("/dev/binderfs", "./binderfs" [pid 6492] <... mkdir resumed>) = 0 [ 306.294562][ T6492] loop0: detected capacity change from 0 to 4096 [pid 6494] <... openat resumed>) = 3 [pid 6493] <... symlink resumed>) = 0 [pid 6492] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6494] write(3, "1000", 4 [pid 6493] memfd_create("syzkaller", 0 [pid 6494] <... write resumed>) = 4 [pid 6493] <... memfd_create resumed>) = 3 [pid 6494] close(3 [pid 6493] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6494] <... close resumed>) = 0 [pid 6493] <... mmap resumed>) = 0x7fc0314e0000 [pid 6494] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6494] memfd_create("syzkaller", 0) = 3 [pid 6494] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 306.363064][ T6491] NILFS (loop4): invalid segment: Checksum error in segment payload [ 306.387531][ T6492] NILFS (loop0): invalid segment: Checksum error in segment payload [ 306.400332][ T6491] NILFS (loop4): trying rollback from an earlier position [pid 6493] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6486] <... sendfile resumed>) = 1048576 [pid 6486] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6486] exit_group(0) = ? [pid 6494] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6486] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6486, si_uid=0, si_status=0, si_utime=0, si_stime=28 /* 0.28 s */} --- [pid 5065] umount2("./115", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./115", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 306.408132][ T6492] NILFS (loop0): trying rollback from an earlier position [ 306.431500][ T6491] NILFS (loop4): recovery complete [ 306.449933][ T6492] NILFS (loop0): recovery complete [pid 5065] fstat(3, [pid 6492] <... mount resumed>) = 0 [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6492] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5065] getdents64(3, [pid 6492] <... openat resumed>) = 3 [pid 5065] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6492] chdir("./file0" [pid 5065] umount2("./115/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6492] <... chdir resumed>) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6492] ioctl(4, LOOP_CLR_FD [pid 5065] lstat("./115/binderfs", [pid 6492] <... ioctl resumed>) = 0 [pid 5065] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6492] close(4 [pid 5065] unlink("./115/binderfs" [pid 6492] <... close resumed>) = 0 [pid 5065] <... unlink resumed>) = 0 [pid 6492] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5065] umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6492] <... open resumed>) = 4 [pid 6492] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6492] ftruncate(5, 33587195) = 0 [pid 6492] sendfile(4, 5, NULL, 281474978811909 [pid 6491] <... mount resumed>) = 0 [pid 6491] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6491] chdir("./file0") = 0 [pid 6491] ioctl(4, LOOP_CLR_FD) = 0 [pid 6491] close(4) = 0 [pid 6491] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6493] <... write resumed>) = 2097152 [pid 6491] <... open resumed>) = 4 [pid 6491] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6491] ftruncate(5, 33587195) = 0 [ 306.463682][ T6495] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 306.484660][ T6496] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6491] sendfile(4, 5, NULL, 281474978811909 [pid 6493] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6493] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6493] ioctl(4, LOOP_SET_FD, 3 [pid 6494] <... write resumed>) = 2097152 [pid 6494] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6494] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6493] <... ioctl resumed>) = 0 [pid 6493] close(3 [pid 6494] <... openat resumed>) = 4 [pid 6493] <... close resumed>) = 0 [pid 6494] ioctl(4, LOOP_SET_FD, 3 [ 306.577776][ T6493] loop2: detected capacity change from 0 to 4096 [pid 6493] mkdir("./file0", 0777) = 0 [pid 6493] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6494] <... ioctl resumed>) = 0 [pid 6494] close(3) = 0 [pid 6494] mkdir("./file0", 0777) = 0 [ 306.640196][ T6494] loop3: detected capacity change from 0 to 4096 [ 306.660361][ T6493] NILFS (loop2): invalid segment: Checksum error in segment payload [pid 6494] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5065] <... umount2 resumed>) = 0 [pid 5065] umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./115/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./115/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [pid 5065] rmdir("./115/file0") = 0 [ 306.716051][ T6494] NILFS (loop3): invalid segment: Checksum error in segment payload [ 306.726886][ T6494] NILFS (loop3): trying rollback from an earlier position [ 306.744202][ T6493] NILFS (loop2): trying rollback from an earlier position [pid 5065] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 5065] rmdir("./115") = 0 [pid 5065] mkdir("./116", 0777) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [ 306.793415][ T6494] NILFS (loop3): recovery complete [pid 5065] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 6494] <... mount resumed>) = 0 [pid 5065] close(3 [pid 6494] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5065] <... close resumed>) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6494] <... openat resumed>) = 3 [pid 6494] chdir("./file0" [pid 5065] <... clone resumed>, child_tidptr=0x555556c965d0) = 6498 [pid 6494] <... chdir resumed>) = 0 [pid 6494] ioctl(4, LOOP_CLR_FD./strace-static-x86_64: Process 6498 attached ) = 0 [pid 6498] chdir("./116" [pid 6494] close(4) = 0 [pid 6498] <... chdir resumed>) = 0 [pid 6494] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6498] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6494] <... open resumed>) = 4 [pid 6498] <... prctl resumed>) = 0 [pid 6494] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6498] setpgid(0, 0 [pid 6494] <... open resumed>) = 5 [pid 6494] ftruncate(5, 33587195 [pid 6498] <... setpgid resumed>) = 0 [pid 6498] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6494] <... ftruncate resumed>) = 0 [pid 6498] <... openat resumed>) = 3 [ 306.836165][ T6497] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 306.866529][ T6493] NILFS (loop2): recovery complete [pid 6494] sendfile(4, 5, NULL, 281474978811909 [pid 6493] <... mount resumed>) = 0 [pid 6498] write(3, "1000", 4 [pid 6493] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6498] <... write resumed>) = 4 [pid 6493] <... openat resumed>) = 3 [pid 6498] close(3 [pid 6493] chdir("./file0") = 0 [pid 6498] <... close resumed>) = 0 [pid 6498] symlink("/dev/binderfs", "./binderfs" [pid 6493] ioctl(4, LOOP_CLR_FD [pid 6498] <... symlink resumed>) = 0 [pid 6493] <... ioctl resumed>) = 0 [pid 6493] close(4 [pid 6498] memfd_create("syzkaller", 0) = 3 [pid 6493] <... close resumed>) = 0 [pid 6498] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6493] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6498] <... mmap resumed>) = 0x7fc0314e0000 [pid 6493] <... open resumed>) = 4 [pid 6493] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6493] ftruncate(5, 33587195) = 0 [ 306.906557][ T6499] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6493] sendfile(4, 5, NULL, 281474978811909 [pid 6498] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152 [pid 6498] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6498] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6498] ioctl(4, LOOP_SET_FD, 3 [pid 6489] <... sendfile resumed>) = 1048576 [pid 6489] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6498] <... ioctl resumed>) = 0 [pid 6489] <... open resumed>) = -1 EFAULT (Bad address) [pid 6498] close(3 [pid 6489] exit_group(0 [pid 6498] <... close resumed>) = 0 [pid 6489] <... exit_group resumed>) = ? [pid 6498] mkdir("./file0", 0777 [pid 6489] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6489, si_uid=0, si_status=0, si_utime=0, si_stime=34 /* 0.34 s */} --- [pid 6498] <... mkdir resumed>) = 0 [pid 6498] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5069] umount2("./118", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./118", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./118/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./118/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./118/binderfs") = 0 [ 307.170132][ T6498] loop1: detected capacity change from 0 to 4096 [ 307.236763][ T6498] NILFS (loop1): invalid segment: Checksum error in segment payload [ 307.244834][ T6498] NILFS (loop1): trying rollback from an earlier position [pid 5069] umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6498] <... mount resumed>) = 0 [pid 6498] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6498] chdir("./file0") = 0 [pid 6498] ioctl(4, LOOP_CLR_FD) = 0 [pid 6498] close(4) = 0 [pid 6498] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6498] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6498] ftruncate(5, 33587195) = 0 [ 307.349296][ T6498] NILFS (loop1): recovery complete [ 307.366434][ T6500] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6498] sendfile(4, 5, NULL, 281474978811909 [pid 5069] <... umount2 resumed>) = 0 [pid 6491] <... sendfile resumed>) = 1048576 [pid 6491] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6491] exit_group(0) = ? [pid 6491] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6491, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5068] umount2("./117", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./117", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] <... openat resumed>) = 3 [pid 5069] lstat("./118/file0", [pid 5068] fstat(3, [pid 5069] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] getdents64(3, [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] openat(AT_FDCWD, "./118/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5068] umount2("./117/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] fstat(4, [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] lstat("./117/binderfs", [pid 5069] getdents64(4, [pid 5068] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] unlink("./117/binderfs" [pid 5069] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] <... unlink resumed>) = 0 [pid 5069] close(4 [pid 5068] umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... close resumed>) = 0 [pid 5069] rmdir("./118/file0") = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./118") = 0 [pid 5069] mkdir("./119", 0777) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5069] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6501 ./strace-static-x86_64: Process 6501 attached [pid 6501] chdir("./119") = 0 [pid 6501] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6501] setpgid(0, 0) = 0 [pid 6501] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6501] write(3, "1000", 4) = 4 [pid 6501] close(3) = 0 [pid 6501] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6501] memfd_create("syzkaller", 0) = 3 [pid 6501] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6492] <... sendfile resumed>) = 1048576 [pid 6492] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6492] exit_group(0) = ? [pid 6492] +++ exited with 0 +++ [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6492, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=21 /* 0.21 s */} --- [pid 5064] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5064] umount2("./116", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./116", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5064] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] umount2("./116/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./116/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] unlink("./116/binderfs") = 0 [pid 5064] umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6501] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5068] <... umount2 resumed>) = 0 [pid 5068] umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./117/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./117/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5068] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5068] rmdir("./117/file0") = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5068] rmdir("./117") = 0 [pid 5068] mkdir("./118", 0777) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 6501] <... write resumed>) = 2097152 [pid 5068] close(3 [pid 6501] munmap(0x7fc0314e0000, 2097152 [pid 5068] <... close resumed>) = 0 [pid 6501] <... munmap resumed>) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6501] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 6501] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 6502 ./strace-static-x86_64: Process 6502 attached [pid 6502] chdir("./118") = 0 [pid 6502] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6502] setpgid(0, 0) = 0 [pid 6502] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6502] write(3, "1000", 4 [pid 6501] close(3) = 0 [pid 6501] mkdir("./file0", 0777) = 0 [pid 6501] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6502] <... write resumed>) = 4 [pid 6502] close(3) = 0 [pid 6502] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5064] <... umount2 resumed>) = 0 [ 307.827354][ T6501] loop5: detected capacity change from 0 to 4096 [pid 6502] memfd_create("syzkaller", 0) = 3 [pid 5064] umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6502] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6502] <... mmap resumed>) = 0x7fc0314e0000 [ 307.883479][ T6501] NILFS (loop5): invalid segment: Checksum error in segment payload [ 307.907149][ T6501] NILFS (loop5): trying rollback from an earlier position [pid 5064] lstat("./116/file0", [pid 6501] <... mount resumed>) = 0 [pid 5064] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6501] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5064] umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6501] <... openat resumed>) = 3 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6494] <... sendfile resumed>) = 1048576 [pid 5064] openat(AT_FDCWD, "./116/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6501] chdir("./file0" [pid 6494] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5064] <... openat resumed>) = 4 [pid 6501] <... chdir resumed>) = 0 [pid 6494] <... open resumed>) = -1 EFAULT (Bad address) [pid 6501] ioctl(4, LOOP_CLR_FD [pid 5064] fstat(4, [pid 6501] <... ioctl resumed>) = 0 [pid 6494] exit_group(0 [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6501] close(4 [pid 6494] <... exit_group resumed>) = ? [pid 5064] getdents64(4, [pid 6502] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6501] <... close resumed>) = 0 [pid 6494] +++ exited with 0 +++ [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6501] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5064] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6501] <... open resumed>) = 4 [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6494, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} --- [pid 5064] close(4 [pid 6501] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] restart_syscall(<... resuming interrupted clone ...> [pid 5064] <... close resumed>) = 0 [pid 6501] <... open resumed>) = 5 [pid 5067] <... restart_syscall resumed>) = 0 [pid 5064] rmdir("./116/file0" [pid 6501] ftruncate(5, 33587195 [pid 5064] <... rmdir resumed>) = 0 [pid 6501] <... ftruncate resumed>) = 0 [pid 5064] getdents64(3, [pid 6501] sendfile(4, 5, NULL, 281474978811909 [pid 5064] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] close(3 [pid 5067] umount2("./118", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... close resumed>) = 0 [pid 5064] rmdir("./116" [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... rmdir resumed>) = 0 [pid 5067] openat(AT_FDCWD, "./118", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] mkdir("./117", 0777 [pid 5067] <... openat resumed>) = 3 [pid 5064] <... mkdir resumed>) = 0 [pid 5067] fstat(3, [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] <... openat resumed>) = 3 [pid 5067] getdents64(3, [pid 5064] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] close(3 [pid 5067] umount2("./118/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... close resumed>) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5067] lstat("./118/binderfs", [pid 5064] <... clone resumed>, child_tidptr=0x555556c965d0) = 6504 [pid 5067] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [ 307.937079][ T6501] NILFS (loop5): recovery complete [ 307.956296][ T6503] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5067] unlink("./118/binderfs") = 0 [pid 5067] umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6504 attached [pid 6504] chdir("./117") = 0 [pid 6504] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6504] setpgid(0, 0) = 0 [pid 6504] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6502] <... write resumed>) = 2097152 [pid 6504] write(3, "1000", 4) = 4 [pid 6504] close(3) = 0 [pid 6504] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6504] memfd_create("syzkaller", 0) = 3 [pid 6504] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6502] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6502] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6502] ioctl(4, LOOP_SET_FD, 3 [pid 6504] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6502] <... ioctl resumed>) = 0 [pid 6502] close(3) = 0 [pid 6502] mkdir("./file0", 0777) = 0 [ 308.095840][ T6502] loop4: detected capacity change from 0 to 4096 [pid 6502] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6504] <... write resumed>) = 2097152 [pid 5067] <... umount2 resumed>) = 0 [pid 6504] munmap(0x7fc0314e0000, 2097152 [pid 5067] umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6504] <... munmap resumed>) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6504] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5067] lstat("./118/file0", [pid 6504] <... openat resumed>) = 4 [pid 5067] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6504] ioctl(4, LOOP_SET_FD, 3 [pid 5067] umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./118/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6493] <... sendfile resumed>) = 1048576 [pid 5067] <... openat resumed>) = 4 [pid 6493] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5067] fstat(4, [pid 6493] <... open resumed>) = -1 EFAULT (Bad address) [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6493] exit_group(0 [pid 5067] getdents64(4, [pid 6493] <... exit_group resumed>) = ? [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6493] +++ exited with 0 +++ [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6504] <... ioctl resumed>) = 0 [pid 5067] close(4 [pid 6504] close(3 [pid 5067] <... close resumed>) = 0 [pid 6504] <... close resumed>) = 0 [pid 5067] rmdir("./118/file0" [pid 6504] mkdir("./file0", 0777 [pid 5067] <... rmdir resumed>) = 0 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6493, si_uid=0, si_status=0, si_utime=0, si_stime=18 /* 0.18 s */} --- [pid 6504] <... mkdir resumed>) = 0 [pid 5067] getdents64(3, [pid 5066] umount2("./116", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6504] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5067] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] close(3) = 0 [pid 5067] rmdir("./118") = 0 [ 308.191449][ T6502] NILFS (loop4): invalid segment: Checksum error in segment payload [ 308.197794][ T6504] loop0: detected capacity change from 0 to 4096 [ 308.220381][ T6502] NILFS (loop4): trying rollback from an earlier position [pid 5066] openat(AT_FDCWD, "./116", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5067] mkdir("./119", 0777) = 0 [pid 5066] <... openat resumed>) = 3 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5066] fstat(3, [pid 6502] <... mount resumed>) = 0 [pid 5067] <... openat resumed>) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD [pid 6502] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5067] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] close(3 [pid 6502] <... openat resumed>) = 3 [pid 5067] <... close resumed>) = 0 [pid 5066] getdents64(3, [pid 6502] chdir("./file0" [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5066] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6502] <... chdir resumed>) = 0 [pid 5067] <... clone resumed>, child_tidptr=0x555556c965d0) = 6506 [pid 6502] ioctl(4, LOOP_CLR_FD [pid 5066] umount2("./116/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6506 attached [pid 6506] chdir("./119" [pid 6502] <... ioctl resumed>) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 308.264588][ T6502] NILFS (loop4): recovery complete [ 308.279714][ T6505] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 308.291007][ T6504] NILFS (loop0): invalid segment: Checksum error in segment payload [ 308.299866][ T6504] NILFS (loop0): trying rollback from an earlier position [pid 6506] <... chdir resumed>) = 0 [pid 6502] close(4 [pid 5066] lstat("./116/binderfs", [pid 6506] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6502] <... close resumed>) = 0 [pid 5066] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6506] <... prctl resumed>) = 0 [pid 6502] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5066] unlink("./116/binderfs" [pid 6506] setpgid(0, 0 [pid 6502] <... open resumed>) = 4 [pid 6506] <... setpgid resumed>) = 0 [pid 6502] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5066] <... unlink resumed>) = 0 [pid 6504] <... mount resumed>) = 0 [pid 6506] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6506] write(3, "1000", 4) = 4 [pid 6506] close(3) = 0 [ 308.327749][ T6504] NILFS (loop0): recovery complete [pid 6506] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6506] memfd_create("syzkaller", 0) = 3 [pid 6506] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6502] <... open resumed>) = 5 [pid 5066] umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6506] <... mmap resumed>) = 0x7fc0314e0000 [pid 6502] ftruncate(5, 33587195 [pid 6504] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6502] <... ftruncate resumed>) = 0 [pid 6504] chdir("./file0" [pid 6502] sendfile(4, 5, NULL, 281474978811909 [pid 6504] <... chdir resumed>) = 0 [pid 6504] ioctl(4, LOOP_CLR_FD) = 0 [pid 6504] close(4) = 0 [ 308.356331][ T6507] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6504] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6504] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6504] ftruncate(5, 33587195) = 0 [pid 6504] sendfile(4, 5, NULL, 281474978811909 [pid 6506] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6498] <... sendfile resumed>) = 1048576 [pid 6498] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6498] exit_group(0) = ? [pid 6498] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6498, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=17 /* 0.17 s */} --- [pid 5065] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5065] umount2("./116", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./116", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./116/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./116/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] unlink("./116/binderfs") = 0 [pid 5065] umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6506] <... write resumed>) = 2097152 [pid 6506] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6506] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6506] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6506] close(3) = 0 [pid 6506] mkdir("./file0", 0777) = 0 [pid 6506] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5066] <... umount2 resumed>) = 0 [pid 5066] umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 308.564759][ T6506] loop3: detected capacity change from 0 to 4096 [pid 5066] lstat("./116/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./116/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 5066] rmdir("./116/file0") = 0 [ 308.636470][ T6506] NILFS (loop3): invalid segment: Checksum error in segment payload [ 308.644540][ T6506] NILFS (loop3): trying rollback from an earlier position [pid 5066] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./116") = 0 [pid 5066] mkdir("./117", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5066] close(3) = 0 [pid 5065] <... umount2 resumed>) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5065] umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] <... clone resumed>, child_tidptr=0x555556c965d0) = 6508 [pid 5065] lstat("./116/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./116/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [pid 5065] rmdir("./116/file0") = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 ./strace-static-x86_64: Process 6508 attached [pid 5065] rmdir("./116" [pid 6508] chdir("./117" [pid 6506] <... mount resumed>) = 0 [pid 5065] <... rmdir resumed>) = 0 [pid 6506] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5065] mkdir("./117", 0777 [pid 6508] <... chdir resumed>) = 0 [pid 6506] <... openat resumed>) = 3 [pid 5065] <... mkdir resumed>) = 0 [pid 6506] chdir("./file0" [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6508] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6506] <... chdir resumed>) = 0 [pid 5065] <... openat resumed>) = 3 [pid 6508] <... prctl resumed>) = 0 [pid 6506] ioctl(4, LOOP_CLR_FD [pid 5065] ioctl(3, LOOP_CLR_FD [pid 6506] <... ioctl resumed>) = 0 [pid 5065] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6506] close(4 [pid 5065] close(3 [pid 6506] <... close resumed>) = 0 [pid 5065] <... close resumed>) = 0 [pid 6506] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6508] setpgid(0, 0 [pid 5065] <... clone resumed>, child_tidptr=0x555556c965d0) = 6510 ./strace-static-x86_64: Process 6510 attached [pid 6510] chdir("./117" [pid 6508] <... setpgid resumed>) = 0 [pid 6506] <... open resumed>) = 4 [pid 6510] <... chdir resumed>) = 0 [pid 6508] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6506] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6510] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6508] <... openat resumed>) = 3 [pid 6506] <... open resumed>) = 5 [pid 6510] <... prctl resumed>) = 0 [pid 6508] write(3, "1000", 4 [pid 6506] ftruncate(5, 33587195) = 0 [ 308.774572][ T6506] NILFS (loop3): recovery complete [ 308.793167][ T6509] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6510] setpgid(0, 0 [pid 6508] <... write resumed>) = 4 [pid 6506] sendfile(4, 5, NULL, 281474978811909 [pid 6510] <... setpgid resumed>) = 0 [pid 6508] close(3) = 0 [pid 6508] symlink("/dev/binderfs", "./binderfs" [pid 6510] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6508] <... symlink resumed>) = 0 [pid 6510] <... openat resumed>) = 3 [pid 6508] memfd_create("syzkaller", 0 [pid 6510] write(3, "1000", 4 [pid 6508] <... memfd_create resumed>) = 3 [pid 6510] <... write resumed>) = 4 [pid 6508] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6510] close(3 [pid 6508] <... mmap resumed>) = 0x7fc0314e0000 [pid 6510] <... close resumed>) = 0 [pid 6510] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6510] memfd_create("syzkaller", 0) = 3 [pid 6510] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6508] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6510] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6508] <... write resumed>) = 2097152 [pid 6508] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6508] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6508] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6508] close(3) = 0 [pid 6508] mkdir("./file0", 0777) = 0 [pid 6508] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6501] <... sendfile resumed>) = 1048576 [ 309.042001][ T6508] loop2: detected capacity change from 0 to 4096 [pid 6501] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6510] <... write resumed>) = 2097152 [pid 6501] exit_group(0) = ? [pid 6510] munmap(0x7fc0314e0000, 2097152 [pid 6501] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6501, si_uid=0, si_status=0, si_utime=0, si_stime=22 /* 0.22 s */} --- [pid 5069] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5069] umount2("./119", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./119", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./119/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6510] <... munmap resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./119/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6510] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5069] unlink("./119/binderfs" [pid 6510] <... openat resumed>) = 4 [pid 5069] <... unlink resumed>) = 0 [pid 6510] ioctl(4, LOOP_SET_FD, 3 [ 309.090086][ T6508] NILFS (loop2): invalid segment: Checksum error in segment payload [pid 5069] umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6510] <... ioctl resumed>) = 0 [pid 6510] close(3) = 0 [pid 6510] mkdir("./file0", 0777) = 0 [ 309.144365][ T6510] loop1: detected capacity change from 0 to 4096 [ 309.153120][ T6508] NILFS (loop2): trying rollback from an earlier position [pid 6510] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6508] <... mount resumed>) = 0 [pid 6508] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [ 309.224360][ T6510] NILFS (loop1): invalid segment: Checksum error in segment payload [ 309.233734][ T6510] NILFS (loop1): trying rollback from an earlier position [ 309.245569][ T6508] NILFS (loop2): recovery complete [pid 6508] chdir("./file0") = 0 [pid 6508] ioctl(4, LOOP_CLR_FD) = 0 [pid 6508] close(4) = 0 [pid 6508] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6508] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [ 309.267949][ T6511] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6508] ftruncate(5, 33587195) = 0 [pid 6508] sendfile(4, 5, NULL, 281474978811909 [pid 5069] <... umount2 resumed>) = 0 [pid 5069] umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./119/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./119/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6504] <... sendfile resumed>) = 1048576 [pid 5069] fstat(4, [ 309.370815][ T6510] NILFS (loop1): recovery complete [pid 6504] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6504] <... open resumed>) = -1 EFAULT (Bad address) [pid 5069] getdents64(4, [pid 6510] <... mount resumed>) = 0 [pid 6510] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6504] exit_group(0 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6510] <... openat resumed>) = 3 [pid 6504] <... exit_group resumed>) = ? [pid 5069] getdents64(4, [pid 6510] chdir("./file0") = 0 [pid 6504] +++ exited with 0 +++ [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6510] ioctl(4, LOOP_CLR_FD [pid 5069] close(4 [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6504, si_uid=0, si_status=0, si_utime=0, si_stime=28 /* 0.28 s */} --- [pid 6510] <... ioctl resumed>) = 0 [pid 5069] <... close resumed>) = 0 [pid 6510] close(4 [pid 5069] rmdir("./119/file0" [pid 6510] <... close resumed>) = 0 [pid 6510] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] <... rmdir resumed>) = 0 [pid 6510] <... open resumed>) = 4 [pid 5069] getdents64(3, [pid 6510] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6510] <... open resumed>) = 5 [pid 5069] close(3 [pid 5064] umount2("./117", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6510] ftruncate(5, 33587195 [pid 5069] <... close resumed>) = 0 [pid 6510] <... ftruncate resumed>) = 0 [ 309.421948][ T6512] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6510] sendfile(4, 5, NULL, 281474978811909 [pid 5069] rmdir("./119" [pid 5064] openat(AT_FDCWD, "./117", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] <... rmdir resumed>) = 0 [pid 5064] <... openat resumed>) = 3 [pid 5069] mkdir("./120", 0777 [pid 5064] fstat(3, [pid 5069] <... mkdir resumed>) = 0 [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 6502] <... sendfile resumed>) = 1048576 [pid 5069] <... openat resumed>) = 3 [pid 5064] getdents64(3, [pid 6502] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5069] ioctl(3, LOOP_CLR_FD [pid 6502] <... open resumed>) = -1 EFAULT (Bad address) [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5064] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] close(3 [pid 5064] umount2("./117/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6502] exit_group(0 [pid 5069] <... close resumed>) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6502] <... exit_group resumed>) = ? [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5064] lstat("./117/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6502] +++ exited with 0 +++ [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 6513 [pid 5064] unlink("./117/binderfs" [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6502, si_uid=0, si_status=0, si_utime=0, si_stime=29 /* 0.29 s */} --- [pid 5064] <... unlink resumed>) = 0 [pid 5064] umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6513 attached [pid 5068] umount2("./118", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6513] chdir("./120" [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6513] <... chdir resumed>) = 0 [pid 5068] openat(AT_FDCWD, "./118", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6513] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5068] <... openat resumed>) = 3 [pid 6513] <... prctl resumed>) = 0 [pid 5068] fstat(3, [pid 6513] setpgid(0, 0 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6513] <... setpgid resumed>) = 0 [pid 5068] getdents64(3, [pid 6513] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5068] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6513] <... openat resumed>) = 3 [pid 5068] umount2("./118/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6513] write(3, "1000", 4 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6513] <... write resumed>) = 4 [pid 5068] lstat("./118/binderfs", [pid 6513] close(3 [pid 5068] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6513] <... close resumed>) = 0 [pid 5068] unlink("./118/binderfs" [pid 6513] symlink("/dev/binderfs", "./binderfs" [pid 5068] <... unlink resumed>) = 0 [pid 6513] <... symlink resumed>) = 0 [pid 5068] umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6513] memfd_create("syzkaller", 0) = 3 [pid 6513] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6513] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5064] <... umount2 resumed>) = 0 [pid 5064] umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./117/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./117/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5064] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] getdents64(4, [pid 6513] <... write resumed>) = 2097152 [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] close(4) = 0 [pid 5064] rmdir("./117/file0") = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] close(3 [pid 6513] munmap(0x7fc0314e0000, 2097152 [pid 5064] <... close resumed>) = 0 [pid 5068] <... umount2 resumed>) = 0 [pid 6513] <... munmap resumed>) = 0 [pid 5064] rmdir("./117" [pid 6513] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5064] <... rmdir resumed>) = 0 [pid 6513] ioctl(4, LOOP_SET_FD, 3 [pid 5064] mkdir("./118", 0777 [pid 5068] umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... mkdir resumed>) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5064] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5064] close(3) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./118/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6513] <... ioctl resumed>) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6513] close(3 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6513] <... close resumed>) = 0 [pid 5064] <... clone resumed>, child_tidptr=0x555556c965d0) = 6514 [pid 6513] mkdir("./file0", 0777) = 0 [pid 5068] openat(AT_FDCWD, "./118/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6513] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, ""./strace-static-x86_64: Process 6514 attached [pid 5068] <... openat resumed>) = 4 [pid 6514] chdir("./118" [pid 5068] fstat(4, [pid 6514] <... chdir resumed>) = 0 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 309.778630][ T6513] loop5: detected capacity change from 0 to 4096 [pid 6514] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5068] getdents64(4, [pid 6514] <... prctl resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6514] setpgid(0, 0 [pid 5068] getdents64(4, [pid 6514] <... setpgid resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6514] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5068] close(4 [pid 6514] <... openat resumed>) = 3 [pid 5068] <... close resumed>) = 0 [pid 6514] write(3, "1000", 4 [pid 5068] rmdir("./118/file0" [pid 6514] <... write resumed>) = 4 [pid 5068] <... rmdir resumed>) = 0 [pid 6514] close(3 [pid 5068] getdents64(3, [pid 6514] <... close resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6514] symlink("/dev/binderfs", "./binderfs" [pid 5068] close(3 [pid 6514] <... symlink resumed>) = 0 [pid 5068] <... close resumed>) = 0 [pid 6514] memfd_create("syzkaller", 0 [pid 5068] rmdir("./118" [pid 6514] <... memfd_create resumed>) = 3 [pid 5068] <... rmdir resumed>) = 0 [pid 6506] <... sendfile resumed>) = 1048576 [pid 6514] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6506] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5068] mkdir("./119", 0777 [pid 6514] <... mmap resumed>) = 0x7fc0314e0000 [pid 6506] <... open resumed>) = -1 EFAULT (Bad address) [pid 5068] <... mkdir resumed>) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 6506] exit_group(0 [ 309.870099][ T6513] NILFS (loop5): invalid segment: Checksum error in segment payload [ 309.879067][ T6513] NILFS (loop5): trying rollback from an earlier position [pid 5068] ioctl(3, LOOP_CLR_FD [pid 6513] <... mount resumed>) = 0 [pid 6506] <... exit_group resumed>) = ? [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5068] close(3 [pid 6513] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6506] +++ exited with 0 +++ [pid 5068] <... close resumed>) = 0 [pid 6514] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6513] <... openat resumed>) = 3 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6513] chdir("./file0" [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6506, si_uid=0, si_status=0, si_utime=0, si_stime=32 /* 0.32 s */} --- [pid 6513] <... chdir resumed>) = 0 [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 6516 [pid 5067] restart_syscall(<... resuming interrupted clone ...>) = 0 ./strace-static-x86_64: Process 6516 attached [pid 5067] umount2("./119", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6516] chdir("./119" [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6516] <... chdir resumed>) = 0 [pid 5067] openat(AT_FDCWD, "./119", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6516] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5067] <... openat resumed>) = 3 [pid 6516] <... prctl resumed>) = 0 [pid 5067] fstat(3, [pid 6516] setpgid(0, 0 [pid 6513] ioctl(4, LOOP_CLR_FD [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6516] <... setpgid resumed>) = 0 [pid 6513] <... ioctl resumed>) = 0 [pid 5067] getdents64(3, [pid 6516] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [ 309.912852][ T6513] NILFS (loop5): recovery complete [ 309.921268][ T6515] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6513] close(4 [pid 5067] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6516] <... openat resumed>) = 3 [pid 6513] <... close resumed>) = 0 [pid 5067] umount2("./119/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6516] write(3, "1000", 4 [pid 6513] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6516] <... write resumed>) = 4 [pid 5067] lstat("./119/binderfs", [pid 6516] close(3 [pid 6513] <... open resumed>) = 4 [pid 5067] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6516] <... close resumed>) = 0 [pid 6513] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] unlink("./119/binderfs" [pid 6516] symlink("/dev/binderfs", "./binderfs" [pid 5067] <... unlink resumed>) = 0 [pid 6516] <... symlink resumed>) = 0 [pid 5067] umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6516] memfd_create("syzkaller", 0 [pid 6513] <... open resumed>) = 5 [pid 6516] <... memfd_create resumed>) = 3 [pid 6516] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6513] ftruncate(5, 33587195) = 0 [pid 6513] sendfile(4, 5, NULL, 281474978811909 [pid 6516] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6514] <... write resumed>) = 2097152 [pid 6514] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6514] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6514] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6514] close(3) = 0 [pid 6514] mkdir("./file0", 0777) = 0 [pid 6514] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6516] <... write resumed>) = 2097152 [pid 6516] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6516] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 310.119500][ T6514] loop0: detected capacity change from 0 to 4096 [pid 6516] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6516] close(3) = 0 [pid 6516] mkdir("./file0", 0777) = 0 [ 310.193187][ T6514] NILFS (loop0): invalid segment: Checksum error in segment payload [ 310.201834][ T6516] loop4: detected capacity change from 0 to 4096 [ 310.230091][ T6514] NILFS (loop0): trying rollback from an earlier position [pid 6516] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5067] <... umount2 resumed>) = 0 [pid 5067] umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./119/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 310.259723][ T6516] NILFS (loop4): invalid segment: Checksum error in segment payload [pid 5067] umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6510] <... sendfile resumed>) = 1048576 [pid 5067] openat(AT_FDCWD, "./119/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6510] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5067] <... openat resumed>) = 4 [pid 6510] <... open resumed>) = -1 EFAULT (Bad address) [pid 5067] fstat(4, [pid 6508] <... sendfile resumed>) = 1048576 [pid 6510] exit_group(0) = ? [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./119/file0") = 0 [pid 5067] getdents64(3, [pid 6510] +++ exited with 0 +++ [pid 5067] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6514] <... mount resumed>) = 0 [pid 5067] close(3 [pid 6514] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6508] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5067] <... close resumed>) = 0 [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6510, si_uid=0, si_status=0, si_utime=0, si_stime=29 /* 0.29 s */} --- [pid 6514] <... openat resumed>) = 3 [pid 6508] <... open resumed>) = -1 EFAULT (Bad address) [pid 5065] umount2("./117", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6508] exit_group(0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6508] <... exit_group resumed>) = ? [pid 5065] openat(AT_FDCWD, "./117", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6508] +++ exited with 0 +++ [pid 5065] <... openat resumed>) = 3 [pid 6514] chdir("./file0" [pid 5067] rmdir("./119" [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6508, si_uid=0, si_status=0, si_utime=0, si_stime=24 /* 0.24 s */} --- [pid 5065] fstat(3, [pid 6514] <... chdir resumed>) = 0 [pid 5067] <... rmdir resumed>) = 0 [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6514] ioctl(4, LOOP_CLR_FD [pid 5067] mkdir("./120", 0777 [pid 5065] getdents64(3, [pid 6514] <... ioctl resumed>) = 0 [pid 5067] <... mkdir resumed>) = 0 [pid 5065] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6514] close(4 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5066] umount2("./117", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] umount2("./117/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6514] <... close resumed>) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] <... openat resumed>) = 3 [pid 6514] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] ioctl(3, LOOP_CLR_FD [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./117/binderfs", [pid 6514] <... open resumed>) = 4 [pid 5067] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5066] openat(AT_FDCWD, "./117", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6514] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] close(3 [pid 5066] <... openat resumed>) = 3 [pid 5065] unlink("./117/binderfs") = 0 [pid 6514] <... open resumed>) = 5 [ 310.333183][ T6516] NILFS (loop4): trying rollback from an earlier position [ 310.345984][ T6514] NILFS (loop0): recovery complete [ 310.370128][ T6517] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5067] <... close resumed>) = 0 [pid 5066] fstat(3, [pid 5065] umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6514] ftruncate(5, 33587195 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6514] <... ftruncate resumed>) = 0 [pid 5066] getdents64(3, [pid 6514] sendfile(4, 5, NULL, 281474978811909 [pid 5066] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] umount2("./117/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./117/binderfs", [pid 5067] <... clone resumed>, child_tidptr=0x555556c965d0) = 6518 [pid 5066] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] unlink("./117/binderfs") = 0 [ 310.408069][ T6516] NILFS (loop4): recovery complete [pid 5066] umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6516] <... mount resumed>) = 0 [pid 6516] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6516] chdir("./file0") = 0 [pid 6516] ioctl(4, LOOP_CLR_FD) = 0 [pid 6516] close(4) = 0 [pid 6516] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6516] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000./strace-static-x86_64: Process 6518 attached ) = 5 [pid 6516] ftruncate(5, 33587195 [pid 6518] chdir("./120" [pid 6516] <... ftruncate resumed>) = 0 [pid 6518] <... chdir resumed>) = 0 [pid 6516] sendfile(4, 5, NULL, 281474978811909 [pid 6518] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6518] setpgid(0, 0) = 0 [pid 6518] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6518] write(3, "1000", 4) = 4 [pid 6518] close(3) = 0 [pid 6518] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6518] memfd_create("syzkaller", 0) = 3 [pid 6518] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 310.486091][ T6519] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5065] <... umount2 resumed>) = 0 [pid 5065] umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./117/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./117/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, [pid 6518] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [pid 5065] rmdir("./117/file0") = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 5065] rmdir("./117") = 0 [pid 5065] mkdir("./118", 0777) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6520 ./strace-static-x86_64: Process 6520 attached [pid 6520] chdir("./118") = 0 [pid 5066] <... umount2 resumed>) = 0 [pid 6520] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6520] setpgid(0, 0) = 0 [pid 6520] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6520] write(3, "1000", 4) = 4 [pid 6520] close(3) = 0 [pid 6520] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6520] memfd_create("syzkaller", 0) = 3 [pid 6520] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5066] umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6520] <... mmap resumed>) = 0x7fc0314e0000 [pid 6518] <... write resumed>) = 2097152 [pid 6518] munmap(0x7fc0314e0000, 2097152 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6518] <... munmap resumed>) = 0 [pid 5066] lstat("./117/file0", [pid 6518] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5066] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6518] <... openat resumed>) = 4 [pid 5066] umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./117/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6518] ioctl(4, LOOP_SET_FD, 3 [pid 5066] <... openat resumed>) = 4 [pid 5066] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6518] <... ioctl resumed>) = 0 [pid 5066] close(4) = 0 [pid 5066] rmdir("./117/file0") = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./117") = 0 [pid 5066] mkdir("./118", 0777 [pid 6520] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6518] close(3 [pid 5066] <... mkdir resumed>) = 0 [pid 6518] <... close resumed>) = 0 [pid 6518] mkdir("./file0", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR [ 310.778962][ T6518] loop3: detected capacity change from 0 to 4096 [pid 6518] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5066] <... openat resumed>) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5066] close(3) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6521 ./strace-static-x86_64: Process 6521 attached [pid 6521] chdir("./118") = 0 [pid 6521] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6521] setpgid(0, 0) = 0 [pid 6520] <... write resumed>) = 2097152 [pid 6521] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6520] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6520] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6520] ioctl(4, LOOP_SET_FD, 3 [pid 6521] <... openat resumed>) = 3 [ 310.851167][ T6518] NILFS (loop3): invalid segment: Checksum error in segment payload [ 310.870106][ T6518] NILFS (loop3): trying rollback from an earlier position [pid 6521] write(3, "1000", 4) = 4 [pid 6521] close(3) = 0 [pid 6521] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6521] memfd_create("syzkaller", 0) = 3 [pid 6521] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6520] <... ioctl resumed>) = 0 [pid 6520] close(3 [pid 6521] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6520] <... close resumed>) = 0 [pid 6520] mkdir("./file0", 0777 [pid 6513] <... sendfile resumed>) = 1048576 [pid 6520] <... mkdir resumed>) = 0 [ 310.919919][ T6520] loop1: detected capacity change from 0 to 4096 [pid 6513] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6520] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6513] <... open resumed>) = -1 EFAULT (Bad address) [pid 6513] exit_group(0) = ? [pid 6513] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6513, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 5069] umount2("./120", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./120", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./120/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./120/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./120/binderfs") = 0 [ 310.970813][ T6518] NILFS (loop3): recovery complete [pid 5069] umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6518] <... mount resumed>) = 0 [pid 6518] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6521] <... write resumed>) = 2097152 [pid 6518] chdir("./file0") = 0 [ 311.010892][ T6520] NILFS (loop1): invalid segment: Checksum error in segment payload [ 311.041673][ T6522] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6518] ioctl(4, LOOP_CLR_FD) = 0 [pid 6518] close(4) = 0 [pid 6521] munmap(0x7fc0314e0000, 2097152 [pid 6518] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6518] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6518] ftruncate(5, 33587195) = 0 [pid 6518] sendfile(4, 5, NULL, 281474978811909 [pid 6521] <... munmap resumed>) = 0 [pid 6521] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 311.065083][ T6520] NILFS (loop1): trying rollback from an earlier position [pid 6521] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6521] close(3) = 0 [pid 6521] mkdir("./file0", 0777) = 0 [ 311.112319][ T6521] loop2: detected capacity change from 0 to 4096 [ 311.162450][ T6520] NILFS (loop1): recovery complete [pid 6521] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6520] <... mount resumed>) = 0 [pid 6520] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6520] chdir("./file0") = 0 [pid 6520] ioctl(4, LOOP_CLR_FD) = 0 [pid 6520] close(4) = 0 [pid 6520] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6520] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6520] ftruncate(5, 33587195) = 0 [pid 6520] sendfile(4, 5, NULL, 281474978811909 [ 311.192856][ T6523] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 311.224008][ T6521] NILFS (loop2): invalid segment: Checksum error in segment payload [pid 5069] <... umount2 resumed>) = 0 [pid 5069] umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./120/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./120/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 5069] rmdir("./120/file0") = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [ 311.264991][ T6521] NILFS (loop2): trying rollback from an earlier position [pid 5069] close(3) = 0 [pid 5069] rmdir("./120") = 0 [pid 5069] mkdir("./121", 0777) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5069] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6524 ./strace-static-x86_64: Process 6524 attached [pid 6524] chdir("./121") = 0 [pid 6524] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6524] setpgid(0, 0) = 0 [pid 6524] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6524] write(3, "1000", 4 [pid 6514] <... sendfile resumed>) = 1048576 [pid 6524] <... write resumed>) = 4 [pid 6514] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6524] close(3 [pid 6514] <... open resumed>) = -1 EFAULT (Bad address) [pid 6524] <... close resumed>) = 0 [pid 6514] exit_group(0 [pid 6524] symlink("/dev/binderfs", "./binderfs" [pid 6514] <... exit_group resumed>) = ? [pid 6524] <... symlink resumed>) = 0 [pid 6524] memfd_create("syzkaller", 0) = 3 [ 311.376234][ T6521] NILFS (loop2): recovery complete [pid 6524] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6514] +++ exited with 0 +++ [pid 6524] <... mmap resumed>) = 0x7fc0314e0000 [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6514, si_uid=0, si_status=0, si_utime=0, si_stime=28 /* 0.28 s */} --- [pid 6521] <... mount resumed>) = 0 [pid 5064] restart_syscall(<... resuming interrupted clone ...> [pid 6521] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5064] <... restart_syscall resumed>) = 0 [pid 6521] <... openat resumed>) = 3 [pid 6521] chdir("./file0") = 0 [pid 5064] umount2("./118", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6524] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6521] ioctl(4, LOOP_CLR_FD [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6521] <... ioctl resumed>) = 0 [pid 5064] openat(AT_FDCWD, "./118", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6521] close(4 [pid 5064] <... openat resumed>) = 3 [pid 6521] <... close resumed>) = 0 [pid 5064] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6521] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5064] umount2("./118/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6521] <... open resumed>) = 4 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6521] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5064] lstat("./118/binderfs", [pid 6521] <... open resumed>) = 5 [ 311.437609][ T6525] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5064] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6521] ftruncate(5, 33587195 [pid 5064] unlink("./118/binderfs" [pid 6521] <... ftruncate resumed>) = 0 [pid 5064] <... unlink resumed>) = 0 [pid 6521] sendfile(4, 5, NULL, 281474978811909 [pid 5064] umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6516] <... sendfile resumed>) = 1048576 [pid 6516] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6516] exit_group(0) = ? [pid 6516] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6516, si_uid=0, si_status=0, si_utime=0, si_stime=24 /* 0.24 s */} --- [pid 5068] umount2("./119", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./119", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] umount2("./119/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./119/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] unlink("./119/binderfs") = 0 [pid 5068] umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6524] <... write resumed>) = 2097152 [pid 5064] <... umount2 resumed>) = 0 [pid 6524] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6524] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 6524] ioctl(4, LOOP_SET_FD, 3 [pid 5064] umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6524] <... ioctl resumed>) = 0 [pid 6524] close(3) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6524] mkdir("./file0", 0777 [pid 5064] lstat("./118/file0", [pid 6524] <... mkdir resumed>) = 0 [pid 6524] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5064] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./118/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 311.663713][ T6524] loop5: detected capacity change from 0 to 4096 [pid 5064] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] close(4) = 0 [pid 5064] rmdir("./118/file0") = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] close(3) = 0 [pid 5064] rmdir("./118") = 0 [pid 5064] mkdir("./119", 0777) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 311.755314][ T6524] NILFS (loop5): invalid segment: Checksum error in segment payload [ 311.785810][ T6524] NILFS (loop5): trying rollback from an earlier position [pid 5064] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5064] close(3) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] <... umount2 resumed>) = 0 [pid 5068] umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./119/file0", [pid 5064] <... clone resumed>, child_tidptr=0x555556c965d0) = 6526 [pid 5068] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 ./strace-static-x86_64: Process 6526 attached [pid 5068] umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6526] chdir("./119" [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6526] <... chdir resumed>) = 0 [pid 5068] openat(AT_FDCWD, "./119/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6526] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5068] <... openat resumed>) = 4 [pid 6526] <... prctl resumed>) = 0 [pid 5068] fstat(4, [ 311.856074][ T6524] NILFS (loop5): recovery complete [pid 6526] setpgid(0, 0 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6526] <... setpgid resumed>) = 0 [pid 6524] <... mount resumed>) = 0 [pid 5068] getdents64(4, [pid 6526] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6526] <... openat resumed>) = 3 [pid 6524] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5068] getdents64(4, [pid 6526] write(3, "1000", 4 [pid 6524] <... openat resumed>) = 3 [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6526] <... write resumed>) = 4 [pid 6524] chdir("./file0" [pid 5068] close(4 [pid 6526] close(3 [pid 6524] <... chdir resumed>) = 0 [pid 5068] <... close resumed>) = 0 [pid 6526] <... close resumed>) = 0 [pid 6524] ioctl(4, LOOP_CLR_FD [pid 5068] rmdir("./119/file0" [pid 6526] symlink("/dev/binderfs", "./binderfs" [pid 5068] <... rmdir resumed>) = 0 [pid 6526] <... symlink resumed>) = 0 [pid 6524] <... ioctl resumed>) = 0 [pid 5068] getdents64(3, [pid 6526] memfd_create("syzkaller", 0 [pid 6524] close(4 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6526] <... memfd_create resumed>) = 3 [pid 6524] <... close resumed>) = 0 [pid 5068] close(3 [pid 6526] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5068] <... close resumed>) = 0 [pid 6526] <... mmap resumed>) = 0x7fc0314e0000 [pid 5068] rmdir("./119" [ 311.903450][ T6527] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6524] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] <... rmdir resumed>) = 0 [pid 6526] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5068] mkdir("./120", 0777 [pid 6524] <... open resumed>) = 4 [pid 5068] <... mkdir resumed>) = 0 [pid 6524] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6524] <... open resumed>) = 5 [pid 5068] <... openat resumed>) = 3 [pid 6524] ftruncate(5, 33587195 [pid 5068] ioctl(3, LOOP_CLR_FD [pid 6524] <... ftruncate resumed>) = 0 [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5068] close(3) = 0 [pid 6524] sendfile(4, 5, NULL, 281474978811909 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6528 ./strace-static-x86_64: Process 6528 attached [pid 6528] chdir("./120") = 0 [pid 6528] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6528] setpgid(0, 0) = 0 [pid 6528] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6528] write(3, "1000", 4) = 4 [pid 6528] close(3) = 0 [pid 6528] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6528] memfd_create("syzkaller", 0) = 3 [pid 6528] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6528] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152 [pid 6526] <... write resumed>) = 2097152 [pid 6528] munmap(0x7fc0314e0000, 2097152 [pid 6526] munmap(0x7fc0314e0000, 2097152 [pid 6528] <... munmap resumed>) = 0 [pid 6526] <... munmap resumed>) = 0 [pid 6528] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6526] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6528] <... openat resumed>) = 4 [pid 6526] <... openat resumed>) = 4 [pid 6528] ioctl(4, LOOP_SET_FD, 3 [pid 6526] ioctl(4, LOOP_SET_FD, 3 [pid 6528] <... ioctl resumed>) = 0 [pid 6526] <... ioctl resumed>) = 0 [pid 6526] close(3) = 0 [pid 6526] mkdir("./file0", 0777) = 0 [pid 6526] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6520] <... sendfile resumed>) = 1048576 [pid 6520] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6528] close(3) = 0 [pid 6528] mkdir("./file0", 0777 [pid 6520] <... open resumed>) = -1 EFAULT (Bad address) [pid 6520] exit_group(0) = ? [pid 6520] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6520, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=25 /* 0.25 s */} --- [pid 5065] umount2("./118", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6528] <... mkdir resumed>) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6528] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5065] openat(AT_FDCWD, "./118", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 312.150461][ T6526] loop0: detected capacity change from 0 to 4096 [ 312.157330][ T6528] loop4: detected capacity change from 0 to 4096 [ 312.189621][ T6526] NILFS (loop0): invalid segment: Checksum error in segment payload [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./118/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./118/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] unlink("./118/binderfs") = 0 [ 312.231890][ T6528] NILFS (loop4): invalid segment: Checksum error in segment payload [ 312.249497][ T6526] NILFS (loop0): trying rollback from an earlier position [pid 5065] umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6518] <... sendfile resumed>) = 1048576 [pid 6518] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6518] exit_group(0) = ? [pid 6518] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6518, si_uid=0, si_status=0, si_utime=0, si_stime=29 /* 0.29 s */} --- [pid 5067] umount2("./120", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./120", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./120/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./120/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./120/binderfs") = 0 [ 312.266454][ T6528] NILFS (loop4): trying rollback from an earlier position [pid 5067] umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6526] <... mount resumed>) = 0 [pid 6526] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6526] chdir("./file0") = 0 [pid 6526] ioctl(4, LOOP_CLR_FD) = 0 [pid 6526] close(4) = 0 [pid 6526] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6526] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6526] ftruncate(5, 33587195) = 0 [ 312.335210][ T6526] NILFS (loop0): recovery complete [ 312.345594][ T6528] NILFS (loop4): recovery complete [ 312.363512][ T6529] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6526] sendfile(4, 5, NULL, 281474978811909 [pid 6528] <... mount resumed>) = 0 [pid 6528] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6528] chdir("./file0") = 0 [pid 6528] ioctl(4, LOOP_CLR_FD) = 0 [pid 6528] close(4) = 0 [pid 6528] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6528] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6528] ftruncate(5, 33587195) = 0 [ 312.438457][ T6530] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6528] sendfile(4, 5, NULL, 281474978811909 [pid 5065] <... umount2 resumed>) = 0 [pid 5065] umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./118/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] <... umount2 resumed>) = 0 [pid 5065] umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./118/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6521] <... sendfile resumed>) = 1048576 [pid 5067] umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] close(4 [pid 6521] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... close resumed>) = 0 [pid 6521] <... open resumed>) = -1 EFAULT (Bad address) [pid 5067] lstat("./120/file0", [pid 5065] rmdir("./118/file0") = 0 [pid 5067] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6521] exit_group(0 [pid 5067] umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] getdents64(3, [pid 6521] <... exit_group resumed>) = ? [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] openat(AT_FDCWD, "./120/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6521] +++ exited with 0 +++ [pid 5067] <... openat resumed>) = 4 [pid 5065] close(3 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6521, si_uid=0, si_status=0, si_utime=0, si_stime=22 /* 0.22 s */} --- [pid 5067] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] <... close resumed>) = 0 [pid 5067] getdents64(4, [pid 5065] rmdir("./118") = 0 [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, [pid 5066] umount2("./118", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] mkdir("./119", 0777 [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] close(4 [pid 5066] openat(AT_FDCWD, "./118", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5067] <... close resumed>) = 0 [pid 5066] <... openat resumed>) = 3 [pid 5067] rmdir("./120/file0" [pid 5066] fstat(3, [pid 5067] <... rmdir resumed>) = 0 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] <... mkdir resumed>) = 0 [pid 5066] getdents64(3, [pid 5067] getdents64(3, [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5067] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] <... openat resumed>) = 3 [pid 5067] close(3 [pid 5066] umount2("./118/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] ioctl(3, LOOP_CLR_FD [pid 5067] <... close resumed>) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5067] rmdir("./120" [pid 5065] close(3 [pid 5066] lstat("./118/binderfs", [pid 5067] <... rmdir resumed>) = 0 [pid 5065] <... close resumed>) = 0 [pid 5066] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] mkdir("./121", 0777 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5067] <... mkdir resumed>) = 0 [pid 5066] unlink("./118/binderfs" [pid 5065] <... clone resumed>, child_tidptr=0x555556c965d0) = 6531 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5066] <... unlink resumed>) = 0 [pid 5067] <... openat resumed>) = 3 [pid 5066] umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6532 attached [pid 6532] chdir("./121" [pid 5067] <... clone resumed>, child_tidptr=0x555556c965d0) = 6532 [pid 6532] <... chdir resumed>) = 0 [pid 6532] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6532] setpgid(0, 0) = 0 ./strace-static-x86_64: Process 6531 attached [pid 6532] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6531] chdir("./119" [pid 6532] write(3, "1000", 4) = 4 [pid 6531] <... chdir resumed>) = 0 [pid 6532] close(3) = 0 [pid 6532] symlink("/dev/binderfs", "./binderfs" [pid 6531] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6532] <... symlink resumed>) = 0 [pid 6531] <... prctl resumed>) = 0 [pid 6532] memfd_create("syzkaller", 0 [pid 6531] setpgid(0, 0 [pid 6532] <... memfd_create resumed>) = 3 [pid 6531] <... setpgid resumed>) = 0 [pid 6532] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6531] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6531] write(3, "1000", 4) = 4 [pid 6531] close(3) = 0 [pid 6531] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6531] memfd_create("syzkaller", 0) = 3 [pid 6531] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6532] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6531] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5066] <... umount2 resumed>) = 0 [pid 5066] umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./118/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./118/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6532] <... write resumed>) = 2097152 [pid 6531] <... write resumed>) = 2097152 [pid 5066] fstat(4, [pid 6532] munmap(0x7fc0314e0000, 2097152 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6532] <... munmap resumed>) = 0 [pid 5066] getdents64(4, [pid 6532] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6532] <... openat resumed>) = 4 [pid 5066] getdents64(4, [pid 6532] ioctl(4, LOOP_SET_FD, 3 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6532] <... ioctl resumed>) = 0 [pid 5066] close(4) = 0 [pid 6531] munmap(0x7fc0314e0000, 2097152 [pid 5066] rmdir("./118/file0" [pid 6531] <... munmap resumed>) = 0 [pid 5066] <... rmdir resumed>) = 0 [pid 6531] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5066] getdents64(3, [pid 6531] <... openat resumed>) = 4 [pid 5066] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6531] ioctl(4, LOOP_SET_FD, 3 [pid 5066] close(3 [pid 6532] close(3 [pid 5066] <... close resumed>) = 0 [pid 5066] rmdir("./118") = 0 [pid 6532] <... close resumed>) = 0 [pid 6531] <... ioctl resumed>) = 0 [pid 5066] mkdir("./119", 0777 [pid 6532] mkdir("./file0", 0777 [pid 6531] close(3 [pid 5066] <... mkdir resumed>) = 0 [pid 6531] <... close resumed>) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6531] mkdir("./file0", 0777 [pid 5066] <... openat resumed>) = 3 [pid 6532] <... mkdir resumed>) = 0 [pid 6531] <... mkdir resumed>) = 0 [pid 5066] ioctl(3, LOOP_CLR_FD [pid 6532] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6531] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5066] <... ioctl resumed>) = -1 ENXIO (No such device or address) [ 312.875623][ T6532] loop3: detected capacity change from 0 to 4096 [ 312.888117][ T6531] loop1: detected capacity change from 0 to 4096 [pid 5066] close(3) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6533 ./strace-static-x86_64: Process 6533 attached [pid 6533] chdir("./119") = 0 [pid 6533] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6533] setpgid(0, 0) = 0 [pid 6533] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6533] write(3, "1000", 4) = 4 [pid 6533] close(3) = 0 [pid 6533] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6533] memfd_create("syzkaller", 0) = 3 [pid 6533] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 312.931581][ T6531] NILFS (loop1): invalid segment: Checksum error in segment payload [ 312.940543][ T6532] NILFS (loop3): invalid segment: Checksum error in segment payload [pid 6524] <... sendfile resumed>) = 1048576 [pid 6533] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6524] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6524] exit_group(0) = ? [ 312.975911][ T6532] NILFS (loop3): trying rollback from an earlier position [ 313.014242][ T6532] NILFS (loop3): recovery complete [pid 6524] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6524, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=27 /* 0.27 s */} --- [pid 5069] umount2("./121", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./121", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./121/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./121/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./121/binderfs") = 0 [ 313.016181][ T6531] NILFS (loop1): trying rollback from an earlier position [pid 5069] umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6533] <... write resumed>) = 2097152 [pid 6532] <... mount resumed>) = 0 [pid 6533] munmap(0x7fc0314e0000, 2097152 [pid 6532] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6533] <... munmap resumed>) = 0 [pid 6533] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6532] <... openat resumed>) = 3 [pid 6533] <... openat resumed>) = 4 [pid 6532] chdir("./file0" [pid 6533] ioctl(4, LOOP_SET_FD, 3 [pid 6532] <... chdir resumed>) = 0 [ 313.057614][ T6534] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6532] ioctl(4, LOOP_CLR_FD [pid 6533] <... ioctl resumed>) = 0 [pid 6532] <... ioctl resumed>) = 0 [pid 6533] close(3 [pid 6532] close(4 [pid 6533] <... close resumed>) = 0 [pid 6532] <... close resumed>) = 0 [pid 6533] mkdir("./file0", 0777 [pid 6532] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6533] <... mkdir resumed>) = 0 [pid 6532] <... open resumed>) = 4 [pid 6533] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6532] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6532] ftruncate(5, 33587195) = 0 [ 313.098102][ T6533] loop2: detected capacity change from 0 to 4096 [ 313.118114][ T6531] NILFS (loop1): recovery complete [pid 6532] sendfile(4, 5, NULL, 281474978811909 [pid 6531] <... mount resumed>) = 0 [pid 6531] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6531] chdir("./file0") = 0 [pid 6531] ioctl(4, LOOP_CLR_FD) = 0 [pid 6531] close(4) = 0 [pid 6531] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6531] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6531] ftruncate(5, 33587195) = 0 [ 313.155098][ T6535] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 313.187250][ T6533] NILFS (loop2): invalid segment: Checksum error in segment payload [pid 6531] sendfile(4, 5, NULL, 281474978811909 [pid 5069] <... umount2 resumed>) = 0 [ 313.224841][ T6533] NILFS (loop2): trying rollback from an earlier position [pid 5069] umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./121/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./121/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 5069] rmdir("./121/file0") = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./121") = 0 [pid 5069] mkdir("./122", 0777) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 313.308480][ T6533] NILFS (loop2): recovery complete [pid 5069] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6537 attached [pid 6533] <... mount resumed>) = 0 [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 6537 [pid 6533] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6533] chdir("./file0") = 0 [pid 6533] ioctl(4, LOOP_CLR_FD) = 0 [pid 6533] close(4) = 0 [pid 6533] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6533] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6537] chdir("./122" [pid 6533] <... open resumed>) = 5 [pid 6533] ftruncate(5, 33587195 [pid 6537] <... chdir resumed>) = 0 [pid 6533] <... ftruncate resumed>) = 0 [pid 6537] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6533] sendfile(4, 5, NULL, 281474978811909 [pid 6537] <... prctl resumed>) = 0 [pid 6537] setpgid(0, 0) = 0 [pid 6537] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6537] write(3, "1000", 4) = 4 [ 313.387633][ T6536] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6537] close(3) = 0 [pid 6537] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6537] memfd_create("syzkaller", 0) = 3 [pid 6528] <... sendfile resumed>) = 1048576 [pid 6528] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6537] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6528] exit_group(0) = ? [pid 6537] <... mmap resumed>) = 0x7fc0314e0000 [pid 6528] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6528, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5068] umount2("./120", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6537] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./120", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] umount2("./120/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./120/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] unlink("./120/binderfs") = 0 [pid 5068] umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6537] <... write resumed>) = 2097152 [pid 6526] <... sendfile resumed>) = 1048576 [pid 6526] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6526] exit_group(0) = ? [pid 6526] +++ exited with 0 +++ [pid 6537] munmap(0x7fc0314e0000, 2097152 [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6526, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} --- [pid 6537] <... munmap resumed>) = 0 [pid 5064] umount2("./119", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./119", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6537] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5064] <... openat resumed>) = 3 [pid 5064] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6537] <... openat resumed>) = 4 [pid 5064] getdents64(3, [pid 6537] ioctl(4, LOOP_SET_FD, 3 [pid 5064] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] umount2("./119/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./119/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] unlink("./119/binderfs") = 0 [pid 5064] umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6537] <... ioctl resumed>) = 0 [pid 6537] close(3) = 0 [pid 6537] mkdir("./file0", 0777) = 0 [ 313.610987][ T6537] loop5: detected capacity change from 0 to 4096 [pid 6537] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] <... umount2 resumed>) = 0 [pid 5068] umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./120/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./120/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5068] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5068] rmdir("./120/file0") = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [ 313.714773][ T6537] NILFS (loop5): invalid segment: Checksum error in segment payload [pid 5068] rmdir("./120") = 0 [pid 5068] mkdir("./121", 0777) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5068] close(3) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6538 ./strace-static-x86_64: Process 6538 attached [pid 6538] chdir("./121") = 0 [ 313.770043][ T6537] NILFS (loop5): trying rollback from an earlier position [pid 6538] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6538] setpgid(0, 0) = 0 [pid 6538] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5064] <... umount2 resumed>) = 0 [pid 6538] write(3, "1000", 4) = 4 [pid 5064] umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6538] close(3) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6538] symlink("/dev/binderfs", "./binderfs" [pid 5064] lstat("./119/file0", [pid 6538] <... symlink resumed>) = 0 [pid 5064] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6538] memfd_create("syzkaller", 0 [pid 5064] umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6538] <... memfd_create resumed>) = 3 [pid 5064] openat(AT_FDCWD, "./119/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6538] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5064] <... openat resumed>) = 4 [pid 6538] <... mmap resumed>) = 0x7fc0314e0000 [pid 5064] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] close(4) = 0 [pid 5064] rmdir("./119/file0") = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] close(3) = 0 [ 313.859733][ T6537] NILFS (loop5): recovery complete [pid 5064] rmdir("./119") = 0 [pid 5064] mkdir("./120", 0777) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5064] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5064] close(3 [pid 6538] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6537] <... mount resumed>) = 0 [pid 5064] <... close resumed>) = 0 [pid 6538] <... write resumed>) = 2097152 [pid 6537] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6538] munmap(0x7fc0314e0000, 2097152 [pid 6537] <... openat resumed>) = 3 ./strace-static-x86_64: Process 6540 attached [pid 6538] <... munmap resumed>) = 0 [pid 6537] chdir("./file0" [pid 6540] chdir("./120" [ 313.909773][ T6539] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6538] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5064] <... clone resumed>, child_tidptr=0x555556c965d0) = 6540 [pid 6537] <... chdir resumed>) = 0 [pid 6540] <... chdir resumed>) = 0 [pid 6538] <... openat resumed>) = 4 [pid 6537] ioctl(4, LOOP_CLR_FD [pid 6540] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6538] ioctl(4, LOOP_SET_FD, 3 [pid 6537] <... ioctl resumed>) = 0 [pid 6540] <... prctl resumed>) = 0 [pid 6540] setpgid(0, 0) = 0 [pid 6540] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6540] write(3, "1000", 4) = 4 [pid 6540] close(3) = 0 [pid 6540] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6540] memfd_create("syzkaller", 0 [pid 6538] <... ioctl resumed>) = 0 [pid 6537] close(4 [pid 6540] <... memfd_create resumed>) = 3 [pid 6537] <... close resumed>) = 0 [pid 6540] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6537] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6540] <... mmap resumed>) = 0x7fc0314e0000 [pid 6538] close(3 [pid 6537] <... open resumed>) = 4 [pid 6537] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6538] <... close resumed>) = 0 [pid 6538] mkdir("./file0", 0777 [pid 6537] <... open resumed>) = 5 [pid 6538] <... mkdir resumed>) = 0 [pid 6537] ftruncate(5, 33587195 [pid 6538] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6537] <... ftruncate resumed>) = 0 [pid 6537] sendfile(4, 5, NULL, 281474978811909 [ 313.987869][ T6538] loop4: detected capacity change from 0 to 4096 [pid 6540] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152 [ 314.058607][ T6538] NILFS (loop4): invalid segment: Checksum error in segment payload [ 314.093879][ T6538] NILFS (loop4): trying rollback from an earlier position [pid 6540] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6540] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 314.167222][ T6538] NILFS (loop4): recovery complete [pid 6540] ioctl(4, LOOP_SET_FD, 3 [pid 6538] <... mount resumed>) = 0 [pid 6538] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6538] chdir("./file0") = 0 [pid 6538] ioctl(4, LOOP_CLR_FD) = 0 [pid 6540] <... ioctl resumed>) = 0 [pid 6540] close(3) = 0 [pid 6540] mkdir("./file0", 0777 [pid 6538] close(4 [pid 6531] <... sendfile resumed>) = 1048576 [pid 6538] <... close resumed>) = 0 [pid 6531] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6540] <... mkdir resumed>) = 0 [pid 6531] <... open resumed>) = -1 EFAULT (Bad address) [pid 6531] exit_group(0 [pid 6540] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6531] <... exit_group resumed>) = ? [pid 6538] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6531] +++ exited with 0 +++ [pid 6538] <... open resumed>) = 4 [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6531, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=24 /* 0.24 s */} --- [pid 6538] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5065] restart_syscall(<... resuming interrupted clone ...> [pid 6538] <... open resumed>) = 5 [pid 5065] <... restart_syscall resumed>) = 0 [pid 6538] ftruncate(5, 33587195) = 0 [pid 6538] sendfile(4, 5, NULL, 281474978811909 [pid 5065] umount2("./119", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./119", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 314.189797][ T6540] loop0: detected capacity change from 0 to 4096 [ 314.215294][ T6541] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./119/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./119/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] unlink("./119/binderfs") = 0 [pid 5065] umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6532] <... sendfile resumed>) = 1048576 [pid 6532] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [ 314.277607][ T6540] NILFS (loop0): invalid segment: Checksum error in segment payload [pid 6532] exit_group(0) = ? [pid 6532] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6532, si_uid=0, si_status=0, si_utime=0, si_stime=29 /* 0.29 s */} --- [pid 5067] umount2("./121", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./121", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./121/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./121/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./121/binderfs") = 0 [ 314.341510][ T6540] NILFS (loop0): trying rollback from an earlier position [ 314.417067][ T6540] NILFS (loop0): recovery complete [pid 5067] umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... umount2 resumed>) = 0 [pid 5065] umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6540] <... mount resumed>) = 0 [pid 6540] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6540] chdir("./file0" [pid 5065] lstat("./119/file0", [pid 6540] <... chdir resumed>) = 0 [pid 6540] ioctl(4, LOOP_CLR_FD [pid 5065] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6540] <... ioctl resumed>) = 0 [pid 6540] close(4 [pid 5065] umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6540] <... close resumed>) = 0 [pid 6540] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6540] <... open resumed>) = 4 [pid 5065] openat(AT_FDCWD, "./119/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6540] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5065] <... openat resumed>) = 4 [pid 6540] ftruncate(5, 33587195) = 0 [pid 5065] fstat(4, [pid 6540] sendfile(4, 5, NULL, 281474978811909 [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6533] <... sendfile resumed>) = 1048576 [ 314.473652][ T6542] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5065] getdents64(4, [pid 6533] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6533] exit_group(0) = ? [pid 5065] close(4 [pid 6533] +++ exited with 0 +++ [pid 5065] <... close resumed>) = 0 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6533, si_uid=0, si_status=0, si_utime=0, si_stime=22 /* 0.22 s */} --- [pid 5065] rmdir("./119/file0" [pid 5066] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5065] <... rmdir resumed>) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] umount2("./119", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] close(3) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] rmdir("./119" [pid 5066] openat(AT_FDCWD, "./119", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] <... rmdir resumed>) = 0 [pid 5066] <... openat resumed>) = 3 [pid 5066] fstat(3, [pid 5065] mkdir("./120", 0777 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] <... mkdir resumed>) = 0 [pid 5066] getdents64(3, [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5066] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] <... openat resumed>) = 3 [pid 5066] umount2("./119/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] ioctl(3, LOOP_CLR_FD [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5066] lstat("./119/binderfs", [pid 5065] close(3 [pid 5066] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] <... close resumed>) = 0 [pid 5066] unlink("./119/binderfs" [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5066] <... unlink resumed>) = 0 [pid 5066] umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... clone resumed>, child_tidptr=0x555556c965d0) = 6543 [pid 5067] <... umount2 resumed>) = 0 [pid 5067] umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./121/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./121/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, ./strace-static-x86_64: Process 6543 attached 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./121/file0") = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./121") = 0 [pid 5067] mkdir("./122", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 6543] chdir("./120" [pid 5067] close(3) = 0 [pid 6543] <... chdir resumed>) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6543] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5067] <... clone resumed>, child_tidptr=0x555556c965d0) = 6544 [pid 6543] <... prctl resumed>) = 0 [pid 6543] setpgid(0, 0) = 0 [pid 6543] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6543] write(3, "1000", 4./strace-static-x86_64: Process 6544 attached ) = 4 [pid 6544] chdir("./122" [pid 6543] close(3 [pid 6544] <... chdir resumed>) = 0 [pid 6543] <... close resumed>) = 0 [pid 6544] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6543] symlink("/dev/binderfs", "./binderfs" [pid 6544] <... prctl resumed>) = 0 [pid 6544] setpgid(0, 0) = 0 [pid 6544] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6544] write(3, "1000", 4) = 4 [pid 6543] <... symlink resumed>) = 0 [pid 6544] close(3) = 0 [pid 6543] memfd_create("syzkaller", 0) = 3 [pid 6544] symlink("/dev/binderfs", "./binderfs" [pid 6543] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6544] <... symlink resumed>) = 0 [pid 6544] memfd_create("syzkaller", 0 [pid 6543] <... mmap resumed>) = 0x7fc0314e0000 [pid 6544] <... memfd_create resumed>) = 3 [pid 6544] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6543] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6544] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6543] <... write resumed>) = 2097152 [pid 6543] munmap(0x7fc0314e0000, 2097152 [pid 6544] <... write resumed>) = 2097152 [pid 6543] <... munmap resumed>) = 0 [pid 5066] <... umount2 resumed>) = 0 [pid 6543] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6543] ioctl(4, LOOP_SET_FD, 3 [pid 6544] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6544] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6543] <... ioctl resumed>) = 0 [pid 6544] ioctl(4, LOOP_SET_FD, 3 [pid 6543] close(3 [pid 6544] <... ioctl resumed>) = 0 [pid 6543] <... close resumed>) = 0 [pid 5066] umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./119/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./119/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] fstat(4, [pid 6543] mkdir("./file0", 0777 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(4, [pid 6543] <... mkdir resumed>) = 0 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6543] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5066] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 5066] rmdir("./119/file0" [pid 6544] close(3 [pid 5066] <... rmdir resumed>) = 0 [pid 6544] <... close resumed>) = 0 [pid 5066] getdents64(3, [pid 6544] mkdir("./file0", 0777 [pid 5066] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6544] <... mkdir resumed>) = 0 [pid 5066] close(3 [pid 6544] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5066] <... close resumed>) = 0 [pid 5066] rmdir("./119") = 0 [pid 5066] mkdir("./120", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 314.877466][ T6543] loop1: detected capacity change from 0 to 4096 [ 314.908227][ T6544] loop3: detected capacity change from 0 to 4096 [pid 5066] close(3 [pid 6537] <... sendfile resumed>) = 1048576 [pid 5066] <... close resumed>) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6545 [pid 6537] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) ./strace-static-x86_64: Process 6545 attached [pid 6545] chdir("./120") = 0 [pid 6545] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6545] setpgid(0, 0) = 0 [pid 6545] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6545] write(3, "1000", 4) = 4 [pid 6545] close(3 [pid 6537] exit_group(0 [pid 6545] <... close resumed>) = 0 [pid 6537] <... exit_group resumed>) = ? [pid 6545] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6537] +++ exited with 0 +++ [ 314.964708][ T6543] NILFS (loop1): invalid segment: Checksum error in segment payload [ 314.977277][ T6543] NILFS (loop1): trying rollback from an earlier position [ 314.991401][ T6544] NILFS (loop3): invalid segment: Checksum error in segment payload [pid 6545] memfd_create("syzkaller", 0) = 3 [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6537, si_uid=0, si_status=0, si_utime=0, si_stime=29 /* 0.29 s */} --- [pid 6545] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5069] umount2("./122", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6545] <... mmap resumed>) = 0x7fc0314e0000 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./122", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6543] <... mount resumed>) = 0 [ 315.013580][ T6543] NILFS (loop1): recovery complete [ 315.029376][ T6544] NILFS (loop3): trying rollback from an earlier position [ 315.051056][ T6544] NILFS (loop3): recovery complete [pid 5069] fstat(3, [pid 6545] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6543] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6543] <... openat resumed>) = 3 [pid 5069] getdents64(3, [pid 6543] chdir("./file0" [pid 5069] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6543] <... chdir resumed>) = 0 [pid 5069] umount2("./122/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6543] ioctl(4, LOOP_CLR_FD [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6543] <... ioctl resumed>) = 0 [pid 5069] lstat("./122/binderfs", [pid 6543] close(4 [pid 5069] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6543] <... close resumed>) = 0 [pid 5069] unlink("./122/binderfs" [pid 6543] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] <... unlink resumed>) = 0 [pid 6543] <... open resumed>) = 4 [pid 5069] umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6544] <... mount resumed>) = 0 [pid 6543] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6544] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6543] <... open resumed>) = 5 [pid 6544] <... openat resumed>) = 3 [pid 6543] ftruncate(5, 33587195 [pid 6544] chdir("./file0" [pid 6543] <... ftruncate resumed>) = 0 [pid 6544] <... chdir resumed>) = 0 [pid 6543] sendfile(4, 5, NULL, 281474978811909 [pid 6544] ioctl(4, LOOP_CLR_FD) = 0 [pid 6544] close(4) = 0 [pid 6544] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6544] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6544] ftruncate(5, 33587195) = 0 [ 315.058780][ T6546] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 315.067969][ T6547] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6544] sendfile(4, 5, NULL, 281474978811909 [pid 6545] <... write resumed>) = 2097152 [pid 6545] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6545] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6545] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6545] close(3) = 0 [pid 5069] <... umount2 resumed>) = 0 [ 315.240128][ T6545] loop2: detected capacity change from 0 to 4096 [pid 6545] mkdir("./file0", 0777) = 0 [pid 6545] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5069] umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./122/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./122/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [ 315.338774][ T6545] NILFS (loop2): invalid segment: Checksum error in segment payload [ 315.371520][ T6545] NILFS (loop2): trying rollback from an earlier position [pid 5069] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 5069] rmdir("./122/file0") = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./122") = 0 [pid 5069] mkdir("./123", 0777) = 0 [ 315.402698][ T6545] NILFS (loop2): recovery complete [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 6545] <... mount resumed>) = 0 [pid 5069] <... openat resumed>) = 3 [pid 6545] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5069] ioctl(3, LOOP_CLR_FD [pid 6545] <... openat resumed>) = 3 [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6545] chdir("./file0") = 0 [pid 6545] ioctl(4, LOOP_CLR_FD) = 0 [pid 6545] close(4) = 0 [pid 6545] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6545] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6545] ftruncate(5, 33587195) = 0 [pid 6545] sendfile(4, 5, NULL, 281474978811909 [pid 6538] <... sendfile resumed>) = 1048576 [pid 5069] close(3 [pid 6538] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5069] <... close resumed>) = 0 [pid 6538] <... open resumed>) = -1 EFAULT (Bad address) [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [ 315.444941][ T6548] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6538] exit_group(0./strace-static-x86_64: Process 6549 attached ) = ? [pid 6549] chdir("./123" [pid 6538] +++ exited with 0 +++ [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 6549 [pid 6549] <... chdir resumed>) = 0 [pid 6549] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6538, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=21 /* 0.21 s */} --- [pid 6549] <... prctl resumed>) = 0 [pid 5068] restart_syscall(<... resuming interrupted clone ...> [pid 6549] setpgid(0, 0 [pid 5068] <... restart_syscall resumed>) = 0 [pid 6549] <... setpgid resumed>) = 0 [pid 6549] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6540] <... sendfile resumed>) = 1048576 [pid 6549] <... openat resumed>) = 3 [pid 6540] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5068] umount2("./121", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6549] write(3, "1000", 4 [pid 6540] <... open resumed>) = -1 EFAULT (Bad address) [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6549] <... write resumed>) = 4 [pid 6540] exit_group(0 [pid 5068] openat(AT_FDCWD, "./121", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6549] close(3 [pid 5068] <... openat resumed>) = 3 [pid 6549] <... close resumed>) = 0 [pid 5068] fstat(3, [pid 6549] symlink("/dev/binderfs", "./binderfs" [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6549] <... symlink resumed>) = 0 [pid 5068] getdents64(3, [pid 6549] memfd_create("syzkaller", 0 [pid 6540] <... exit_group resumed>) = ? [pid 5068] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6549] <... memfd_create resumed>) = 3 [pid 5068] umount2("./121/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6540] +++ exited with 0 +++ [pid 6549] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6549] <... mmap resumed>) = 0x7fc0314e0000 [pid 5068] lstat("./121/binderfs", [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6540, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 5068] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] restart_syscall(<... resuming interrupted clone ...> [pid 5068] unlink("./121/binderfs" [pid 5064] <... restart_syscall resumed>) = 0 [pid 5068] <... unlink resumed>) = 0 [pid 5068] umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] umount2("./120", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./120", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5064] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(3, [pid 6549] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5064] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] umount2("./120/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./120/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] unlink("./120/binderfs") = 0 [pid 5064] umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6549] <... write resumed>) = 2097152 [pid 6549] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6549] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 6549] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6549] close(3) = 0 [pid 6549] mkdir("./file0", 0777) = 0 [ 315.756216][ T6549] loop5: detected capacity change from 0 to 4096 [pid 6549] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] <... umount2 resumed>) = 0 [pid 5068] umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./121/file0", [pid 5064] <... umount2 resumed>) = 0 [pid 5068] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./121/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5068] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5068] rmdir("./121/file0") = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5068] rmdir("./121") = 0 [pid 5068] mkdir("./122", 0777) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR [ 315.840940][ T6549] NILFS (loop5): invalid segment: Checksum error in segment payload [pid 5064] umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... openat resumed>) = 3 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./120/file0", [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5064] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5068] close(3 [pid 5064] umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... close resumed>) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5064] openat(AT_FDCWD, "./120/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5064] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 6550 attached [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 6550 [pid 5064] close(4 [pid 6550] chdir("./122" [pid 5064] <... close resumed>) = 0 [pid 6550] <... chdir resumed>) = 0 [pid 5064] rmdir("./120/file0" [pid 6550] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5064] <... rmdir resumed>) = 0 [pid 6550] <... prctl resumed>) = 0 [pid 5064] getdents64(3, [pid 6550] setpgid(0, 0 [pid 5064] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6550] <... setpgid resumed>) = 0 [pid 5064] close(3 [pid 6550] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5064] <... close resumed>) = 0 [pid 6550] <... openat resumed>) = 3 [pid 5064] rmdir("./120" [pid 6550] write(3, "1000", 4 [pid 5064] <... rmdir resumed>) = 0 [pid 6550] <... write resumed>) = 4 [pid 5064] mkdir("./121", 0777 [pid 6550] close(3 [pid 5064] <... mkdir resumed>) = 0 [pid 6550] <... close resumed>) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6550] symlink("/dev/binderfs", "./binderfs" [pid 5064] <... openat resumed>) = 3 [pid 6550] <... symlink resumed>) = 0 [pid 5064] ioctl(3, LOOP_CLR_FD [pid 6550] memfd_create("syzkaller", 0 [pid 5064] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6550] <... memfd_create resumed>) = 3 [pid 5064] close(3 [pid 6550] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5064] <... close resumed>) = 0 [ 315.940810][ T6549] NILFS (loop5): trying rollback from an earlier position [pid 6550] <... mmap resumed>) = 0x7fc0314e0000 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6551 ./strace-static-x86_64: Process 6551 attached [pid 6551] chdir("./121" [pid 6550] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6551] <... chdir resumed>) = 0 [pid 6551] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6551] setpgid(0, 0) = 0 [pid 6551] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6551] write(3, "1000", 4) = 4 [pid 6551] close(3) = 0 [pid 6551] symlink("/dev/binderfs", "./binderfs") = 0 [ 316.034338][ T6549] NILFS (loop5): recovery complete [pid 6551] memfd_create("syzkaller", 0 [pid 6549] <... mount resumed>) = 0 [pid 6544] <... sendfile resumed>) = 1048576 [pid 6543] <... sendfile resumed>) = 1048576 [pid 6549] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6544] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6543] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6549] <... openat resumed>) = 3 [pid 6544] <... open resumed>) = -1 EFAULT (Bad address) [pid 6543] <... open resumed>) = -1 EFAULT (Bad address) [pid 6549] chdir("./file0" [pid 6544] exit_group(0 [pid 6543] exit_group(0 [pid 6549] <... chdir resumed>) = 0 [pid 6544] <... exit_group resumed>) = ? [pid 6543] <... exit_group resumed>) = ? [pid 6549] ioctl(4, LOOP_CLR_FD [pid 6544] +++ exited with 0 +++ [pid 6543] +++ exited with 0 +++ [pid 6549] <... ioctl resumed>) = 0 [pid 6549] close(4 [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6543, si_uid=0, si_status=0, si_utime=0, si_stime=22 /* 0.22 s */} --- [pid 6551] <... memfd_create resumed>) = 3 [pid 6549] <... close resumed>) = 0 [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6544, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 6551] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6549] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] umount2("./122", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6551] <... mmap resumed>) = 0x7fc0314e0000 [pid 6549] <... open resumed>) = 4 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6549] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] openat(AT_FDCWD, "./122", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6549] <... open resumed>) = 5 [pid 5065] umount2("./120", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6549] ftruncate(5, 33587195 [pid 5067] <... openat resumed>) = 3 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6549] <... ftruncate resumed>) = 0 [pid 5067] fstat(3, [pid 6549] sendfile(4, 5, NULL, 281474978811909 [pid 5065] openat(AT_FDCWD, "./120", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] <... openat resumed>) = 3 [pid 5067] getdents64(3, [pid 5065] fstat(3, [pid 5067] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] umount2("./122/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] getdents64(3, [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] lstat("./122/binderfs", [pid 5065] umount2("./120/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./122/binderfs" [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] <... unlink resumed>) = 0 [pid 5067] umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] lstat("./120/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] unlink("./120/binderfs") = 0 [pid 5065] umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW [ 316.073757][ T6552] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6551] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6550] <... write resumed>) = 2097152 [pid 6550] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6550] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6550] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6550] close(3) = 0 [pid 6550] mkdir("./file0", 0777) = 0 [pid 6551] <... write resumed>) = 2097152 [pid 6551] munmap(0x7fc0314e0000, 2097152 [pid 6550] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6551] <... munmap resumed>) = 0 [ 316.186304][ T6550] loop4: detected capacity change from 0 to 4096 [pid 6551] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6551] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6551] close(3) = 0 [pid 6551] mkdir("./file0", 0777) = 0 [ 316.244093][ T6550] NILFS (loop4): invalid segment: Checksum error in segment payload [ 316.255793][ T6551] loop0: detected capacity change from 0 to 4096 [pid 6551] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5067] <... umount2 resumed>) = 0 [pid 5065] <... umount2 resumed>) = 0 [pid 5067] umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] lstat("./122/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./120/file0", [pid 5067] openat(AT_FDCWD, "./122/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] <... openat resumed>) = 4 [pid 5067] fstat(4, [pid 5065] umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 316.295804][ T6551] NILFS (loop0): invalid segment: Checksum error in segment payload [ 316.306977][ T6550] NILFS (loop4): trying rollback from an earlier position [ 316.313943][ T6551] NILFS (loop0): trying rollback from an earlier position [pid 5067] getdents64(4, [pid 5065] openat(AT_FDCWD, "./120/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] <... openat resumed>) = 4 [pid 5067] getdents64(4, [pid 5065] fstat(4, [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] close(4 [pid 5065] getdents64(4, [pid 5067] <... close resumed>) = 0 [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] rmdir("./122/file0" [pid 5065] getdents64(4, [pid 5067] <... rmdir resumed>) = 0 [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] getdents64(3, [pid 5065] close(4 [pid 5067] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] <... close resumed>) = 0 [pid 5067] close(3 [pid 5065] rmdir("./120/file0" [pid 5067] <... close resumed>) = 0 [pid 5065] <... rmdir resumed>) = 0 [pid 5067] rmdir("./122" [pid 5065] getdents64(3, [pid 5067] <... rmdir resumed>) = 0 [pid 5065] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] mkdir("./123", 0777 [pid 5065] close(3 [pid 5067] <... mkdir resumed>) = 0 [pid 5065] <... close resumed>) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5065] rmdir("./120" [pid 5067] <... openat resumed>) = 3 [pid 5065] <... rmdir resumed>) = 0 [pid 5067] ioctl(3, LOOP_CLR_FD [pid 5065] mkdir("./121", 0777 [pid 5067] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5065] <... mkdir resumed>) = 0 [pid 5067] close(3 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5067] <... close resumed>) = 0 [pid 5065] <... openat resumed>) = 3 [ 316.382474][ T6550] NILFS (loop4): recovery complete [pid 6545] <... sendfile resumed>) = 1048576 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5065] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] <... clone resumed>, child_tidptr=0x555556c965d0) = 6554 [pid 5065] close(3 [pid 6550] <... mount resumed>) = 0 [pid 6545] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5065] <... close resumed>) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6550] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6545] <... open resumed>) = -1 EFAULT (Bad address) [pid 5065] <... clone resumed>, child_tidptr=0x555556c965d0) = 6556 [pid 6550] <... openat resumed>) = 3 [pid 6545] exit_group(0 [pid 6551] <... mount resumed>) = 0 [pid 6550] chdir("./file0" [pid 6545] <... exit_group resumed>) = ? [pid 6550] <... chdir resumed>) = 0 [ 316.416954][ T6553] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 316.436671][ T6551] NILFS (loop0): recovery complete ./strace-static-x86_64: Process 6554 attached [pid 6551] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6550] ioctl(4, LOOP_CLR_FD [pid 6545] +++ exited with 0 +++ ./strace-static-x86_64: Process 6556 attached [pid 6554] chdir("./123" [pid 6556] chdir("./121" [pid 6554] <... chdir resumed>) = 0 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6545, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=32 /* 0.32 s */} --- [pid 6556] <... chdir resumed>) = 0 [pid 6554] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5066] restart_syscall(<... resuming interrupted clone ...> [pid 6556] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6554] <... prctl resumed>) = 0 [pid 6550] <... ioctl resumed>) = 0 [pid 5066] <... restart_syscall resumed>) = 0 [pid 6556] <... prctl resumed>) = 0 [pid 6554] setpgid(0, 0 [pid 6551] <... openat resumed>) = 3 [pid 6550] close(4 [pid 6556] setpgid(0, 0 [pid 6554] <... setpgid resumed>) = 0 [pid 6551] chdir("./file0" [pid 6550] <... close resumed>) = 0 [pid 6556] <... setpgid resumed>) = 0 [pid 6554] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5066] umount2("./120", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6556] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6554] <... openat resumed>) = 3 [pid 6551] <... chdir resumed>) = 0 [pid 6550] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6556] <... openat resumed>) = 3 [pid 6554] write(3, "1000", 4 [pid 6551] ioctl(4, LOOP_CLR_FD [pid 5066] openat(AT_FDCWD, "./120", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6556] write(3, "1000", 4 [pid 6554] <... write resumed>) = 4 [pid 6551] <... ioctl resumed>) = 0 [pid 5066] <... openat resumed>) = 3 [pid 6550] <... open resumed>) = 4 [pid 6556] <... write resumed>) = 4 [pid 6554] close(3 [pid 6551] close(4 [pid 5066] fstat(3, [pid 6556] close(3 [pid 6554] <... close resumed>) = 0 [pid 6551] <... close resumed>) = 0 [pid 6550] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6556] <... close resumed>) = 0 [pid 6554] symlink("/dev/binderfs", "./binderfs" [pid 6551] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5066] getdents64(3, [pid 6556] symlink("/dev/binderfs", "./binderfs" [pid 6554] <... symlink resumed>) = 0 [pid 6550] <... open resumed>) = 5 [pid 5066] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6556] <... symlink resumed>) = 0 [pid 6554] memfd_create("syzkaller", 0 [pid 6551] <... open resumed>) = 4 [pid 6550] ftruncate(5, 33587195 [pid 5066] umount2("./120/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6556] memfd_create("syzkaller", 0 [pid 6554] <... memfd_create resumed>) = 3 [pid 6551] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6550] <... ftruncate resumed>) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6556] <... memfd_create resumed>) = 3 [pid 6554] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5066] lstat("./120/binderfs", [pid 6556] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6554] <... mmap resumed>) = 0x7fc0314e0000 [pid 6551] <... open resumed>) = 5 [pid 6550] sendfile(4, 5, NULL, 281474978811909 [pid 5066] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6556] <... mmap resumed>) = 0x7fc0314e0000 [pid 6554] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5066] unlink("./120/binderfs" [ 316.461912][ T6555] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6551] ftruncate(5, 33587195 [pid 5066] <... unlink resumed>) = 0 [pid 6551] <... ftruncate resumed>) = 0 [pid 5066] umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6551] sendfile(4, 5, NULL, 281474978811909 [pid 6556] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152 [pid 6554] <... write resumed>) = 2097152 [pid 6554] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6556] munmap(0x7fc0314e0000, 2097152 [pid 6554] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6556] <... munmap resumed>) = 0 [pid 6554] ioctl(4, LOOP_SET_FD, 3 [pid 6556] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6556] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6554] <... ioctl resumed>) = 0 [pid 6554] close(3) = 0 [pid 6556] close(3 [pid 6554] mkdir("./file0", 0777 [pid 6556] <... close resumed>) = 0 [pid 6554] <... mkdir resumed>) = 0 [pid 6556] mkdir("./file0", 0777 [pid 6554] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6556] <... mkdir resumed>) = 0 [ 316.681759][ T6554] loop3: detected capacity change from 0 to 4096 [ 316.688751][ T6556] loop1: detected capacity change from 0 to 4096 [pid 6556] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5066] <... umount2 resumed>) = 0 [pid 5066] umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./120/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./120/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 5066] rmdir("./120/file0") = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [ 316.749342][ T6556] NILFS (loop1): invalid segment: Checksum error in segment payload [ 316.761171][ T6554] NILFS (loop3): invalid segment: Checksum error in segment payload [pid 5066] rmdir("./120") = 0 [pid 5066] mkdir("./121", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5066] close(3) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6557 ./strace-static-x86_64: Process 6557 attached [pid 6557] chdir("./121") = 0 [pid 6557] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6557] setpgid(0, 0) = 0 [pid 6557] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6557] write(3, "1000", 4) = 4 [pid 6557] close(3) = 0 [pid 6557] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6557] memfd_create("syzkaller", 0) = 3 [pid 6557] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 316.813171][ T6554] NILFS (loop3): trying rollback from an earlier position [ 316.833564][ T6556] NILFS (loop1): trying rollback from an earlier position [pid 6557] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6554] <... mount resumed>) = 0 [pid 6554] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6554] chdir("./file0") = 0 [ 316.908197][ T6554] NILFS (loop3): recovery complete [ 316.921467][ T6556] NILFS (loop1): recovery complete [ 316.946312][ T6558] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6554] ioctl(4, LOOP_CLR_FD) = 0 [pid 6556] <... mount resumed>) = 0 [pid 6554] close(4 [pid 6557] <... write resumed>) = 2097152 [pid 6556] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6554] <... close resumed>) = 0 [pid 6554] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6557] munmap(0x7fc0314e0000, 2097152 [pid 6556] <... openat resumed>) = 3 [pid 6557] <... munmap resumed>) = 0 [pid 6556] chdir("./file0" [pid 6554] <... open resumed>) = 4 [pid 6556] <... chdir resumed>) = 0 [pid 6557] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6556] ioctl(4, LOOP_CLR_FD [pid 6554] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6557] <... openat resumed>) = 4 [pid 6556] <... ioctl resumed>) = 0 [pid 6557] ioctl(4, LOOP_SET_FD, 3 [pid 6556] close(4 [pid 6554] <... open resumed>) = 5 [ 316.957698][ T6559] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6556] <... close resumed>) = 0 [pid 6554] ftruncate(5, 33587195 [pid 6556] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6554] <... ftruncate resumed>) = 0 [pid 6557] <... ioctl resumed>) = 0 [pid 6556] <... open resumed>) = 4 [pid 6554] sendfile(4, 5, NULL, 281474978811909 [pid 6557] close(3 [pid 6556] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6557] <... close resumed>) = 0 [pid 6556] <... open resumed>) = 5 [pid 6557] mkdir("./file0", 0777 [pid 6556] ftruncate(5, 33587195) = 0 [pid 6557] <... mkdir resumed>) = 0 [pid 6556] sendfile(4, 5, NULL, 281474978811909 [ 317.020614][ T6557] loop2: detected capacity change from 0 to 4096 [ 317.091793][ T6557] NILFS (loop2): invalid segment: Checksum error in segment payload [pid 6557] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6549] <... sendfile resumed>) = 1048576 [pid 6549] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6549] exit_group(0) = ? [pid 6549] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6549, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=22 /* 0.22 s */} --- [ 317.156077][ T6557] NILFS (loop2): trying rollback from an earlier position [pid 5069] umount2("./123", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./123", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./123/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./123/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./123/binderfs") = 0 [ 317.244689][ T6557] NILFS (loop2): recovery complete [pid 5069] umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6557] <... mount resumed>) = 0 [pid 6557] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6557] chdir("./file0") = 0 [pid 6557] ioctl(4, LOOP_CLR_FD) = 0 [pid 6557] close(4) = 0 [pid 6557] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6557] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6557] ftruncate(5, 33587195) = 0 [ 317.284983][ T6560] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6557] sendfile(4, 5, NULL, 281474978811909 [pid 5069] <... umount2 resumed>) = 0 [pid 5069] umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6550] <... sendfile resumed>) = 1048576 [pid 6550] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6550] exit_group(0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6550] <... exit_group resumed>) = ? [pid 5069] lstat("./123/file0", [pid 6550] +++ exited with 0 +++ [pid 5069] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6550, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5069] umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./123/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] umount2("./122", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... openat resumed>) = 4 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] fstat(4, [pid 5068] openat(AT_FDCWD, "./122", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] <... openat resumed>) = 3 [pid 5069] getdents64(4, [pid 5068] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] umount2("./122/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] getdents64(4, [pid 5068] lstat("./122/binderfs", [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] close(4 [pid 5068] unlink("./122/binderfs" [pid 5069] <... close resumed>) = 0 [pid 5068] <... unlink resumed>) = 0 [pid 5069] rmdir("./123/file0" [pid 5068] umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... rmdir resumed>) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./123") = 0 [pid 5069] mkdir("./124", 0777) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5069] close(3 [pid 6551] <... sendfile resumed>) = 1048576 [pid 5069] <... close resumed>) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6551] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 6561 [pid 6551] exit_group(0) = ? [pid 6551] +++ exited with 0 +++ ./strace-static-x86_64: Process 6561 attached [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6551, si_uid=0, si_status=0, si_utime=0, si_stime=24 /* 0.24 s */} --- [pid 6561] chdir("./124") = 0 [pid 6561] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6561] setpgid(0, 0 [pid 5064] umount2("./121", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6561] <... setpgid resumed>) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6561] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5064] openat(AT_FDCWD, "./121", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6561] <... openat resumed>) = 3 [pid 6561] write(3, "1000", 4 [pid 5064] <... openat resumed>) = 3 [pid 6561] <... write resumed>) = 4 [pid 5064] fstat(3, [pid 6561] close(3) = 0 [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6561] symlink("/dev/binderfs", "./binderfs" [pid 5064] getdents64(3, [pid 6561] <... symlink resumed>) = 0 [pid 5068] <... umount2 resumed>) = 0 [pid 5064] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6561] memfd_create("syzkaller", 0 [pid 5064] umount2("./121/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6561] <... memfd_create resumed>) = 3 [pid 5068] umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6561] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6561] <... mmap resumed>) = 0x7fc0314e0000 [pid 5068] lstat("./122/file0", [pid 5064] lstat("./121/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] unlink("./121/binderfs" [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./122/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] <... unlink resumed>) = 0 [pid 5068] <... openat resumed>) = 4 [pid 5064] umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6561] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5068] rmdir("./122/file0") = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5068] rmdir("./122") = 0 [pid 5068] mkdir("./123", 0777) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5068] close(3) = 0 [pid 6561] <... write resumed>) = 2097152 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6562 ./strace-static-x86_64: Process 6562 attached [pid 6562] chdir("./123") = 0 [pid 6562] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6562] setpgid(0, 0) = 0 [pid 6562] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6562] write(3, "1000", 4) = 4 [pid 6562] close(3) = 0 [pid 6562] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6562] memfd_create("syzkaller", 0) = 3 [pid 6562] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6561] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6561] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 6561] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6562] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6561] close(3) = 0 [pid 6561] mkdir("./file0", 0777) = 0 [ 317.873645][ T6561] loop5: detected capacity change from 0 to 4096 [pid 6561] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5064] <... umount2 resumed>) = 0 [pid 6562] <... write resumed>) = 2097152 [pid 5064] umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6562] munmap(0x7fc0314e0000, 2097152 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./121/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6562] <... munmap resumed>) = 0 [pid 6562] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6562] ioctl(4, LOOP_SET_FD, 3 [pid 5064] umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./121/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5064] fstat(4, [pid 6562] <... ioctl resumed>) = 0 [pid 6562] close(3) = 0 [pid 6562] mkdir("./file0", 0777 [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] close(4) = 0 [pid 6562] <... mkdir resumed>) = 0 [pid 5064] rmdir("./121/file0") = 0 [pid 6562] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5064] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] close(3) = 0 [pid 5064] rmdir("./121") = 0 [pid 5064] mkdir("./122", 0777) = 0 [ 317.968329][ T6561] NILFS (loop5): invalid segment: Checksum error in segment payload [ 317.990845][ T6562] loop4: detected capacity change from 0 to 4096 [ 318.000096][ T6561] NILFS (loop5): trying rollback from an earlier position [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5064] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5064] close(3) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6563 ./strace-static-x86_64: Process 6563 attached [pid 6563] chdir("./122") = 0 [pid 6563] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6563] setpgid(0, 0) = 0 [pid 6563] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 318.054669][ T6562] NILFS (loop4): invalid segment: Checksum error in segment payload [ 318.063924][ T6562] NILFS (loop4): trying rollback from an earlier position [ 318.078645][ T6561] NILFS (loop5): recovery complete [pid 6563] write(3, "1000", 4) = 4 [pid 6563] close(3 [pid 6561] <... mount resumed>) = 0 [pid 6561] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6563] <... close resumed>) = 0 [pid 6561] <... openat resumed>) = 3 [pid 6561] chdir("./file0" [pid 6563] symlink("/dev/binderfs", "./binderfs" [pid 6561] <... chdir resumed>) = 0 [pid 6554] <... sendfile resumed>) = 1048576 [pid 6561] ioctl(4, LOOP_CLR_FD [pid 6563] <... symlink resumed>) = 0 [pid 6561] <... ioctl resumed>) = 0 [pid 6554] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6563] memfd_create("syzkaller", 0 [pid 6561] close(4 [pid 6554] <... open resumed>) = -1 EFAULT (Bad address) [pid 6563] <... memfd_create resumed>) = 3 [pid 6561] <... close resumed>) = 0 [pid 6561] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6554] exit_group(0 [pid 6563] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6561] <... open resumed>) = 4 [pid 6554] <... exit_group resumed>) = ? [pid 6563] <... mmap resumed>) = 0x7fc0314e0000 [pid 6561] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6554] +++ exited with 0 +++ [pid 6561] <... open resumed>) = 5 [pid 6561] ftruncate(5, 33587195) = 0 [pid 6561] sendfile(4, 5, NULL, 281474978811909 [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6554, si_uid=0, si_status=0, si_utime=0, si_stime=20 /* 0.20 s */} --- [pid 5067] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5067] umount2("./123", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./123", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 318.111906][ T6564] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./123/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./123/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./123/binderfs") = 0 [pid 5067] umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6556] <... sendfile resumed>) = 1048576 [pid 6556] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6556] exit_group(0) = ? [pid 6556] +++ exited with 0 +++ [ 318.166274][ T6562] NILFS (loop4): recovery complete [pid 6563] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6556, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} --- [pid 5065] umount2("./121", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./121", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./121/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6562] <... mount resumed>) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6562] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5065] lstat("./121/binderfs", [pid 6562] <... openat resumed>) = 3 [pid 5065] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6562] chdir("./file0" [pid 5065] unlink("./121/binderfs" [pid 6562] <... chdir resumed>) = 0 [pid 5065] <... unlink resumed>) = 0 [pid 6562] ioctl(4, LOOP_CLR_FD [pid 5065] umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6562] <... ioctl resumed>) = 0 [pid 6562] close(4) = 0 [pid 6562] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6562] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6562] ftruncate(5, 33587195) = 0 [ 318.203650][ T6565] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6562] sendfile(4, 5, NULL, 281474978811909 [pid 6563] <... write resumed>) = 2097152 [pid 6563] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6563] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6563] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6563] close(3) = 0 [pid 6563] mkdir("./file0", 0777) = 0 [ 318.349752][ T6563] loop0: detected capacity change from 0 to 4096 [pid 6563] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5065] <... umount2 resumed>) = 0 [pid 5065] umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./121/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6557] <... sendfile resumed>) = 1048576 [pid 5067] <... umount2 resumed>) = 0 [pid 6557] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5067] umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6557] exit_group(0) = ? [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6557] +++ exited with 0 +++ [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6557, si_uid=0, si_status=0, si_utime=0, si_stime=30 /* 0.30 s */} --- [pid 5067] lstat("./123/file0", [pid 5066] restart_syscall(<... resuming interrupted clone ...> [pid 5065] openat(AT_FDCWD, "./121/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] <... restart_syscall resumed>) = 0 [pid 5067] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... openat resumed>) = 4 [pid 5066] umount2("./121", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./121", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5066] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] umount2("./121/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [ 318.463555][ T6563] NILFS (loop0): invalid segment: Checksum error in segment payload [ 318.488041][ T6563] NILFS (loop0): trying rollback from an earlier position [pid 5065] fstat(4, [pid 5067] openat(AT_FDCWD, "./123/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./121/binderfs", [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] <... openat resumed>) = 4 [pid 5066] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] unlink("./121/binderfs" [pid 5065] getdents64(4, [pid 5067] fstat(4, [pid 5066] <... unlink resumed>) = 0 [pid 5066] umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(4, [pid 5067] getdents64(4, [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [ 318.527600][ T6563] NILFS (loop0): recovery complete [pid 6563] <... mount resumed>) = 0 [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] close(4 [pid 5067] getdents64(4, [pid 5065] <... close resumed>) = 0 [pid 6563] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4 [pid 5065] rmdir("./121/file0" [pid 6563] <... openat resumed>) = 3 [pid 5067] <... close resumed>) = 0 [pid 5065] <... rmdir resumed>) = 0 [pid 5067] rmdir("./123/file0" [pid 6563] chdir("./file0" [pid 5065] getdents64(3, [pid 5067] <... rmdir resumed>) = 0 [pid 6563] <... chdir resumed>) = 0 [pid 5067] getdents64(3, [pid 6563] ioctl(4, LOOP_CLR_FD [pid 5065] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6563] <... ioctl resumed>) = 0 [pid 5067] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] close(3 [pid 5067] close(3 [pid 6563] close(4 [pid 5065] <... close resumed>) = 0 [pid 5067] <... close resumed>) = 0 [pid 6563] <... close resumed>) = 0 [pid 6563] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] rmdir("./123" [pid 5065] rmdir("./121" [pid 6563] <... open resumed>) = 4 [pid 5065] <... rmdir resumed>) = 0 [pid 6563] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] <... rmdir resumed>) = 0 [pid 5065] mkdir("./122", 0777 [pid 6563] <... open resumed>) = 5 [pid 5067] mkdir("./124", 0777 [pid 6563] ftruncate(5, 33587195) = 0 [pid 6563] sendfile(4, 5, NULL, 281474978811909 [pid 5065] <... mkdir resumed>) = 0 [pid 5067] <... mkdir resumed>) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5065] <... openat resumed>) = 3 [pid 5067] <... openat resumed>) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD [pid 5065] ioctl(3, LOOP_CLR_FD [pid 5067] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5065] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5067] close(3 [pid 5065] close(3) = 0 [pid 5067] <... close resumed>) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [ 318.558613][ T6566] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5067] <... clone resumed>, child_tidptr=0x555556c965d0) = 6567 [pid 5065] <... clone resumed>, child_tidptr=0x555556c965d0) = 6568 ./strace-static-x86_64: Process 6568 attached ./strace-static-x86_64: Process 6567 attached [pid 6568] chdir("./122" [pid 6567] chdir("./124" [pid 6568] <... chdir resumed>) = 0 [pid 6567] <... chdir resumed>) = 0 [pid 6568] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6567] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6568] <... prctl resumed>) = 0 [pid 6567] <... prctl resumed>) = 0 [pid 6568] setpgid(0, 0 [pid 6567] setpgid(0, 0 [pid 6568] <... setpgid resumed>) = 0 [pid 6567] <... setpgid resumed>) = 0 [pid 6568] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6567] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6568] <... openat resumed>) = 3 [pid 6567] <... openat resumed>) = 3 [pid 6568] write(3, "1000", 4 [pid 6567] write(3, "1000", 4 [pid 6568] <... write resumed>) = 4 [pid 6567] <... write resumed>) = 4 [pid 6568] close(3 [pid 6567] close(3 [pid 6568] <... close resumed>) = 0 [pid 6567] <... close resumed>) = 0 [pid 6568] symlink("/dev/binderfs", "./binderfs" [pid 6567] symlink("/dev/binderfs", "./binderfs" [pid 6568] <... symlink resumed>) = 0 [pid 6567] <... symlink resumed>) = 0 [pid 6568] memfd_create("syzkaller", 0 [pid 6567] memfd_create("syzkaller", 0 [pid 6568] <... memfd_create resumed>) = 3 [pid 6567] <... memfd_create resumed>) = 3 [pid 6568] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6567] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6568] <... mmap resumed>) = 0x7fc0314e0000 [pid 6567] <... mmap resumed>) = 0x7fc0314e0000 [pid 6568] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6567] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5066] <... umount2 resumed>) = 0 [pid 5066] umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6567] <... write resumed>) = 2097152 [pid 5066] lstat("./121/file0", [pid 6568] <... write resumed>) = 2097152 [pid 6567] munmap(0x7fc0314e0000, 2097152 [pid 5066] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6568] munmap(0x7fc0314e0000, 2097152 [pid 6567] <... munmap resumed>) = 0 [pid 5066] umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6568] <... munmap resumed>) = 0 [pid 6567] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6568] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6567] <... openat resumed>) = 4 [pid 5066] openat(AT_FDCWD, "./121/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6568] <... openat resumed>) = 4 [pid 6567] ioctl(4, LOOP_SET_FD, 3 [pid 5066] <... openat resumed>) = 4 [pid 6568] ioctl(4, LOOP_SET_FD, 3 [pid 5066] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 5066] rmdir("./121/file0") = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] close(3 [pid 6568] <... ioctl resumed>) = 0 [pid 6567] <... ioctl resumed>) = 0 [pid 5066] <... close resumed>) = 0 [pid 5066] rmdir("./121") = 0 [pid 5066] mkdir("./122", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5066] close(3 [pid 6568] close(3 [pid 6567] close(3 [pid 5066] <... close resumed>) = 0 [pid 6568] <... close resumed>) = 0 [pid 6567] <... close resumed>) = 0 [pid 6568] mkdir("./file0", 0777) = 0 [pid 6567] mkdir("./file0", 0777 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6568] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6567] <... mkdir resumed>) = 0 [ 318.812085][ T6567] loop3: detected capacity change from 0 to 4096 [ 318.819154][ T6568] loop1: detected capacity change from 0 to 4096 [pid 6567] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5066] <... clone resumed>, child_tidptr=0x555556c965d0) = 6569 ./strace-static-x86_64: Process 6569 attached [pid 6569] chdir("./122") = 0 [pid 6569] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6569] setpgid(0, 0) = 0 [pid 6569] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6569] write(3, "1000", 4) = 4 [pid 6569] close(3) = 0 [pid 6569] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6569] memfd_create("syzkaller", 0) = 3 [pid 6569] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 318.903248][ T6567] NILFS (loop3): invalid segment: Checksum error in segment payload [ 318.926345][ T6568] NILFS (loop1): invalid segment: Checksum error in segment payload [ 318.934531][ T6568] NILFS (loop1): trying rollback from an earlier position [ 318.942428][ T6567] NILFS (loop3): trying rollback from an earlier position [ 319.026418][ T6567] NILFS (loop3): recovery complete [pid 6569] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6567] <... mount resumed>) = 0 [pid 6569] <... write resumed>) = 2097152 [pid 6567] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6567] chdir("./file0" [pid 6569] munmap(0x7fc0314e0000, 2097152 [pid 6567] <... chdir resumed>) = 0 [pid 6567] ioctl(4, LOOP_CLR_FD) = 0 [pid 6568] <... mount resumed>) = 0 [pid 6569] <... munmap resumed>) = 0 [pid 6567] close(4 [pid 6569] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6568] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6567] <... close resumed>) = 0 [pid 6569] <... openat resumed>) = 4 [pid 6567] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6569] ioctl(4, LOOP_SET_FD, 3 [pid 6567] <... open resumed>) = 4 [pid 6568] <... openat resumed>) = 3 [ 319.053202][ T6568] NILFS (loop1): recovery complete [ 319.068799][ T6570] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 319.084473][ T6571] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6567] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6568] chdir("./file0" [pid 6567] <... open resumed>) = 5 [pid 6568] <... chdir resumed>) = 0 [pid 6567] ftruncate(5, 33587195 [pid 6568] ioctl(4, LOOP_CLR_FD [pid 6567] <... ftruncate resumed>) = 0 [pid 6568] <... ioctl resumed>) = 0 [pid 6567] sendfile(4, 5, NULL, 281474978811909 [pid 6568] close(4) = 0 [pid 6569] <... ioctl resumed>) = 0 [pid 6569] close(3) = 0 [pid 6569] mkdir("./file0", 0777) = 0 [pid 6569] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6568] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6568] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [ 319.113187][ T6569] loop2: detected capacity change from 0 to 4096 [pid 6568] ftruncate(5, 33587195) = 0 [pid 6568] sendfile(4, 5, NULL, 281474978811909 [pid 6561] <... sendfile resumed>) = 1048576 [pid 6561] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6561] exit_group(0) = ? [pid 6561] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6561, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 5069] umount2("./124", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./124", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./124/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./124/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./124/binderfs") = 0 [ 319.233902][ T6569] NILFS (loop2): invalid segment: Checksum error in segment payload [ 319.260243][ T6569] NILFS (loop2): trying rollback from an earlier position [pid 5069] umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6562] <... sendfile resumed>) = 1048576 [pid 6562] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6562] exit_group(0) = ? [pid 6562] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6562, si_uid=0, si_status=0, si_utime=0, si_stime=28 /* 0.28 s */} --- [pid 5068] umount2("./123", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./123", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] umount2("./123/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./123/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] unlink("./123/binderfs") = 0 [ 319.369964][ T6569] NILFS (loop2): recovery complete [pid 5068] umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6569] <... mount resumed>) = 0 [pid 6569] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6569] chdir("./file0") = 0 [pid 6569] ioctl(4, LOOP_CLR_FD) = 0 [pid 6569] close(4) = 0 [pid 6569] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6569] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6569] ftruncate(5, 33587195) = 0 [ 319.420376][ T6572] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6569] sendfile(4, 5, NULL, 281474978811909 [pid 5069] <... umount2 resumed>) = 0 [pid 5069] umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./124/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./124/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 5069] rmdir("./124/file0") = 0 [pid 5069] getdents64(3, [pid 6563] <... sendfile resumed>) = 1048576 [pid 5069] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6563] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5069] close(3) = 0 [pid 5069] rmdir("./124") = 0 [pid 5069] mkdir("./125", 0777) = 0 [pid 6563] <... open resumed>) = -1 EFAULT (Bad address) [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 6563] exit_group(0 [pid 5069] <... openat resumed>) = 3 [pid 6563] <... exit_group resumed>) = ? [pid 5069] ioctl(3, LOOP_CLR_FD [pid 6563] +++ exited with 0 +++ [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5069] close(3 [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6563, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=27 /* 0.27 s */} --- [pid 5069] <... close resumed>) = 0 [pid 5064] umount2("./122", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./122", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5064] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(3, [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] <... umount2 resumed>) = 0 [pid 5064] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] umount2("./122/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 6573 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./122/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] unlink("./122/binderfs") = 0 ./strace-static-x86_64: Process 6573 attached [pid 5064] umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6573] chdir("./125" [pid 5068] umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6573] <... chdir resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6573] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5068] lstat("./123/file0", [pid 6573] <... prctl resumed>) = 0 [pid 5068] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6573] setpgid(0, 0 [pid 5068] umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6573] <... setpgid resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6573] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5068] openat(AT_FDCWD, "./123/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6573] <... openat resumed>) = 3 [pid 5068] <... openat resumed>) = 4 [pid 6573] write(3, "1000", 4 [pid 5068] fstat(4, [pid 6573] <... write resumed>) = 4 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6573] close(3 [pid 5068] getdents64(4, [pid 6573] <... close resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6573] symlink("/dev/binderfs", "./binderfs" [pid 5068] getdents64(4, [pid 6573] <... symlink resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6573] memfd_create("syzkaller", 0 [pid 5068] close(4 [pid 6573] <... memfd_create resumed>) = 3 [pid 5068] <... close resumed>) = 0 [pid 6573] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5068] rmdir("./123/file0" [pid 6573] <... mmap resumed>) = 0x7fc0314e0000 [pid 5068] <... rmdir resumed>) = 0 [pid 6573] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5068] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5068] rmdir("./123") = 0 [pid 5068] mkdir("./124", 0777) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5068] close(3) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6574 ./strace-static-x86_64: Process 6574 attached [pid 5064] <... umount2 resumed>) = 0 [pid 6574] chdir("./124") = 0 [pid 5064] umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6574] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./122/file0", [pid 6574] <... prctl resumed>) = 0 [pid 5064] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6574] setpgid(0, 0 [pid 5064] umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6574] <... setpgid resumed>) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6574] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5064] openat(AT_FDCWD, "./122/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6574] <... openat resumed>) = 3 [pid 6574] write(3, "1000", 4 [pid 5064] <... openat resumed>) = 4 [pid 6574] <... write resumed>) = 4 [pid 6573] <... write resumed>) = 2097152 [pid 5064] fstat(4, [pid 6574] close(3 [pid 6573] munmap(0x7fc0314e0000, 2097152 [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6574] <... close resumed>) = 0 [pid 6573] <... munmap resumed>) = 0 [pid 5064] getdents64(4, [pid 6574] symlink("/dev/binderfs", "./binderfs" [pid 6573] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6574] <... symlink resumed>) = 0 [pid 6573] <... openat resumed>) = 4 [pid 5064] getdents64(4, [pid 6574] memfd_create("syzkaller", 0 [pid 6573] ioctl(4, LOOP_SET_FD, 3 [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6574] <... memfd_create resumed>) = 3 [pid 6573] <... ioctl resumed>) = 0 [pid 5064] close(4 [pid 6574] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5064] <... close resumed>) = 0 [pid 6574] <... mmap resumed>) = 0x7fc0314e0000 [pid 5064] rmdir("./122/file0" [pid 6574] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5064] <... rmdir resumed>) = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] close(3) = 0 [pid 5064] rmdir("./122") = 0 [pid 5064] mkdir("./123", 0777) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5064] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5064] close(3) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6575 [pid 6573] close(3) = 0 [pid 6573] mkdir("./file0", 0777) = 0 [ 319.835588][ T6573] loop5: detected capacity change from 0 to 4096 [pid 6573] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, ""./strace-static-x86_64: Process 6575 attached [pid 6575] chdir("./123") = 0 [pid 6575] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6575] setpgid(0, 0) = 0 [pid 6575] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6575] write(3, "1000", 4) = 4 [pid 6575] close(3) = 0 [pid 6575] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6575] memfd_create("syzkaller", 0) = 3 [pid 6575] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 319.950608][ T6573] NILFS (loop5): invalid segment: Checksum error in segment payload [ 319.982948][ T6573] NILFS (loop5): trying rollback from an earlier position [pid 6575] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6574] <... write resumed>) = 2097152 [pid 6574] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6574] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 320.035552][ T6573] NILFS (loop5): recovery complete [pid 6574] ioctl(4, LOOP_SET_FD, 3 [pid 6573] <... mount resumed>) = 0 [pid 6573] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6575] <... write resumed>) = 2097152 [pid 6573] <... openat resumed>) = 3 [pid 6573] chdir("./file0" [pid 6568] <... sendfile resumed>) = 1048576 [pid 6573] <... chdir resumed>) = 0 [pid 6568] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6573] ioctl(4, LOOP_CLR_FD [pid 6568] <... open resumed>) = -1 EFAULT (Bad address) [pid 6568] exit_group(0 [pid 6574] <... ioctl resumed>) = 0 [pid 6573] <... ioctl resumed>) = 0 [pid 6568] <... exit_group resumed>) = ? [pid 6574] close(3 [pid 6573] close(4 [pid 6568] +++ exited with 0 +++ [pid 6574] <... close resumed>) = 0 [pid 6573] <... close resumed>) = 0 [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6568, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=22 /* 0.22 s */} --- [pid 6574] mkdir("./file0", 0777 [pid 6573] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6574] <... mkdir resumed>) = 0 [pid 6574] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6573] <... open resumed>) = 4 [ 320.060711][ T6574] loop4: detected capacity change from 0 to 4096 [ 320.072986][ T6576] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6573] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6573] ftruncate(5, 33587195) = 0 [pid 5065] umount2("./122", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6575] munmap(0x7fc0314e0000, 2097152 [pid 6573] sendfile(4, 5, NULL, 281474978811909 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6575] <... munmap resumed>) = 0 [pid 6575] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6575] ioctl(4, LOOP_SET_FD, 3 [pid 5065] openat(AT_FDCWD, "./122", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6575] <... ioctl resumed>) = 0 [pid 5065] <... openat resumed>) = 3 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./122/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./122/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] unlink("./122/binderfs") = 0 [pid 5065] umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6575] close(3) = 0 [pid 6575] mkdir("./file0", 0777) = 0 [ 320.145514][ T6575] loop0: detected capacity change from 0 to 4096 [ 320.154740][ T6574] NILFS (loop4): invalid segment: Checksum error in segment payload [pid 6575] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6567] <... sendfile resumed>) = 1048576 [pid 6567] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6567] exit_group(0) = ? [pid 6567] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6567, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 5067] umount2("./124", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./124", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./124/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./124/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./124/binderfs") = 0 [ 320.199009][ T6574] NILFS (loop4): trying rollback from an earlier position [ 320.239070][ T6575] NILFS (loop0): invalid segment: Checksum error in segment payload [ 320.286762][ T6575] NILFS (loop0): trying rollback from an earlier position [ 320.299180][ T6574] NILFS (loop4): recovery complete [pid 5067] umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6574] <... mount resumed>) = 0 [pid 6574] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6574] chdir("./file0") = 0 [pid 6574] ioctl(4, LOOP_CLR_FD) = 0 [pid 6574] close(4) = 0 [pid 6574] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6574] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5065] <... umount2 resumed>) = 0 [pid 5065] umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6574] ftruncate(5, 33587195 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6574] <... ftruncate resumed>) = 0 [pid 5065] lstat("./122/file0", [pid 6574] sendfile(4, 5, NULL, 281474978811909 [pid 5065] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 320.329557][ T6577] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5065] openat(AT_FDCWD, "./122/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [pid 5065] rmdir("./122/file0") = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [ 320.379109][ T6575] NILFS (loop0): recovery complete [pid 5065] close(3) = 0 [pid 6575] <... mount resumed>) = 0 [pid 5065] rmdir("./122" [pid 6575] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5065] <... rmdir resumed>) = 0 [pid 6575] chdir("./file0" [pid 5065] mkdir("./123", 0777 [pid 6575] <... chdir resumed>) = 0 [pid 6575] ioctl(4, LOOP_CLR_FD [pid 5065] <... mkdir resumed>) = 0 [pid 6575] <... ioctl resumed>) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6575] close(4) = 0 [pid 5065] <... openat resumed>) = 3 [pid 6575] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5065] ioctl(3, LOOP_CLR_FD [pid 6575] <... open resumed>) = 4 [pid 5065] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6575] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5065] close(3 [pid 6575] <... open resumed>) = 5 [pid 5065] <... close resumed>) = 0 [pid 6575] ftruncate(5, 33587195 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6575] <... ftruncate resumed>) = 0 [pid 6575] sendfile(4, 5, NULL, 281474978811909 [pid 5065] <... clone resumed>, child_tidptr=0x555556c965d0) = 6579 [ 320.425375][ T6578] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds ./strace-static-x86_64: Process 6579 attached [pid 6579] chdir("./123") = 0 [pid 6579] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6579] setpgid(0, 0) = 0 [pid 6579] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6569] <... sendfile resumed>) = 1048576 [pid 6579] write(3, "1000", 4) = 4 [pid 6569] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6579] close(3 [pid 6569] <... open resumed>) = -1 EFAULT (Bad address) [pid 6579] <... close resumed>) = 0 [pid 6569] exit_group(0 [pid 6579] symlink("/dev/binderfs", "./binderfs" [pid 6569] <... exit_group resumed>) = ? [pid 6579] <... symlink resumed>) = 0 [pid 6569] +++ exited with 0 +++ [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6569, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 6579] memfd_create("syzkaller", 0 [pid 5066] umount2("./122", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6579] <... memfd_create resumed>) = 3 [pid 6579] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5067] <... umount2 resumed>) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6579] <... mmap resumed>) = 0x7fc0314e0000 [pid 5067] umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] openat(AT_FDCWD, "./122", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] fstat(3, [pid 5067] lstat("./124/file0", [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] getdents64(3, [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] openat(AT_FDCWD, "./124/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] umount2("./122/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... openat resumed>) = 4 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] fstat(4, [pid 5066] lstat("./122/binderfs", [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, [pid 5066] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6579] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] unlink("./122/binderfs" [pid 5067] getdents64(4, [pid 5066] <... unlink resumed>) = 0 [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] close(4) = 0 [pid 5067] rmdir("./124/file0" [pid 6579] <... write resumed>) = 2097152 [pid 5067] <... rmdir resumed>) = 0 [pid 6579] munmap(0x7fc0314e0000, 2097152 [pid 5067] getdents64(3, [pid 6579] <... munmap resumed>) = 0 [pid 5067] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6579] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5067] close(3 [pid 6579] <... openat resumed>) = 4 [pid 5067] <... close resumed>) = 0 [pid 6579] ioctl(4, LOOP_SET_FD, 3 [pid 5067] rmdir("./124") = 0 [pid 5067] mkdir("./125", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6580 ./strace-static-x86_64: Process 6580 attached [pid 6580] chdir("./125" [pid 6579] <... ioctl resumed>) = 0 [pid 6579] close(3) = 0 [pid 6579] mkdir("./file0", 0777) = 0 [pid 6579] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6580] <... chdir resumed>) = 0 [pid 6580] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6580] setpgid(0, 0) = 0 [pid 6580] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6580] write(3, "1000", 4) = 4 [ 320.675345][ T6579] loop1: detected capacity change from 0 to 4096 [pid 6580] close(3) = 0 [pid 6580] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6580] memfd_create("syzkaller", 0) = 3 [pid 6580] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 320.763274][ T6579] NILFS (loop1): invalid segment: Checksum error in segment payload [pid 6580] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5066] <... umount2 resumed>) = 0 [pid 5066] umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./122/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 320.818770][ T6579] NILFS (loop1): trying rollback from an earlier position [pid 5066] openat(AT_FDCWD, "./122/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 6580] <... write resumed>) = 2097152 [pid 6580] munmap(0x7fc0314e0000, 2097152 [pid 5066] rmdir("./122/file0") = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./122" [pid 6580] <... munmap resumed>) = 0 [pid 5066] <... rmdir resumed>) = 0 [ 320.904125][ T6579] NILFS (loop1): recovery complete [pid 5066] mkdir("./123", 0777 [pid 6580] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5066] <... mkdir resumed>) = 0 [pid 6580] <... openat resumed>) = 4 [pid 6580] ioctl(4, LOOP_SET_FD, 3 [pid 6579] <... mount resumed>) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6579] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6579] chdir("./file0") = 0 [pid 6579] ioctl(4, LOOP_CLR_FD) = 0 [pid 6579] close(4) = 0 [pid 5066] <... openat resumed>) = 3 [pid 6579] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 6579] <... open resumed>) = 4 [pid 5066] close(3 [pid 6579] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5066] <... close resumed>) = 0 [pid 6579] ftruncate(5, 33587195) = 0 [pid 6579] sendfile(4, 5, NULL, 281474978811909 [ 320.951034][ T6581] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 320.953470][ T6580] loop3: detected capacity change from 0 to 4096 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6582 ./strace-static-x86_64: Process 6582 attached [pid 6582] chdir("./123") = 0 [pid 6582] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6582] setpgid(0, 0) = 0 [pid 6582] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6582] write(3, "1000", 4) = 4 [pid 6582] close(3) = 0 [pid 6582] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6580] <... ioctl resumed>) = 0 [pid 6580] close(3) = 0 [pid 6580] mkdir("./file0", 0777 [pid 6582] memfd_create("syzkaller", 0 [pid 6580] <... mkdir resumed>) = 0 [pid 6582] <... memfd_create resumed>) = 3 [pid 6580] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6582] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 321.127907][ T6580] NILFS (loop3): invalid segment: Checksum error in segment payload [ 321.139910][ T6580] NILFS (loop3): trying rollback from an earlier position [pid 6582] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152 [pid 6582] munmap(0x7fc0314e0000, 2097152 [pid 6573] <... sendfile resumed>) = 1048576 [pid 6573] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6573] exit_group(0) = ? [pid 6582] <... munmap resumed>) = 0 [pid 6573] +++ exited with 0 +++ [pid 6582] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6573, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} --- [pid 6582] <... openat resumed>) = 4 [pid 6582] ioctl(4, LOOP_SET_FD, 3 [pid 5069] umount2("./125", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./125", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./125/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./125/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./125/binderfs") = 0 [pid 5069] umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6582] <... ioctl resumed>) = 0 [pid 6580] <... mount resumed>) = 0 [pid 6582] close(3 [pid 6580] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6582] <... close resumed>) = 0 [pid 6580] <... openat resumed>) = 3 [pid 6582] mkdir("./file0", 0777 [pid 6580] chdir("./file0" [pid 6582] <... mkdir resumed>) = 0 [pid 6580] <... chdir resumed>) = 0 [pid 6582] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6580] ioctl(4, LOOP_CLR_FD) = 0 [pid 6580] close(4) = 0 [pid 6580] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [ 321.248438][ T6580] NILFS (loop3): recovery complete [ 321.264616][ T6582] loop2: detected capacity change from 0 to 4096 [ 321.272693][ T6583] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6574] <... sendfile resumed>) = 1048576 [pid 6580] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6574] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6580] <... open resumed>) = 5 [pid 6574] <... open resumed>) = -1 EFAULT (Bad address) [pid 6580] ftruncate(5, 33587195 [pid 6574] exit_group(0 [pid 6580] <... ftruncate resumed>) = 0 [pid 6574] <... exit_group resumed>) = ? [pid 6580] sendfile(4, 5, NULL, 281474978811909 [pid 6574] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6574, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 5068] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5068] umount2("./124", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./124", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] umount2("./124/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./124/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] unlink("./124/binderfs") = 0 [ 321.344783][ T6582] NILFS (loop2): invalid segment: Checksum error in segment payload [ 321.405087][ T6582] NILFS (loop2): trying rollback from an earlier position [pid 5068] umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6575] <... sendfile resumed>) = 1048576 [pid 6575] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6575] exit_group(0) = ? [pid 6575] +++ exited with 0 +++ [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6575, si_uid=0, si_status=0, si_utime=0, si_stime=20 /* 0.20 s */} --- [pid 5064] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5064] umount2("./123", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./123", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5064] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] umount2("./123/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./123/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [ 321.485923][ T6582] NILFS (loop2): recovery complete [pid 5069] <... umount2 resumed>) = 0 [pid 5064] unlink("./123/binderfs") = 0 [pid 6582] <... mount resumed>) = 0 [pid 5064] umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6582] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5069] umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6582] <... openat resumed>) = 3 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6582] chdir("./file0" [pid 5069] lstat("./125/file0", [pid 6582] <... chdir resumed>) = 0 [pid 5069] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6582] ioctl(4, LOOP_CLR_FD [pid 5069] umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6582] <... ioctl resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6582] close(4 [pid 5069] openat(AT_FDCWD, "./125/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6582] <... close resumed>) = 0 [pid 6582] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5069] <... openat resumed>) = 4 [pid 6582] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] fstat(4, [pid 6582] <... open resumed>) = 5 [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6582] ftruncate(5, 33587195 [pid 5069] getdents64(4, [pid 6582] <... ftruncate resumed>) = 0 [ 321.528834][ T6584] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6582] sendfile(4, 5, NULL, 281474978811909 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, [pid 5068] <... umount2 resumed>) = 0 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 5069] rmdir("./125/file0") = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./125") = 0 [pid 5069] mkdir("./126", 0777 [pid 5068] umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... mkdir resumed>) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... openat resumed>) = 3 [pid 5068] lstat("./124/file0", [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5068] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5068] umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] close(3 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... close resumed>) = 0 [pid 5068] openat(AT_FDCWD, "./124/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] <... openat resumed>) = 4 [pid 5068] fstat(4, [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 6585 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5068] rmdir("./124/file0") = 0 [pid 5068] getdents64(3, [pid 5064] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 6585 attached [pid 5068] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6585] chdir("./126" [pid 5068] close(3 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6585] <... chdir resumed>) = 0 [pid 5068] <... close resumed>) = 0 [pid 5064] lstat("./123/file0", [pid 6585] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5068] rmdir("./124" [pid 5064] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6585] <... prctl resumed>) = 0 [pid 5068] <... rmdir resumed>) = 0 [pid 5064] umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6585] setpgid(0, 0 [pid 5068] mkdir("./125", 0777 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6585] <... setpgid resumed>) = 0 [pid 5068] <... mkdir resumed>) = 0 [pid 5064] openat(AT_FDCWD, "./123/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6585] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5064] <... openat resumed>) = 4 [pid 6585] <... openat resumed>) = 3 [pid 5068] <... openat resumed>) = 3 [pid 5064] fstat(4, [pid 6585] write(3, "1000", 4 [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6585] <... write resumed>) = 4 [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5064] getdents64(4, [pid 6585] close(3 [pid 5068] close(3 [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6585] <... close resumed>) = 0 [pid 5068] <... close resumed>) = 0 [pid 5064] getdents64(4, [pid 6585] symlink("/dev/binderfs", "./binderfs" [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6585] <... symlink resumed>) = 0 [pid 5064] close(4./strace-static-x86_64: Process 6586 attached [pid 6585] memfd_create("syzkaller", 0 [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 6586 [pid 5064] <... close resumed>) = 0 [pid 6585] <... memfd_create resumed>) = 3 [pid 5064] rmdir("./123/file0" [pid 6585] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5064] <... rmdir resumed>) = 0 [pid 6585] <... mmap resumed>) = 0x7fc0314e0000 [pid 5064] getdents64(3, [pid 6586] chdir("./125") = 0 [pid 6586] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5064] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6586] <... prctl resumed>) = 0 [pid 5064] close(3 [pid 6586] setpgid(0, 0) = 0 [pid 5064] <... close resumed>) = 0 [pid 6586] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5064] rmdir("./123" [pid 6586] <... openat resumed>) = 3 [pid 6586] write(3, "1000", 4 [pid 5064] <... rmdir resumed>) = 0 [pid 6586] <... write resumed>) = 4 [pid 5064] mkdir("./124", 0777 [pid 6586] close(3) = 0 [pid 5064] <... mkdir resumed>) = 0 [pid 6586] symlink("/dev/binderfs", "./binderfs" [pid 6585] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6586] <... symlink resumed>) = 0 [pid 5064] <... openat resumed>) = 3 [pid 6586] memfd_create("syzkaller", 0 [pid 5064] ioctl(3, LOOP_CLR_FD [pid 6586] <... memfd_create resumed>) = 3 [pid 6586] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5064] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6586] <... mmap resumed>) = 0x7fc0314e0000 [pid 5064] close(3) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6587 ./strace-static-x86_64: Process 6587 attached [pid 6587] chdir("./124") = 0 [pid 6587] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6586] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6587] <... prctl resumed>) = 0 [pid 6587] setpgid(0, 0) = 0 [pid 6587] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6587] write(3, "1000", 4) = 4 [pid 6587] close(3) = 0 [pid 6587] symlink("/dev/binderfs", "./binderfs" [pid 6585] <... write resumed>) = 2097152 [pid 6587] <... symlink resumed>) = 0 [pid 6585] munmap(0x7fc0314e0000, 2097152 [pid 6587] memfd_create("syzkaller", 0) = 3 [pid 6585] <... munmap resumed>) = 0 [pid 6587] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6585] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 6587] <... mmap resumed>) = 0x7fc0314e0000 [pid 6585] <... openat resumed>) = 4 [pid 6585] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6586] <... write resumed>) = 2097152 [pid 6586] munmap(0x7fc0314e0000, 2097152 [pid 6585] close(3) = 0 [pid 6585] mkdir("./file0", 0777) = 0 [pid 6585] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6586] <... munmap resumed>) = 0 [pid 6586] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 321.946600][ T6585] loop5: detected capacity change from 0 to 4096 [pid 6586] ioctl(4, LOOP_SET_FD, 3 [pid 6587] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6586] <... ioctl resumed>) = 0 [pid 6586] close(3) = 0 [pid 6586] mkdir("./file0", 0777) = 0 [pid 6586] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6587] <... write resumed>) = 2097152 [pid 6587] munmap(0x7fc0314e0000, 2097152) = 0 [ 322.003168][ T6586] loop4: detected capacity change from 0 to 4096 [ 322.036125][ T6585] NILFS (loop5): invalid segment: Checksum error in segment payload [ 322.044202][ T6585] NILFS (loop5): trying rollback from an earlier position [pid 6587] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6587] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6579] <... sendfile resumed>) = 1048576 [pid 6587] close(3 [pid 6579] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6587] <... close resumed>) = 0 [pid 6579] <... open resumed>) = -1 EFAULT (Bad address) [pid 6587] mkdir("./file0", 0777 [pid 6579] exit_group(0 [pid 6587] <... mkdir resumed>) = 0 [pid 6579] <... exit_group resumed>) = ? [ 322.090359][ T6586] NILFS (loop4): invalid segment: Checksum error in segment payload [ 322.100223][ T6587] loop0: detected capacity change from 0 to 4096 [pid 6587] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6579] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6579, si_uid=0, si_status=0, si_utime=0, si_stime=33 /* 0.33 s */} --- [pid 5065] umount2("./123", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./123", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./123/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./123/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [ 322.138005][ T6586] NILFS (loop4): trying rollback from an earlier position [ 322.177966][ T6585] NILFS (loop5): recovery complete [pid 5065] unlink("./123/binderfs") = 0 [pid 5065] umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6585] <... mount resumed>) = 0 [pid 6585] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6585] chdir("./file0") = 0 [pid 6585] ioctl(4, LOOP_CLR_FD) = 0 [pid 6585] close(4) = 0 [pid 6585] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6585] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6585] ftruncate(5, 33587195) = 0 [ 322.186532][ T6587] NILFS (loop0): invalid segment: Checksum error in segment payload [ 322.212086][ T6588] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 322.224552][ T6587] NILFS (loop0): trying rollback from an earlier position [ 322.226222][ T6586] NILFS (loop4): recovery complete [pid 6585] sendfile(4, 5, NULL, 281474978811909 [pid 6586] <... mount resumed>) = 0 [pid 6582] <... sendfile resumed>) = 1048576 [pid 6586] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6582] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6586] <... openat resumed>) = 3 [pid 6586] chdir("./file0") = 0 [pid 6586] ioctl(4, LOOP_CLR_FD [pid 6582] <... open resumed>) = -1 EFAULT (Bad address) [pid 6586] <... ioctl resumed>) = 0 [pid 6582] exit_group(0 [pid 6586] close(4 [pid 6582] <... exit_group resumed>) = ? [pid 6586] <... close resumed>) = 0 [pid 6582] +++ exited with 0 +++ [pid 6586] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6582, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} --- [pid 6586] <... open resumed>) = 4 [pid 6586] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6586] ftruncate(5, 33587195) = 0 [pid 6586] sendfile(4, 5, NULL, 281474978811909 [pid 5066] umount2("./123", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 322.302717][ T6589] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 322.316949][ T6587] NILFS (loop0): recovery complete [pid 5066] openat(AT_FDCWD, "./123", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6587] <... mount resumed>) = 0 [pid 5066] <... openat resumed>) = 3 [pid 6587] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5066] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] umount2("./123/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./123/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] unlink("./123/binderfs") = 0 [pid 6587] <... openat resumed>) = 3 [pid 5066] umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6587] chdir("./file0") = 0 [pid 6587] ioctl(4, LOOP_CLR_FD) = 0 [pid 6587] close(4 [pid 5065] <... umount2 resumed>) = 0 [pid 6587] <... close resumed>) = 0 [pid 6587] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6587] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6587] ftruncate(5, 33587195) = 0 [pid 6587] sendfile(4, 5, NULL, 281474978811909 [ 322.364746][ T6590] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6580] <... sendfile resumed>) = 1048576 [pid 6580] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6580] exit_group(0) = ? [pid 6580] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6580, si_uid=0, si_status=0, si_utime=0, si_stime=30 /* 0.30 s */} --- [pid 5067] umount2("./125", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] openat(AT_FDCWD, "./125", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] <... openat resumed>) = 3 [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./125/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./125/binderfs", [pid 5065] lstat("./123/file0", [pid 5067] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./125/binderfs" [pid 5065] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] <... unlink resumed>) = 0 [pid 5067] umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./123/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [pid 5065] rmdir("./123/file0") = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 5065] rmdir("./123") = 0 [pid 5065] mkdir("./124", 0777) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6591 ./strace-static-x86_64: Process 6591 attached [pid 6591] chdir("./124") = 0 [pid 6591] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6591] setpgid(0, 0) = 0 [pid 5066] <... umount2 resumed>) = 0 [pid 6591] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6591] write(3, "1000", 4) = 4 [pid 6591] close(3) = 0 [pid 6591] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6591] memfd_create("syzkaller", 0) = 3 [pid 6591] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5066] umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... umount2 resumed>) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] lstat("./123/file0", [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./125/file0", [pid 5066] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./123/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5067] openat(AT_FDCWD, "./125/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] <... openat resumed>) = 4 [pid 5067] <... openat resumed>) = 4 [pid 5066] fstat(4, [pid 6591] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5067] fstat(4, [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(4, [pid 5067] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, [pid 5066] getdents64(4, [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4 [pid 5066] close(4 [pid 5067] <... close resumed>) = 0 [pid 5066] <... close resumed>) = 0 [pid 5067] rmdir("./125/file0" [pid 5066] rmdir("./123/file0" [pid 5067] <... rmdir resumed>) = 0 [pid 5066] <... rmdir resumed>) = 0 [pid 5067] getdents64(3, [pid 5066] getdents64(3, [pid 5067] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3 [pid 5066] close(3 [pid 5067] <... close resumed>) = 0 [pid 5067] rmdir("./125" [pid 5066] <... close resumed>) = 0 [pid 5067] <... rmdir resumed>) = 0 [pid 5067] mkdir("./126", 0777 [pid 5066] rmdir("./123" [pid 5067] <... mkdir resumed>) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5066] <... rmdir resumed>) = 0 [pid 5067] <... openat resumed>) = 3 [pid 5066] mkdir("./124", 0777 [pid 5067] ioctl(3, LOOP_CLR_FD [pid 5066] <... mkdir resumed>) = 0 [pid 5067] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5067] close(3 [pid 5066] <... openat resumed>) = 3 [pid 5067] <... close resumed>) = 0 [pid 5066] ioctl(3, LOOP_CLR_FD [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5066] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5066] close(3 [pid 5067] <... clone resumed>, child_tidptr=0x555556c965d0) = 6592 [pid 5066] <... close resumed>) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6593 ./strace-static-x86_64: Process 6593 attached ./strace-static-x86_64: Process 6592 attached [pid 6593] chdir("./124") = 0 [pid 6593] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6592] chdir("./126" [pid 6593] <... prctl resumed>) = 0 [pid 6592] <... chdir resumed>) = 0 [pid 6593] setpgid(0, 0) = 0 [pid 6593] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6593] write(3, "1000", 4) = 4 [pid 6593] close(3) = 0 [pid 6592] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6593] symlink("/dev/binderfs", "./binderfs" [pid 6592] <... prctl resumed>) = 0 [pid 6591] <... write resumed>) = 2097152 [pid 6593] <... symlink resumed>) = 0 [pid 6592] setpgid(0, 0 [pid 6591] munmap(0x7fc0314e0000, 2097152 [pid 6593] memfd_create("syzkaller", 0 [pid 6592] <... setpgid resumed>) = 0 [pid 6593] <... memfd_create resumed>) = 3 [pid 6592] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6591] <... munmap resumed>) = 0 [pid 6593] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6592] <... openat resumed>) = 3 [pid 6591] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6593] <... mmap resumed>) = 0x7fc0314e0000 [pid 6592] write(3, "1000", 4 [pid 6591] <... openat resumed>) = 4 [pid 6592] <... write resumed>) = 4 [pid 6591] ioctl(4, LOOP_SET_FD, 3 [pid 6592] close(3) = 0 [pid 6591] <... ioctl resumed>) = 0 [pid 6592] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6592] memfd_create("syzkaller", 0 [pid 6591] close(3 [pid 6592] <... memfd_create resumed>) = 3 [pid 6591] <... close resumed>) = 0 [pid 6592] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6591] mkdir("./file0", 0777 [pid 6592] <... mmap resumed>) = 0x7fc0314e0000 [pid 6593] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6591] <... mkdir resumed>) = 0 [pid 6592] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [ 322.826532][ T6591] loop1: detected capacity change from 0 to 4096 [pid 6591] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6593] <... write resumed>) = 2097152 [pid 6592] <... write resumed>) = 2097152 [ 322.897337][ T6591] NILFS (loop1): invalid segment: Checksum error in segment payload [pid 6593] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6593] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6592] munmap(0x7fc0314e0000, 2097152 [pid 6593] ioctl(4, LOOP_SET_FD, 3 [pid 6592] <... munmap resumed>) = 0 [pid 6592] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6593] <... ioctl resumed>) = 0 [pid 6592] <... openat resumed>) = 4 [pid 6593] close(3 [pid 6592] ioctl(4, LOOP_SET_FD, 3 [pid 6593] <... close resumed>) = 0 [ 322.956288][ T6591] NILFS (loop1): trying rollback from an earlier position [ 322.969877][ T6593] loop2: detected capacity change from 0 to 4096 [pid 6593] mkdir("./file0", 0777) = 0 [pid 6592] <... ioctl resumed>) = 0 [pid 6593] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6592] close(3) = 0 [pid 6592] mkdir("./file0", 0777) = 0 [ 323.009417][ T6592] loop3: detected capacity change from 0 to 4096 [ 323.030972][ T6591] NILFS (loop1): recovery complete [pid 6592] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6591] <... mount resumed>) = 0 [pid 6591] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [ 323.061449][ T6593] NILFS (loop2): invalid segment: Checksum error in segment payload [ 323.076851][ T6592] NILFS (loop3): invalid segment: Checksum error in segment payload [ 323.085193][ T6594] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 323.103066][ T6593] NILFS (loop2): trying rollback from an earlier position [pid 6591] chdir("./file0") = 0 [pid 6591] ioctl(4, LOOP_CLR_FD) = 0 [pid 6591] close(4 [pid 6593] <... mount resumed>) = 0 [pid 6591] <... close resumed>) = 0 [pid 6593] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6591] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6593] <... openat resumed>) = 3 [pid 6593] chdir("./file0" [pid 6591] <... open resumed>) = 4 [pid 6593] <... chdir resumed>) = 0 [pid 6591] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [ 323.115509][ T6592] NILFS (loop3): trying rollback from an earlier position [ 323.129765][ T6593] NILFS (loop2): recovery complete [ 323.151988][ T6595] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6593] ioctl(4, LOOP_CLR_FD [pid 6591] <... open resumed>) = 5 [pid 6593] <... ioctl resumed>) = 0 [pid 6591] ftruncate(5, 33587195 [pid 6593] close(4 [pid 6591] <... ftruncate resumed>) = 0 [pid 6593] <... close resumed>) = 0 [pid 6591] sendfile(4, 5, NULL, 281474978811909 [pid 6593] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6593] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6593] ftruncate(5, 33587195) = 0 [ 323.169537][ T6592] NILFS (loop3): recovery complete [pid 6593] sendfile(4, 5, NULL, 281474978811909 [pid 6592] <... mount resumed>) = 0 [pid 6592] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6592] chdir("./file0") = 0 [pid 6592] ioctl(4, LOOP_CLR_FD) = 0 [pid 6592] close(4) = 0 [pid 6592] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6592] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6592] ftruncate(5, 33587195) = 0 [ 323.217889][ T6596] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6592] sendfile(4, 5, NULL, 281474978811909 [pid 6585] <... sendfile resumed>) = 1048576 [pid 6585] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6585] exit_group(0) = ? [pid 6585] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6585, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 5069] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5069] umount2("./126", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./126", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [ 323.375316][ T6595] NILFS (loop2): nilfs_direct_assign (ino=6): invalid key: 130 [pid 5069] umount2("./126/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./126/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./126/binderfs") = 0 [pid 5069] umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6593] <... sendfile resumed>) = 65536 [pid 6593] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6587] <... sendfile resumed>) = 1048576 [pid 6593] exit_group(0 [pid 6587] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6593] <... exit_group resumed>) = ? [pid 6587] <... open resumed>) = -1 EFAULT (Bad address) [pid 6593] +++ exited with 0 +++ [pid 6587] exit_group(0) = ? [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6593, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=7 /* 0.07 s */} --- [pid 6587] +++ exited with 0 +++ [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6587, si_uid=0, si_status=0, si_utime=0, si_stime=20 /* 0.20 s */} --- [pid 5066] umount2("./124", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] umount2("./124", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./124", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... openat resumed>) = 3 [pid 5066] openat(AT_FDCWD, "./124", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(3, [pid 5066] <... openat resumed>) = 3 [pid 5064] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] umount2("./124/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [ 323.426082][ T6595] NILFS error (device loop2): nilfs_bmap_assign: broken bmap (inode number=6) [ 323.437769][ T6595] Remounting filesystem read-only [pid 5066] fstat(3, [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] lstat("./124/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] unlink("./124/binderfs" [pid 6586] <... sendfile resumed>) = 1048576 [pid 5066] getdents64(3, [pid 5064] <... unlink resumed>) = 0 [pid 6586] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5066] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] umount2("./124/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6586] <... open resumed>) = -1 EFAULT (Bad address) [pid 5066] lstat("./124/binderfs", [pid 6586] exit_group(0) = ? [pid 5066] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6586] +++ exited with 0 +++ [pid 5066] unlink("./124/binderfs" [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6586, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 5066] <... unlink resumed>) = 0 [pid 5068] umount2("./125", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./125", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] umount2("./125/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./125/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] unlink("./125/binderfs") = 0 [pid 5068] umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... umount2 resumed>) = 0 [pid 5069] umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... umount2 resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] lstat("./126/file0", [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./124/file0", [pid 5069] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] openat(AT_FDCWD, "./126/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... openat resumed>) = 4 [pid 5066] <... umount2 resumed>) = 0 [pid 5064] openat(AT_FDCWD, "./124/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] fstat(4, [pid 5064] <... openat resumed>) = 4 [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] fstat(4, [pid 5069] getdents64(4, [pid 5066] umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] getdents64(4, [pid 5069] getdents64(4, [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4 [pid 5064] getdents64(4, [pid 5069] <... close resumed>) = 0 [pid 5069] rmdir("./126/file0" [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] <... rmdir resumed>) = 0 [pid 5069] getdents64(3, [pid 5064] close(4 [pid 5069] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] <... close resumed>) = 0 [pid 5064] rmdir("./124/file0" [pid 5069] close(3 [pid 5064] <... rmdir resumed>) = 0 [pid 5069] <... close resumed>) = 0 [pid 5064] getdents64(3, [pid 5069] rmdir("./126" [pid 5064] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] <... rmdir resumed>) = 0 [pid 5064] close(3) = 0 [pid 5069] mkdir("./127", 0777 [pid 5064] rmdir("./124" [pid 5069] <... mkdir resumed>) = 0 [pid 5064] <... rmdir resumed>) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5064] mkdir("./125", 0777 [pid 5069] <... openat resumed>) = 3 [pid 5064] <... mkdir resumed>) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... openat resumed>) = 3 [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5066] lstat("./124/file0", [pid 5064] ioctl(3, LOOP_CLR_FD [pid 5069] close(3 [pid 5066] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5069] <... close resumed>) = 0 [pid 5066] umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] close(3 [pid 5066] openat(AT_FDCWD, "./124/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 6597 [pid 5064] <... close resumed>) = 0 [pid 5066] <... openat resumed>) = 4 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5066] fstat(4, [pid 5064] <... clone resumed>, child_tidptr=0x555556c965d0) = 6598 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 5066] rmdir("./124/file0") = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 6598 attached [pid 5066] close(3) = 0 [pid 5066] rmdir("./124") = 0 [pid 5066] mkdir("./125", 0777 [pid 6598] chdir("./125" [pid 5066] <... mkdir resumed>) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6598] <... chdir resumed>) = 0 [pid 5066] <... openat resumed>) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) ./strace-static-x86_64: Process 6597 attached [pid 6598] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5066] close(3 [pid 6598] <... prctl resumed>) = 0 [pid 6597] chdir("./127" [pid 5066] <... close resumed>) = 0 [pid 6598] setpgid(0, 0 [pid 6597] <... chdir resumed>) = 0 [pid 5068] <... umount2 resumed>) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6598] <... setpgid resumed>) = 0 [pid 6598] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6597] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6598] write(3, "1000", 4) = 4 [pid 6597] <... prctl resumed>) = 0 [pid 6598] close(3 [pid 6597] setpgid(0, 0 [pid 5066] <... clone resumed>, child_tidptr=0x555556c965d0) = 6599 [pid 6598] <... close resumed>) = 0 [pid 6597] <... setpgid resumed>) = 0 [pid 6598] symlink("/dev/binderfs", "./binderfs" [pid 6597] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6598] <... symlink resumed>) = 0 [pid 6598] memfd_create("syzkaller", 0 [pid 6597] <... openat resumed>) = 3 [pid 6598] <... memfd_create resumed>) = 3 [pid 6597] write(3, "1000", 4 [pid 6598] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6597] <... write resumed>) = 4 [pid 5068] umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6598] <... mmap resumed>) = 0x7fc0314e0000 [pid 6597] close(3./strace-static-x86_64: Process 6599 attached [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./125/file0", [pid 6597] <... close resumed>) = 0 [pid 5068] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./125/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5068] fstat(4, [pid 6597] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6597] memfd_create("syzkaller", 0 [pid 5068] getdents64(4, [pid 6599] chdir("./125" [pid 6597] <... memfd_create resumed>) = 3 [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6599] <... chdir resumed>) = 0 [pid 6597] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5068] getdents64(4, [pid 6599] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6597] <... mmap resumed>) = 0x7fc0314e0000 [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5068] rmdir("./125/file0") = 0 [pid 5068] getdents64(3, [pid 6599] <... prctl resumed>) = 0 [pid 6597] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6599] setpgid(0, 0 [pid 5068] close(3 [pid 6599] <... setpgid resumed>) = 0 [pid 5068] <... close resumed>) = 0 [pid 6599] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6598] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5068] rmdir("./125" [pid 6599] <... openat resumed>) = 3 [pid 5068] <... rmdir resumed>) = 0 [pid 6599] write(3, "1000", 4 [pid 5068] mkdir("./126", 0777 [pid 6599] <... write resumed>) = 4 [pid 5068] <... mkdir resumed>) = 0 [pid 6599] close(3 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6599] <... close resumed>) = 0 [pid 5068] <... openat resumed>) = 3 [pid 6599] symlink("/dev/binderfs", "./binderfs" [pid 5068] ioctl(3, LOOP_CLR_FD [pid 6599] <... symlink resumed>) = 0 [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6599] memfd_create("syzkaller", 0 [pid 5068] close(3 [pid 6599] <... memfd_create resumed>) = 3 [pid 5068] <... close resumed>) = 0 [pid 6599] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6599] <... mmap resumed>) = 0x7fc0314e0000 [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 6600 ./strace-static-x86_64: Process 6600 attached [pid 6600] chdir("./126") = 0 [pid 6599] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6600] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6600] setpgid(0, 0) = 0 [pid 6600] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6600] write(3, "1000", 4) = 4 [pid 6600] close(3 [pid 6597] <... write resumed>) = 2097152 [pid 6600] <... close resumed>) = 0 [pid 6597] munmap(0x7fc0314e0000, 2097152 [pid 6600] symlink("/dev/binderfs", "./binderfs" [pid 6597] <... munmap resumed>) = 0 [pid 6600] <... symlink resumed>) = 0 [pid 6597] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 6600] memfd_create("syzkaller", 0 [pid 6598] <... write resumed>) = 2097152 [pid 6597] <... openat resumed>) = 4 [pid 6600] <... memfd_create resumed>) = 3 [pid 6597] ioctl(4, LOOP_SET_FD, 3 [pid 6600] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6598] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6598] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6597] <... ioctl resumed>) = 0 [pid 6600] <... mmap resumed>) = 0x7fc0314e0000 [pid 6598] <... openat resumed>) = 4 [pid 6597] close(3 [pid 6598] ioctl(4, LOOP_SET_FD, 3 [pid 6597] <... close resumed>) = 0 [pid 6597] mkdir("./file0", 0777 [pid 6599] <... write resumed>) = 2097152 [pid 6597] <... mkdir resumed>) = 0 [pid 6599] munmap(0x7fc0314e0000, 2097152 [pid 6597] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6599] <... munmap resumed>) = 0 [pid 6599] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6599] ioctl(4, LOOP_SET_FD, 3 [pid 6598] <... ioctl resumed>) = 0 [pid 6598] close(3) = 0 [pid 6598] mkdir("./file0", 0777) = 0 [ 323.977058][ T6597] loop5: detected capacity change from 0 to 4096 [ 324.004100][ T6598] loop0: detected capacity change from 0 to 4096 [pid 6598] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6600] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6599] <... ioctl resumed>) = 0 [pid 6599] close(3) = 0 [ 324.026879][ T6599] loop2: detected capacity change from 0 to 4096 [ 324.057513][ T6597] NILFS (loop5): invalid segment: Checksum error in segment payload [pid 6599] mkdir("./file0", 0777) = 0 [pid 6600] <... write resumed>) = 2097152 [pid 6599] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6600] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6600] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 324.073935][ T6598] NILFS (loop0): invalid segment: Checksum error in segment payload [ 324.083593][ T6597] NILFS (loop5): trying rollback from an earlier position [ 324.111640][ T6599] NILFS (loop2): invalid segment: Checksum error in segment payload [pid 6600] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6592] <... sendfile resumed>) = 1048576 [pid 6592] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6600] close(3 [pid 6592] <... open resumed>) = -1 EFAULT (Bad address) [pid 6600] <... close resumed>) = 0 [pid 6597] <... mount resumed>) = 0 [pid 6592] exit_group(0 [pid 6600] mkdir("./file0", 0777 [pid 6592] <... exit_group resumed>) = ? [pid 6597] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6597] chdir("./file0") = 0 [pid 6597] ioctl(4, LOOP_CLR_FD) = 0 [ 324.138173][ T6598] NILFS (loop0): trying rollback from an earlier position [ 324.146433][ T6600] loop4: detected capacity change from 0 to 4096 [ 324.153321][ T6597] NILFS (loop5): recovery complete [ 324.164623][ T6601] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 324.177638][ T6599] NILFS (loop2): trying rollback from an earlier position [pid 6597] close(4 [pid 6600] <... mkdir resumed>) = 0 [pid 6597] <... close resumed>) = 0 [pid 6592] +++ exited with 0 +++ [pid 6600] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6597] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6597] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6597] ftruncate(5, 33587195) = 0 [pid 6597] sendfile(4, 5, NULL, 281474978811909 [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6592, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} --- [pid 6598] <... mount resumed>) = 0 [pid 6598] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [ 324.189407][ T6598] NILFS (loop0): recovery complete [ 324.202289][ T6602] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 324.213063][ T6599] NILFS (loop2): recovery complete [ 324.227663][ T6600] NILFS (loop4): invalid segment: Checksum error in segment payload [pid 6599] <... mount resumed>) = 0 [pid 6598] chdir("./file0" [pid 6599] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6598] <... chdir resumed>) = 0 [pid 6599] <... openat resumed>) = 3 [pid 6598] ioctl(4, LOOP_CLR_FD [pid 6600] <... mount resumed>) = 0 [pid 6599] chdir("./file0" [pid 6598] <... ioctl resumed>) = 0 [pid 5067] umount2("./126", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6599] <... chdir resumed>) = 0 [pid 6600] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6599] ioctl(4, LOOP_CLR_FD [pid 6598] close(4 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6600] <... openat resumed>) = 3 [pid 6599] <... ioctl resumed>) = 0 [pid 6598] <... close resumed>) = 0 [pid 5067] openat(AT_FDCWD, "./126", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6600] chdir("./file0" [pid 6599] close(4 [pid 6598] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] <... openat resumed>) = 3 [pid 6600] <... chdir resumed>) = 0 [pid 6599] <... close resumed>) = 0 [pid 5067] fstat(3, [pid 6600] ioctl(4, LOOP_CLR_FD [pid 6599] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6598] <... open resumed>) = 4 [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6600] <... ioctl resumed>) = 0 [pid 5067] getdents64(3, [pid 6600] close(4 [pid 6599] <... open resumed>) = 4 [pid 6598] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6600] <... close resumed>) = 0 [pid 6599] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] umount2("./126/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6598] <... open resumed>) = 5 [pid 6600] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6599] <... open resumed>) = 5 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6598] ftruncate(5, 33587195 [pid 5067] lstat("./126/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6600] <... open resumed>) = 4 [pid 6599] ftruncate(5, 33587195 [pid 5067] unlink("./126/binderfs" [pid 6600] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6599] <... ftruncate resumed>) = 0 [pid 6598] <... ftruncate resumed>) = 0 [pid 5067] <... unlink resumed>) = 0 [pid 5067] umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6600] <... open resumed>) = 5 [pid 6599] sendfile(4, 5, NULL, 281474978811909 [pid 6598] sendfile(4, 5, NULL, 281474978811909 [pid 6600] ftruncate(5, 33587195) = 0 [ 324.236742][ T6600] NILFS (loop4): trying rollback from an earlier position [ 324.243205][ T6603] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 324.257719][ T6600] NILFS (loop4): recovery complete [ 324.269901][ T6604] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6600] sendfile(4, 5, NULL, 281474978811909 [pid 6591] <... sendfile resumed>) = 1048576 [pid 6591] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6591] exit_group(0) = ? [pid 6591] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6591, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 5065] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5065] umount2("./124", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./124", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./124/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./124/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] unlink("./124/binderfs") = 0 [pid 5065] umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... umount2 resumed>) = 0 [pid 5067] umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./126/file0", [pid 5065] <... umount2 resumed>) = 0 [pid 5067] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./126/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./126/file0") = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./126") = 0 [pid 5067] mkdir("./127", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] close(3 [pid 5065] umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... close resumed>) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./124/file0", [pid 5067] <... clone resumed>, child_tidptr=0x555556c965d0) = 6605 [pid 5065] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./124/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [pid 5065] rmdir("./124/file0") = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 ./strace-static-x86_64: Process 6605 attached [pid 5065] rmdir("./124" [pid 6605] chdir("./127" [pid 5065] <... rmdir resumed>) = 0 [pid 6605] <... chdir resumed>) = 0 [pid 5065] mkdir("./125", 0777 [pid 6605] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5065] <... mkdir resumed>) = 0 [pid 6605] <... prctl resumed>) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6605] setpgid(0, 0 [pid 5065] <... openat resumed>) = 3 [pid 6605] <... setpgid resumed>) = 0 [pid 5065] ioctl(3, LOOP_CLR_FD [pid 6605] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5065] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6605] <... openat resumed>) = 3 [pid 5065] close(3 [pid 6605] write(3, "1000", 4 [pid 5065] <... close resumed>) = 0 [pid 6605] <... write resumed>) = 4 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6605] close(3) = 0 [pid 5065] <... clone resumed>, child_tidptr=0x555556c965d0) = 6606 [pid 6605] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6605] memfd_create("syzkaller", 0) = 3 [pid 6605] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 ./strace-static-x86_64: Process 6606 attached [pid 6606] chdir("./125") = 0 [pid 6606] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6606] setpgid(0, 0 [pid 6605] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6606] <... setpgid resumed>) = 0 [pid 6606] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6606] write(3, "1000", 4) = 4 [pid 6606] close(3) = 0 [pid 6606] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6606] memfd_create("syzkaller", 0) = 3 [pid 6606] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6605] <... write resumed>) = 2097152 [pid 6606] <... mmap resumed>) = 0x7fc0314e0000 [pid 6605] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6605] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6605] ioctl(4, LOOP_SET_FD, 3 [pid 6606] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6605] <... ioctl resumed>) = 0 [pid 6605] close(3) = 0 [pid 6605] mkdir("./file0", 0777) = 0 [ 324.845161][ T6605] loop3: detected capacity change from 0 to 4096 [pid 6605] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6606] <... write resumed>) = 2097152 [pid 6606] munmap(0x7fc0314e0000, 2097152) = 0 [ 324.914367][ T6605] NILFS (loop3): invalid segment: Checksum error in segment payload [ 324.953286][ T6605] NILFS (loop3): trying rollback from an earlier position [pid 6606] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6606] ioctl(4, LOOP_SET_FD, 3 [pid 6605] <... mount resumed>) = 0 [pid 6606] <... ioctl resumed>) = 0 [pid 6605] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6606] close(3 [pid 6605] <... openat resumed>) = 3 [pid 6606] <... close resumed>) = 0 [pid 6605] chdir("./file0" [pid 6606] mkdir("./file0", 0777 [pid 6605] <... chdir resumed>) = 0 [pid 6606] <... mkdir resumed>) = 0 [pid 6605] ioctl(4, LOOP_CLR_FD [pid 6606] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6605] <... ioctl resumed>) = 0 [pid 6605] close(4) = 0 [ 324.973579][ T6605] NILFS (loop3): recovery complete [ 324.992482][ T6607] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 325.016810][ T6606] loop1: detected capacity change from 0 to 4096 [pid 6605] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6605] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6605] ftruncate(5, 33587195) = 0 [ 325.058308][ T6606] NILFS (loop1): invalid segment: Checksum error in segment payload [ 325.086154][ T6606] NILFS (loop1): trying rollback from an earlier position [ 325.169616][ T6606] NILFS (loop1): recovery complete [pid 6605] sendfile(4, 5, NULL, 281474978811909 [pid 6606] <... mount resumed>) = 0 [pid 6606] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6606] chdir("./file0") = 0 [pid 6606] ioctl(4, LOOP_CLR_FD) = 0 [pid 6606] close(4) = 0 [pid 6606] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [ 325.201313][ T6608] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6606] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6606] ftruncate(5, 33587195) = 0 [pid 6606] sendfile(4, 5, NULL, 281474978811909 [pid 6597] <... sendfile resumed>) = 1048576 [pid 6597] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6597] exit_group(0) = ? [pid 6597] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6597, si_uid=0, si_status=0, si_utime=0, si_stime=22 /* 0.22 s */} --- [pid 5069] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5069] umount2("./127", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./127", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./127/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./127/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./127/binderfs") = 0 [pid 5069] umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6599] <... sendfile resumed>) = 1048576 [pid 6599] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6599] exit_group(0) = ? [pid 6599] +++ exited with 0 +++ [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6599, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=21 /* 0.21 s */} --- [pid 5066] umount2("./125", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./125", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6600] <... sendfile resumed>) = 1048576 [pid 5066] <... openat resumed>) = 3 [pid 6600] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5066] fstat(3, [pid 6600] <... open resumed>) = -1 EFAULT (Bad address) [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6600] exit_group(0) = ? [pid 5066] getdents64(3, [pid 6600] +++ exited with 0 +++ [pid 5066] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] umount2("./125/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6600, si_uid=0, si_status=0, si_utime=0, si_stime=19 /* 0.19 s */} --- [pid 5066] lstat("./125/binderfs", [pid 5068] umount2("./126", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./126", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] unlink("./125/binderfs" [pid 5068] <... openat resumed>) = 3 [pid 5068] fstat(3, [pid 5066] <... unlink resumed>) = 0 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] umount2("./126/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./126/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] unlink("./126/binderfs") = 0 [pid 5068] umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... umount2 resumed>) = 0 [pid 5069] umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6598] <... sendfile resumed>) = 1048576 [pid 5069] lstat("./127/file0", [pid 6598] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5069] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6598] exit_group(0 [pid 5069] umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6598] <... exit_group resumed>) = ? [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6598] +++ exited with 0 +++ [pid 5069] openat(AT_FDCWD, "./127/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] fstat(4, [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6598, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} --- [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] restart_syscall(<... resuming interrupted clone ...> [pid 5069] getdents64(4, [pid 5064] <... restart_syscall resumed>) = 0 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 5064] umount2("./125", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] rmdir("./127/file0" [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... rmdir resumed>) = 0 [pid 5064] openat(AT_FDCWD, "./125", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] <... openat resumed>) = 3 [pid 5069] close(3 [pid 5064] fstat(3, [pid 5069] <... close resumed>) = 0 [pid 5069] rmdir("./127" [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] <... rmdir resumed>) = 0 [pid 5064] getdents64(3, [pid 5069] mkdir("./128", 0777 [pid 5064] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] <... mkdir resumed>) = 0 [pid 5064] umount2("./125/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5064] lstat("./125/binderfs", [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5064] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] close(3 [pid 5064] unlink("./125/binderfs" [pid 5069] <... close resumed>) = 0 [pid 5064] <... unlink resumed>) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5064] umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 6609 attached [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 6609 [pid 5066] umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./125/file0", [pid 6609] chdir("./128" [pid 5066] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6609] <... chdir resumed>) = 0 [pid 5066] umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6609] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6609] <... prctl resumed>) = 0 [pid 5066] openat(AT_FDCWD, "./125/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6609] setpgid(0, 0 [pid 5066] <... openat resumed>) = 4 [pid 6609] <... setpgid resumed>) = 0 [pid 5066] fstat(4, [pid 6609] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6609] <... openat resumed>) = 3 [pid 5066] getdents64(4, [pid 6609] write(3, "1000", 4 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6609] <... write resumed>) = 4 [pid 5066] getdents64(4, [pid 6609] close(3) = 0 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6609] symlink("/dev/binderfs", "./binderfs" [pid 5066] close(4 [pid 6609] <... symlink resumed>) = 0 [pid 5066] <... close resumed>) = 0 [pid 6609] memfd_create("syzkaller", 0 [pid 5066] rmdir("./125/file0" [pid 6609] <... memfd_create resumed>) = 3 [pid 5066] <... rmdir resumed>) = 0 [pid 6609] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5066] getdents64(3, [pid 6609] <... mmap resumed>) = 0x7fc0314e0000 [pid 5066] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./125") = 0 [pid 5066] mkdir("./126", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5066] close(3) = 0 [pid 6609] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6610 ./strace-static-x86_64: Process 6610 attached [pid 6610] chdir("./126") = 0 [pid 5068] <... umount2 resumed>) = 0 [pid 6610] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6610] setpgid(0, 0 [pid 5068] umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6610] <... setpgid resumed>) = 0 [pid 6610] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6610] write(3, "1000", 4 [pid 5068] lstat("./126/file0", [pid 6610] <... write resumed>) = 4 [pid 5068] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] <... umount2 resumed>) = 0 [pid 6610] close(3 [pid 5068] umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6610] <... close resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6610] symlink("/dev/binderfs", "./binderfs" [pid 5068] openat(AT_FDCWD, "./126/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] lstat("./125/file0", [pid 6610] <... symlink resumed>) = 0 [pid 6609] <... write resumed>) = 2097152 [pid 5068] <... openat resumed>) = 4 [pid 6610] memfd_create("syzkaller", 0 [pid 6609] munmap(0x7fc0314e0000, 2097152 [pid 5068] fstat(4, [pid 5064] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6610] <... memfd_create resumed>) = 3 [pid 6609] <... munmap resumed>) = 0 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6610] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6609] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5068] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6610] <... mmap resumed>) = 0x7fc0314e0000 [pid 6609] <... openat resumed>) = 4 [pid 5068] getdents64(4, [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6609] ioctl(4, LOOP_SET_FD, 3 [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] openat(AT_FDCWD, "./125/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6610] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6609] <... ioctl resumed>) = 0 [pid 5068] close(4 [pid 5064] <... openat resumed>) = 4 [pid 6609] close(3 [pid 5068] <... close resumed>) = 0 [pid 5064] fstat(4, [pid 6609] <... close resumed>) = 0 [pid 5068] rmdir("./126/file0" [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6609] mkdir("./file0", 0777 [pid 5068] <... rmdir resumed>) = 0 [pid 5064] getdents64(4, [pid 6609] <... mkdir resumed>) = 0 [pid 5068] getdents64(3, [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6609] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] getdents64(4, [pid 5068] close(3 [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] <... close resumed>) = 0 [pid 5064] close(4 [pid 5068] rmdir("./126" [pid 5064] <... close resumed>) = 0 [pid 5068] <... rmdir resumed>) = 0 [pid 5064] rmdir("./125/file0" [pid 5068] mkdir("./127", 0777 [pid 5064] <... rmdir resumed>) = 0 [pid 5068] <... mkdir resumed>) = 0 [pid 5064] getdents64(3, [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5064] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] <... openat resumed>) = 3 [pid 5064] close(3 [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5064] <... close resumed>) = 0 [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5064] rmdir("./125" [pid 5068] close(3 [pid 5064] <... rmdir resumed>) = 0 [pid 5068] <... close resumed>) = 0 [pid 5064] mkdir("./126", 0777 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5064] <... mkdir resumed>) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 6611 [pid 5064] <... openat resumed>) = 3 [pid 5064] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5064] close(3) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6612 [ 325.848731][ T6609] loop5: detected capacity change from 0 to 4096 ./strace-static-x86_64: Process 6612 attached ./strace-static-x86_64: Process 6611 attached [pid 6611] chdir("./127") = 0 [pid 6612] chdir("./126" [pid 6611] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6611] setpgid(0, 0) = 0 [pid 6611] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6611] write(3, "1000", 4) = 4 [pid 6611] close(3) = 0 [pid 6611] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6611] memfd_create("syzkaller", 0) = 3 [pid 6611] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6612] <... chdir resumed>) = 0 [pid 6612] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6612] setpgid(0, 0) = 0 [pid 6612] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6612] write(3, "1000", 4) = 4 [pid 6612] close(3) = 0 [ 325.892656][ T6609] NILFS (loop5): invalid segment: Checksum error in segment payload [pid 6612] symlink("/dev/binderfs", "./binderfs" [pid 6610] <... write resumed>) = 2097152 [pid 6610] munmap(0x7fc0314e0000, 2097152 [pid 6612] <... symlink resumed>) = 0 [pid 6610] <... munmap resumed>) = 0 [pid 6612] memfd_create("syzkaller", 0 [pid 6610] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6612] <... memfd_create resumed>) = 3 [pid 6610] <... openat resumed>) = 4 [pid 6610] ioctl(4, LOOP_SET_FD, 3 [pid 6612] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6611] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6610] <... ioctl resumed>) = 0 [pid 6610] close(3) = 0 [pid 6610] mkdir("./file0", 0777 [pid 6612] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6610] <... mkdir resumed>) = 0 [ 325.946667][ T6609] NILFS (loop5): trying rollback from an earlier position [ 325.960644][ T6610] loop2: detected capacity change from 0 to 4096 [pid 6610] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6609] <... mount resumed>) = 0 [pid 6609] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6609] chdir("./file0") = 0 [pid 6609] ioctl(4, LOOP_CLR_FD) = 0 [pid 6609] close(4) = 0 [pid 6609] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6609] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6609] ftruncate(5, 33587195) = 0 [pid 6609] sendfile(4, 5, NULL, 281474978811909 [pid 6611] <... write resumed>) = 2097152 [pid 6611] munmap(0x7fc0314e0000, 2097152 [ 326.022119][ T6609] NILFS (loop5): recovery complete [ 326.038904][ T6610] NILFS (loop2): invalid segment: Checksum error in segment payload [ 326.051304][ T6613] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6612] <... write resumed>) = 2097152 [pid 6611] <... munmap resumed>) = 0 [pid 6611] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6611] ioctl(4, LOOP_SET_FD, 3 [pid 6612] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6612] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6612] ioctl(4, LOOP_SET_FD, 3 [pid 6611] <... ioctl resumed>) = 0 [pid 6611] close(3 [pid 6612] <... ioctl resumed>) = 0 [ 326.106321][ T6610] NILFS (loop2): trying rollback from an earlier position [ 326.125180][ T6611] loop4: detected capacity change from 0 to 4096 [pid 6611] <... close resumed>) = 0 [pid 6612] close(3 [pid 6611] mkdir("./file0", 0777 [pid 6612] <... close resumed>) = 0 [pid 6612] mkdir("./file0", 0777 [pid 6611] <... mkdir resumed>) = 0 [pid 6612] <... mkdir resumed>) = 0 [pid 6611] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [ 326.166088][ T6612] loop0: detected capacity change from 0 to 4096 [ 326.180756][ T6610] NILFS (loop2): recovery complete [pid 6612] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6610] <... mount resumed>) = 0 [pid 6610] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6610] chdir("./file0" [pid 6605] <... sendfile resumed>) = 1048576 [pid 6610] <... chdir resumed>) = 0 [pid 6605] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6610] ioctl(4, LOOP_CLR_FD [pid 6605] <... open resumed>) = -1 EFAULT (Bad address) [pid 6610] <... ioctl resumed>) = 0 [pid 6605] exit_group(0 [pid 6610] close(4 [ 326.212580][ T6612] NILFS (loop0): invalid segment: Checksum error in segment payload [ 326.226545][ T6614] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 326.227005][ T6611] NILFS (loop4): invalid segment: Checksum error in segment payload [pid 6605] <... exit_group resumed>) = ? [pid 6610] <... close resumed>) = 0 [pid 6610] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6605] +++ exited with 0 +++ [pid 6610] <... open resumed>) = 4 [pid 6610] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6605, si_uid=0, si_status=0, si_utime=0, si_stime=29 /* 0.29 s */} --- [pid 6610] <... open resumed>) = 5 [pid 5067] umount2("./127", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6610] ftruncate(5, 33587195 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6610] <... ftruncate resumed>) = 0 [pid 5067] openat(AT_FDCWD, "./127", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6610] sendfile(4, 5, NULL, 281474978811909 [pid 5067] <... openat resumed>) = 3 [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./127/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./127/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./127/binderfs") = 0 [ 326.266465][ T6612] NILFS (loop0): trying rollback from an earlier position [pid 5067] umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6606] <... sendfile resumed>) = 1048576 [pid 6606] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6612] <... mount resumed>) = 0 [pid 6606] <... open resumed>) = -1 EFAULT (Bad address) [pid 6606] exit_group(0) = ? [ 326.327221][ T6611] NILFS (loop4): trying rollback from an earlier position [ 326.355410][ T6612] NILFS (loop0): recovery complete [ 326.365960][ T6615] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6606] +++ exited with 0 +++ [pid 6612] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6612] chdir("./file0" [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6606, si_uid=0, si_status=0, si_utime=0, si_stime=22 /* 0.22 s */} --- [pid 6612] <... chdir resumed>) = 0 [pid 5065] umount2("./125", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6612] ioctl(4, LOOP_CLR_FD [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6612] <... ioctl resumed>) = 0 [pid 5065] openat(AT_FDCWD, "./125", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6612] close(4) = 0 [pid 5065] <... openat resumed>) = 3 [pid 6612] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6612] <... open resumed>) = 4 [pid 5065] umount2("./125/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6612] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6612] <... open resumed>) = 5 [pid 5065] lstat("./125/binderfs", [pid 6612] ftruncate(5, 33587195 [pid 5065] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6612] <... ftruncate resumed>) = 0 [pid 5065] unlink("./125/binderfs" [pid 6612] sendfile(4, 5, NULL, 281474978811909 [pid 5065] <... unlink resumed>) = 0 [ 326.367076][ T6611] NILFS (loop4): recovery complete [pid 5065] umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6611] <... mount resumed>) = 0 [pid 6611] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6611] chdir("./file0") = 0 [pid 6611] ioctl(4, LOOP_CLR_FD) = 0 [pid 6611] close(4) = 0 [pid 6611] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6611] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6611] ftruncate(5, 33587195) = 0 [ 326.455795][ T6616] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6611] sendfile(4, 5, NULL, 281474978811909 [pid 5067] <... umount2 resumed>) = 0 [pid 5067] umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./127/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./127/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./127/file0") = 0 [pid 5067] getdents64(3, [pid 5065] <... umount2 resumed>) = 0 [pid 5067] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3 [pid 5065] umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... close resumed>) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] rmdir("./127" [pid 5065] lstat("./125/file0", [pid 5067] <... rmdir resumed>) = 0 [pid 5065] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] mkdir("./128", 0777 [pid 5065] umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... mkdir resumed>) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5065] openat(AT_FDCWD, "./125/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5067] <... openat resumed>) = 3 [pid 5065] <... openat resumed>) = 4 [pid 5067] ioctl(3, LOOP_CLR_FD [pid 5065] fstat(4, [pid 5067] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] close(3 [pid 5065] getdents64(4, [pid 5067] <... close resumed>) = 0 [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] close(4 [pid 5067] <... clone resumed>, child_tidptr=0x555556c965d0) = 6617 [pid 5065] <... close resumed>) = 0 [pid 5065] rmdir("./125/file0") = 0 ./strace-static-x86_64: Process 6617 attached [pid 5065] getdents64(3, [pid 6617] chdir("./128" [pid 5065] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6617] <... chdir resumed>) = 0 [pid 5065] close(3 [pid 6617] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5065] <... close resumed>) = 0 [pid 5065] rmdir("./125" [pid 6617] <... prctl resumed>) = 0 [pid 6617] setpgid(0, 0 [pid 5065] <... rmdir resumed>) = 0 [pid 6617] <... setpgid resumed>) = 0 [pid 5065] mkdir("./126", 0777 [pid 6617] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5065] <... mkdir resumed>) = 0 [pid 6617] <... openat resumed>) = 3 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6617] write(3, "1000", 4 [pid 5065] <... openat resumed>) = 3 [pid 6617] <... write resumed>) = 4 [pid 5065] ioctl(3, LOOP_CLR_FD [pid 6617] close(3 [pid 5065] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6617] <... close resumed>) = 0 [pid 5065] close(3 [pid 6617] symlink("/dev/binderfs", "./binderfs" [pid 5065] <... close resumed>) = 0 [pid 6617] <... symlink resumed>) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6617] memfd_create("syzkaller", 0) = 3 [pid 5065] <... clone resumed>, child_tidptr=0x555556c965d0) = 6618 [pid 6617] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 ./strace-static-x86_64: Process 6618 attached [pid 6617] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6618] chdir("./126") = 0 [pid 6618] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6618] setpgid(0, 0) = 0 [pid 6618] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6618] write(3, "1000", 4) = 4 [pid 6618] close(3) = 0 [pid 6618] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6618] memfd_create("syzkaller", 0) = 3 [pid 6618] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6618] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6617] <... write resumed>) = 2097152 [pid 6617] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6617] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6617] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6618] <... write resumed>) = 2097152 [pid 6617] close(3) = 0 [pid 6617] mkdir("./file0", 0777) = 0 [pid 6617] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6618] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6618] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [ 326.929763][ T6617] loop3: detected capacity change from 0 to 4096 [pid 6618] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6618] close(3) = 0 [pid 6618] mkdir("./file0", 0777) = 0 [ 326.982542][ T6618] loop1: detected capacity change from 0 to 4096 [ 326.995966][ T6617] NILFS (loop3): invalid segment: Checksum error in segment payload [ 327.013257][ T6617] NILFS (loop3): trying rollback from an earlier position [ 327.069398][ T6618] NILFS (loop1): invalid segment: Checksum error in segment payload [ 327.106996][ T6617] NILFS (loop3): recovery complete [ 327.110747][ T6618] NILFS (loop1): trying rollback from an earlier position [pid 6618] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6609] <... sendfile resumed>) = 1048576 [pid 6609] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6609] exit_group(0) = ? [pid 6609] +++ exited with 0 +++ [pid 6617] <... mount resumed>) = 0 [pid 6617] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6609, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 6617] <... openat resumed>) = 3 [pid 5069] restart_syscall(<... resuming interrupted clone ...> [pid 6617] chdir("./file0" [pid 5069] <... restart_syscall resumed>) = 0 [pid 6617] <... chdir resumed>) = 0 [pid 6617] ioctl(4, LOOP_CLR_FD) = 0 [pid 5069] umount2("./128", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6617] close(4 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6617] <... close resumed>) = 0 [pid 5069] openat(AT_FDCWD, "./128", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6617] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] <... openat resumed>) = 3 [ 327.166292][ T6619] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6617] <... open resumed>) = 4 [pid 5069] fstat(3, [pid 6617] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6617] <... open resumed>) = 5 [pid 5069] getdents64(3, [pid 6617] ftruncate(5, 33587195 [pid 5069] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6617] <... ftruncate resumed>) = 0 [pid 5069] umount2("./128/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6617] sendfile(4, 5, NULL, 281474978811909 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./128/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./128/binderfs") = 0 [ 327.278900][ T6618] NILFS (loop1): recovery complete [pid 5069] umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6618] <... mount resumed>) = 0 [pid 6618] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6610] <... sendfile resumed>) = 1048576 [pid 6618] chdir("./file0" [pid 6610] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6618] <... chdir resumed>) = 0 [pid 6610] <... open resumed>) = -1 EFAULT (Bad address) [pid 6618] ioctl(4, LOOP_CLR_FD [pid 6610] exit_group(0 [pid 6618] <... ioctl resumed>) = 0 [pid 6610] <... exit_group resumed>) = ? [pid 6618] close(4) = 0 [pid 6618] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6610] +++ exited with 0 +++ [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6610, si_uid=0, si_status=0, si_utime=0, si_stime=33 /* 0.33 s */} --- [pid 5066] umount2("./126", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./126", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6618] <... open resumed>) = 4 [pid 6618] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5066] <... openat resumed>) = 3 [pid 6618] <... open resumed>) = 5 [pid 5066] fstat(3, [pid 6618] ftruncate(5, 33587195 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6618] <... ftruncate resumed>) = 0 [pid 5066] getdents64(3, [pid 6618] sendfile(4, 5, NULL, 281474978811909 [pid 5066] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] umount2("./126/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 327.336086][ T6620] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5066] lstat("./126/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] unlink("./126/binderfs") = 0 [pid 5066] umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6611] <... sendfile resumed>) = 1048576 [pid 6611] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6611] exit_group(0) = ? [pid 6611] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6611, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5069] <... umount2 resumed>) = 0 [pid 5068] umount2("./127", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./127", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(3, [pid 5069] umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] umount2("./127/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./128/file0", [pid 5068] lstat("./127/binderfs", [pid 5069] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] unlink("./127/binderfs" [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... unlink resumed>) = 0 [pid 5069] openat(AT_FDCWD, "./128/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... openat resumed>) = 4 [pid 5069] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(4, [pid 6612] <... sendfile resumed>) = 1048576 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6612] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5069] getdents64(4, [pid 6612] <... open resumed>) = -1 EFAULT (Bad address) [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6612] exit_group(0 [pid 5069] close(4 [pid 6612] <... exit_group resumed>) = ? [pid 5069] <... close resumed>) = 0 [pid 6612] +++ exited with 0 +++ [pid 5069] rmdir("./128/file0" [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6612, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5064] umount2("./126", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... rmdir resumed>) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./126", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5064] fstat(3, [pid 5069] getdents64(3, [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] umount2("./126/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./126/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] unlink("./126/binderfs" [pid 5069] close(3 [pid 5064] <... unlink resumed>) = 0 [pid 5069] <... close resumed>) = 0 [pid 5064] umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] rmdir("./128") = 0 [pid 5069] mkdir("./129", 0777) = 0 [pid 5066] <... umount2 resumed>) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5069] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6622 [pid 5066] umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./126/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6622 attached ) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./126/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6622] chdir("./129" [pid 5066] fstat(4, [pid 6622] <... chdir resumed>) = 0 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6622] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5066] getdents64(4, [pid 6622] <... prctl resumed>) = 0 [pid 6622] setpgid(0, 0 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, [pid 6622] <... setpgid resumed>) = 0 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] close(4 [pid 6622] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5066] <... close resumed>) = 0 [pid 5066] rmdir("./126/file0" [pid 6622] <... openat resumed>) = 3 [pid 5066] <... rmdir resumed>) = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6622] write(3, "1000", 4 [pid 5066] close(3 [pid 6622] <... write resumed>) = 4 [pid 5066] <... close resumed>) = 0 [pid 6622] close(3 [pid 5066] rmdir("./126" [pid 6622] <... close resumed>) = 0 [pid 5066] <... rmdir resumed>) = 0 [pid 6622] symlink("/dev/binderfs", "./binderfs" [pid 5066] mkdir("./127", 0777 [pid 6622] <... symlink resumed>) = 0 [pid 5066] <... mkdir resumed>) = 0 [pid 6622] memfd_create("syzkaller", 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6622] <... memfd_create resumed>) = 3 [pid 6622] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5066] <... openat resumed>) = 3 [pid 6622] <... mmap resumed>) = 0x7fc0314e0000 [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5066] close(3) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6623 ./strace-static-x86_64: Process 6623 attached [pid 6623] chdir("./127") = 0 [pid 6623] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6622] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6623] setpgid(0, 0) = 0 [pid 6623] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6623] write(3, "1000", 4) = 4 [pid 6623] close(3) = 0 [pid 6623] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6623] memfd_create("syzkaller", 0) = 3 [pid 6623] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5068] <... umount2 resumed>) = 0 [pid 6623] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5068] umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./127/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] <... umount2 resumed>) = 0 [pid 5068] openat(AT_FDCWD, "./127/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5068] fstat(4, [pid 6622] <... write resumed>) = 2097152 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6622] munmap(0x7fc0314e0000, 2097152 [pid 5068] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, [pid 6622] <... munmap resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6622] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5068] close(4 [pid 6622] <... openat resumed>) = 4 [pid 5068] <... close resumed>) = 0 [pid 6622] ioctl(4, LOOP_SET_FD, 3 [pid 5068] rmdir("./127/file0" [pid 5064] umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./126/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] <... rmdir resumed>) = 0 [pid 6622] <... ioctl resumed>) = 0 [pid 5068] getdents64(3, [pid 6622] close(3) = 0 [pid 5064] openat(AT_FDCWD, "./126/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6622] mkdir("./file0", 0777 [pid 5064] <... openat resumed>) = 4 [pid 5064] fstat(4, [pid 6622] <... mkdir resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6623] <... write resumed>) = 2097152 [pid 6622] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6623] munmap(0x7fc0314e0000, 2097152 [pid 5068] close(3 [pid 5064] getdents64(4, [pid 5068] <... close resumed>) = 0 [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] rmdir("./127" [pid 5064] getdents64(4, [pid 5068] <... rmdir resumed>) = 0 [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] close(4) = 0 [pid 5064] rmdir("./126/file0") = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] close(3) = 0 [pid 5064] rmdir("./126") = 0 [pid 5064] mkdir("./127", 0777) = 0 [pid 5068] mkdir("./128", 0777 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6623] <... munmap resumed>) = 0 [pid 5068] <... mkdir resumed>) = 0 [pid 5064] <... openat resumed>) = 3 [pid 5064] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5064] close(3 [pid 6623] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5064] <... close resumed>) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6624 [pid 6623] <... openat resumed>) = 4 [pid 5068] <... openat resumed>) = 3 [ 327.925861][ T6622] loop5: detected capacity change from 0 to 4096 [ 327.965277][ T6622] NILFS (loop5): invalid segment: Checksum error in segment payload ./strace-static-x86_64: Process 6624 attached [pid 6624] chdir("./127") = 0 [pid 6624] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6624] setpgid(0, 0) = 0 [pid 6624] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6623] ioctl(4, LOOP_SET_FD, 3 [pid 5068] ioctl(3, LOOP_CLR_FD [pid 6624] <... openat resumed>) = 3 [pid 6623] <... ioctl resumed>) = 0 [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6623] close(3 [pid 5068] close(3 [pid 6623] <... close resumed>) = 0 [pid 5068] <... close resumed>) = 0 [pid 6623] mkdir("./file0", 0777 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6624] write(3, "1000", 4 [pid 6623] <... mkdir resumed>) = 0 [pid 6624] <... write resumed>) = 4 [pid 6623] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6624] close(3) = 0 [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 6625 [pid 6624] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6624] memfd_create("syzkaller", 0) = 3 [pid 6624] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0./strace-static-x86_64: Process 6625 attached ) = 0x7fc0314e0000 [ 327.977091][ T6622] NILFS (loop5): trying rollback from an earlier position [ 327.996384][ T6623] loop2: detected capacity change from 0 to 4096 [pid 6625] chdir("./128") = 0 [pid 6625] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6625] setpgid(0, 0) = 0 [pid 6625] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6625] write(3, "1000", 4) = 4 [pid 6625] close(3) = 0 [pid 6625] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6625] memfd_create("syzkaller", 0) = 3 [ 328.045347][ T6623] NILFS (loop2): invalid segment: Checksum error in segment payload [ 328.054177][ T6623] NILFS (loop2): trying rollback from an earlier position [ 328.063367][ T6622] NILFS (loop5): recovery complete [pid 6625] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6624] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6625] <... mmap resumed>) = 0x7fc0314e0000 [pid 6622] <... mount resumed>) = 0 [pid 6622] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6622] chdir("./file0") = 0 [pid 6622] ioctl(4, LOOP_CLR_FD) = 0 [pid 6622] close(4 [pid 6623] <... mount resumed>) = 0 [pid 6622] <... close resumed>) = 0 [ 328.101797][ T6626] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 328.126214][ T6623] NILFS (loop2): recovery complete [ 328.138444][ T6627] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6623] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6622] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6625] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6623] <... openat resumed>) = 3 [pid 6622] <... open resumed>) = 4 [pid 6623] chdir("./file0" [pid 6622] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6623] <... chdir resumed>) = 0 [pid 6622] <... open resumed>) = 5 [pid 6622] ftruncate(5, 33587195 [pid 6623] ioctl(4, LOOP_CLR_FD [pid 6622] <... ftruncate resumed>) = 0 [pid 6623] <... ioctl resumed>) = 0 [pid 6622] sendfile(4, 5, NULL, 281474978811909 [pid 6623] close(4) = 0 [pid 6623] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6624] <... write resumed>) = 2097152 [pid 6623] <... open resumed>) = 4 [pid 6623] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6623] ftruncate(5, 33587195) = 0 [pid 6623] sendfile(4, 5, NULL, 281474978811909 [pid 6617] <... sendfile resumed>) = 1048576 [pid 6617] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6617] exit_group(0 [pid 6624] munmap(0x7fc0314e0000, 2097152 [pid 6617] <... exit_group resumed>) = ? [pid 6624] <... munmap resumed>) = 0 [pid 6617] +++ exited with 0 +++ [pid 6624] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6617, si_uid=0, si_status=0, si_utime=0, si_stime=24 /* 0.24 s */} --- [pid 6624] <... openat resumed>) = 4 [pid 6624] ioctl(4, LOOP_SET_FD, 3 [pid 5067] umount2("./128", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./128", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6625] <... write resumed>) = 2097152 [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./128/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./128/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./128/binderfs") = 0 [pid 5067] umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6624] <... ioctl resumed>) = 0 [pid 6624] close(3) = 0 [pid 6624] mkdir("./file0", 0777) = 0 [pid 6625] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6624] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6625] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 328.276761][ T6624] loop0: detected capacity change from 0 to 4096 [ 328.329898][ T6625] loop4: detected capacity change from 0 to 4096 [pid 6625] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6625] close(3) = 0 [pid 6625] mkdir("./file0", 0777) = 0 [ 328.383301][ T6624] NILFS (loop0): invalid segment: Checksum error in segment payload [ 328.423070][ T6624] NILFS (loop0): trying rollback from an earlier position [ 328.431805][ T6625] NILFS (loop4): invalid segment: Checksum error in segment payload [pid 6625] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5067] <... umount2 resumed>) = 0 [pid 5067] umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./128/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./128/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 328.474230][ T6625] NILFS (loop4): trying rollback from an earlier position [ 328.504546][ T6624] NILFS (loop0): recovery complete [pid 5067] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6624] <... mount resumed>) = 0 [pid 5067] getdents64(4, [pid 6624] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6624] <... openat resumed>) = 3 [pid 5067] close(4 [pid 6624] chdir("./file0" [pid 5067] <... close resumed>) = 0 [pid 6624] <... chdir resumed>) = 0 [pid 5067] rmdir("./128/file0" [pid 6624] ioctl(4, LOOP_CLR_FD [pid 5067] <... rmdir resumed>) = 0 [pid 6624] <... ioctl resumed>) = 0 [pid 5067] getdents64(3, [pid 6624] close(4 [pid 5067] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6624] <... close resumed>) = 0 [pid 5067] close(3 [pid 6624] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] <... close resumed>) = 0 [pid 6624] <... open resumed>) = 4 [pid 5067] rmdir("./128" [pid 6624] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] <... rmdir resumed>) = 0 [pid 6624] <... open resumed>) = 5 [pid 5067] mkdir("./129", 0777 [pid 6624] ftruncate(5, 33587195 [pid 5067] <... mkdir resumed>) = 0 [pid 6624] <... ftruncate resumed>) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR [ 328.549848][ T6628] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 328.566196][ T6625] NILFS (loop4): recovery complete [pid 6624] sendfile(4, 5, NULL, 281474978811909 [pid 5067] <... openat resumed>) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6630 ./strace-static-x86_64: Process 6630 attached [pid 6625] <... mount resumed>) = 0 [pid 6618] <... sendfile resumed>) = 1048576 [pid 6625] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6630] chdir("./129" [pid 6625] <... openat resumed>) = 3 [pid 6618] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6625] chdir("./file0") = 0 [pid 6618] <... open resumed>) = -1 EFAULT (Bad address) [pid 6625] ioctl(4, LOOP_CLR_FD) = 0 [pid 6618] exit_group(0 [pid 6630] <... chdir resumed>) = 0 [pid 6625] close(4 [pid 6618] <... exit_group resumed>) = ? [pid 6625] <... close resumed>) = 0 [pid 6625] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6630] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6625] <... open resumed>) = 4 [pid 6618] +++ exited with 0 +++ [pid 6630] <... prctl resumed>) = 0 [ 328.628486][ T6629] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6625] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6618, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} --- [pid 6630] setpgid(0, 0 [pid 6625] <... open resumed>) = 5 [pid 5065] restart_syscall(<... resuming interrupted clone ...> [pid 6630] <... setpgid resumed>) = 0 [pid 6625] ftruncate(5, 33587195 [pid 5065] <... restart_syscall resumed>) = 0 [pid 6625] <... ftruncate resumed>) = 0 [pid 6630] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6625] sendfile(4, 5, NULL, 281474978811909 [pid 6630] <... openat resumed>) = 3 [pid 5065] umount2("./126", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6630] write(3, "1000", 4 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6630] <... write resumed>) = 4 [pid 5065] openat(AT_FDCWD, "./126", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6630] close(3 [pid 5065] <... openat resumed>) = 3 [pid 6630] <... close resumed>) = 0 [pid 5065] fstat(3, [pid 6630] symlink("/dev/binderfs", "./binderfs" [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6630] <... symlink resumed>) = 0 [pid 5065] getdents64(3, [pid 6630] memfd_create("syzkaller", 0 [pid 5065] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6630] <... memfd_create resumed>) = 3 [pid 5065] umount2("./126/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6630] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6630] <... mmap resumed>) = 0x7fc0314e0000 [pid 5065] lstat("./126/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] unlink("./126/binderfs") = 0 [pid 5065] umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6630] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152 [pid 5065] <... umount2 resumed>) = 0 [pid 6630] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6630] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6630] ioctl(4, LOOP_SET_FD, 3 [pid 5065] umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./126/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./126/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [pid 5065] rmdir("./126/file0" [pid 6630] <... ioctl resumed>) = 0 [pid 5065] <... rmdir resumed>) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6630] close(3 [pid 5065] close(3 [pid 6630] <... close resumed>) = 0 [pid 5065] <... close resumed>) = 0 [pid 6630] mkdir("./file0", 0777 [pid 5065] rmdir("./126" [pid 6630] <... mkdir resumed>) = 0 [pid 5065] <... rmdir resumed>) = 0 [pid 5065] mkdir("./127", 0777 [pid 6630] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5065] <... mkdir resumed>) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 328.993052][ T6630] loop3: detected capacity change from 0 to 4096 [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6631 ./strace-static-x86_64: Process 6631 attached [pid 6631] chdir("./127") = 0 [pid 6631] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6631] setpgid(0, 0) = 0 [pid 6631] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6631] write(3, "1000", 4) = 4 [pid 6631] close(3) = 0 [pid 6631] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6631] memfd_create("syzkaller", 0) = 3 [pid 6631] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 329.082373][ T6630] NILFS (loop3): invalid segment: Checksum error in segment payload [ 329.106274][ T6630] NILFS (loop3): trying rollback from an earlier position [ 329.191194][ T6630] NILFS (loop3): recovery complete [pid 6631] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6630] <... mount resumed>) = 0 [pid 6630] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6630] chdir("./file0") = 0 [pid 6630] ioctl(4, LOOP_CLR_FD) = 0 [pid 6630] close(4) = 0 [pid 6630] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6630] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6630] ftruncate(5, 33587195) = 0 [ 329.261062][ T6632] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6630] sendfile(4, 5, NULL, 281474978811909 [pid 6631] <... write resumed>) = 2097152 [pid 6631] munmap(0x7fc0314e0000, 2097152 [pid 6622] <... sendfile resumed>) = 1048576 [pid 6631] <... munmap resumed>) = 0 [pid 6622] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6631] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6622] <... open resumed>) = -1 EFAULT (Bad address) [pid 6631] <... openat resumed>) = 4 [pid 6622] exit_group(0 [pid 6631] ioctl(4, LOOP_SET_FD, 3 [pid 6622] <... exit_group resumed>) = ? [pid 6622] +++ exited with 0 +++ [pid 6623] <... sendfile resumed>) = 1048576 [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6622, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 6623] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5069] restart_syscall(<... resuming interrupted clone ...> [pid 6631] <... ioctl resumed>) = 0 [pid 6623] <... open resumed>) = -1 EFAULT (Bad address) [pid 5069] <... restart_syscall resumed>) = 0 [pid 6631] close(3 [pid 6623] exit_group(0 [pid 6631] <... close resumed>) = 0 [pid 6623] <... exit_group resumed>) = ? [pid 6623] +++ exited with 0 +++ [pid 5069] umount2("./129", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6623, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=22 /* 0.22 s */} --- [pid 6631] mkdir("./file0", 0777 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./129", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6631] <... mkdir resumed>) = 0 [pid 5069] <... openat resumed>) = 3 [pid 6631] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] umount2("./127", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] umount2("./129/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./129/binderfs", [pid 5066] openat(AT_FDCWD, "./127", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./129/binderfs" [pid 5066] <... openat resumed>) = 3 [pid 5069] <... unlink resumed>) = 0 [pid 5066] fstat(3, [pid 5069] umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 329.409944][ T6631] loop1: detected capacity change from 0 to 4096 [pid 5066] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] umount2("./127/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./127/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] unlink("./127/binderfs") = 0 [ 329.499805][ T6631] NILFS (loop1): invalid segment: Checksum error in segment payload [ 329.539358][ T6631] NILFS (loop1): trying rollback from an earlier position [pid 5066] umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6631] <... mount resumed>) = 0 [pid 6631] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5069] <... umount2 resumed>) = 0 [ 329.608214][ T6631] NILFS (loop1): recovery complete [ 329.622916][ T6633] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6631] <... openat resumed>) = 3 [pid 6631] chdir("./file0" [pid 5069] umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6631] <... chdir resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6631] ioctl(4, LOOP_CLR_FD [pid 5069] lstat("./129/file0", [pid 6631] <... ioctl resumed>) = 0 [pid 5069] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6631] close(4 [pid 5069] umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6631] <... close resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6631] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] openat(AT_FDCWD, "./129/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6631] <... open resumed>) = 4 [pid 6625] <... sendfile resumed>) = 1048576 [pid 5069] <... openat resumed>) = 4 [pid 6631] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6625] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5069] fstat(4, [pid 6631] <... open resumed>) = 5 [pid 6631] ftruncate(5, 33587195 [pid 6625] <... open resumed>) = -1 EFAULT (Bad address) [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6631] <... ftruncate resumed>) = 0 [pid 6625] exit_group(0 [pid 6631] sendfile(4, 5, NULL, 281474978811909 [pid 6625] <... exit_group resumed>) = ? [pid 5069] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6625] +++ exited with 0 +++ [pid 5069] getdents64(4, [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6625, si_uid=0, si_status=0, si_utime=0, si_stime=28 /* 0.28 s */} --- [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4 [pid 6624] <... sendfile resumed>) = 1048576 [pid 5069] <... close resumed>) = 0 [pid 5069] rmdir("./129/file0") = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] umount2("./128", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] close(3) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] rmdir("./129" [pid 5068] openat(AT_FDCWD, "./128", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] <... rmdir resumed>) = 0 [pid 5068] <... openat resumed>) = 3 [pid 5069] mkdir("./130", 0777 [pid 5068] fstat(3, [pid 6624] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5069] <... mkdir resumed>) = 0 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6624] <... open resumed>) = -1 EFAULT (Bad address) [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 6624] exit_group(0 [pid 5069] <... openat resumed>) = 3 [pid 5068] umount2("./128/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6624] <... exit_group resumed>) = ? [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./128/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] unlink("./128/binderfs") = 0 [pid 6624] +++ exited with 0 +++ [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5068] umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] close(3 [pid 5066] <... umount2 resumed>) = 0 [pid 5066] umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./127/file0", [pid 5069] <... close resumed>) = 0 [pid 5066] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6624, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5066] umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./127/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(4, [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] umount2("./127", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] getdents64(4, [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 6634 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] close(4 [pid 5064] openat(AT_FDCWD, "./127", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] <... close resumed>) = 0 [pid 5066] rmdir("./127/file0" [pid 5064] <... openat resumed>) = 3 [pid 5066] <... rmdir resumed>) = 0 [pid 5064] fstat(3, [pid 5066] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] close(3 [pid 5064] getdents64(3, [pid 5066] <... close resumed>) = 0 [pid 5066] rmdir("./127" [pid 5064] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] <... rmdir resumed>) = 0 [pid 5066] mkdir("./128", 0777) = 0 [pid 5064] umount2("./127/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... openat resumed>) = 3 [pid 5064] lstat("./127/binderfs", ./strace-static-x86_64: Process 6634 attached [pid 5066] ioctl(3, LOOP_CLR_FD [pid 5064] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6634] chdir("./130" [pid 5066] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5064] unlink("./127/binderfs" [pid 6634] <... chdir resumed>) = 0 [pid 5066] close(3 [pid 5064] <... unlink resumed>) = 0 [pid 6634] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5066] <... close resumed>) = 0 [pid 5064] umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6634] <... prctl resumed>) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6635 ./strace-static-x86_64: Process 6635 attached [pid 6634] setpgid(0, 0 [pid 6635] chdir("./128" [pid 6634] <... setpgid resumed>) = 0 [pid 6635] <... chdir resumed>) = 0 [pid 6634] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6635] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6634] <... openat resumed>) = 3 [pid 6635] <... prctl resumed>) = 0 [pid 6634] write(3, "1000", 4 [pid 6635] setpgid(0, 0 [pid 6634] <... write resumed>) = 4 [pid 6635] <... setpgid resumed>) = 0 [pid 6634] close(3 [pid 6635] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6634] <... close resumed>) = 0 [pid 6635] <... openat resumed>) = 3 [pid 6634] symlink("/dev/binderfs", "./binderfs" [pid 6635] write(3, "1000", 4) = 4 [pid 6634] <... symlink resumed>) = 0 [pid 6635] close(3 [pid 6634] memfd_create("syzkaller", 0 [pid 6635] <... close resumed>) = 0 [pid 6634] <... memfd_create resumed>) = 3 [pid 6635] symlink("/dev/binderfs", "./binderfs" [pid 6634] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6635] <... symlink resumed>) = 0 [pid 6634] <... mmap resumed>) = 0x7fc0314e0000 [pid 6635] memfd_create("syzkaller", 0) = 3 [pid 6635] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5068] <... umount2 resumed>) = 0 [pid 6634] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6635] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5068] umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./128/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./128/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5068] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5068] rmdir("./128/file0") = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] close(3 [pid 6634] <... write resumed>) = 2097152 [pid 5068] <... close resumed>) = 0 [pid 5068] rmdir("./128") = 0 [pid 5068] mkdir("./129", 0777) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5068] close(3) = 0 [pid 5064] <... umount2 resumed>) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6636 [pid 6634] munmap(0x7fc0314e0000, 2097152./strace-static-x86_64: Process 6636 attached ) = 0 [pid 6634] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 6636] chdir("./129" [pid 6635] <... write resumed>) = 2097152 [pid 6635] munmap(0x7fc0314e0000, 2097152 [pid 6634] <... openat resumed>) = 4 [pid 6636] <... chdir resumed>) = 0 [pid 6634] ioctl(4, LOOP_SET_FD, 3 [pid 6636] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6635] <... munmap resumed>) = 0 [pid 6634] <... ioctl resumed>) = 0 [pid 6636] <... prctl resumed>) = 0 [pid 6635] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6636] setpgid(0, 0) = 0 [pid 6635] <... openat resumed>) = 4 [pid 6636] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6635] ioctl(4, LOOP_SET_FD, 3 [pid 6636] <... openat resumed>) = 3 [pid 5064] umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6636] write(3, "1000", 4 [pid 5064] lstat("./127/file0", [pid 6636] <... write resumed>) = 4 [pid 6634] close(3 [pid 6636] close(3 [pid 6634] <... close resumed>) = 0 [pid 5064] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6636] <... close resumed>) = 0 [pid 6634] mkdir("./file0", 0777 [pid 5064] umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6636] symlink("/dev/binderfs", "./binderfs" [pid 6635] <... ioctl resumed>) = 0 [pid 6634] <... mkdir resumed>) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6636] <... symlink resumed>) = 0 [pid 6635] close(3 [pid 6634] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5064] openat(AT_FDCWD, "./127/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6636] memfd_create("syzkaller", 0 [pid 5064] <... openat resumed>) = 4 [pid 5064] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6636] <... memfd_create resumed>) = 3 [pid 6635] <... close resumed>) = 0 [ 330.125972][ T6634] loop5: detected capacity change from 0 to 4096 [ 330.139709][ T6635] loop2: detected capacity change from 0 to 4096 [pid 5064] close(4 [pid 6636] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6635] mkdir("./file0", 0777 [pid 5064] <... close resumed>) = 0 [pid 6636] <... mmap resumed>) = 0x7fc0314e0000 [pid 5064] rmdir("./127/file0") = 0 [pid 6635] <... mkdir resumed>) = 0 [pid 5064] getdents64(3, [pid 6635] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5064] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] close(3) = 0 [pid 5064] rmdir("./127") = 0 [pid 5064] mkdir("./128", 0777) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5064] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5064] close(3) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6637 ./strace-static-x86_64: Process 6637 attached [pid 6637] chdir("./128") = 0 [pid 6637] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6637] setpgid(0, 0) = 0 [pid 6636] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [ 330.174772][ T6634] NILFS (loop5): invalid segment: Checksum error in segment payload [ 330.211465][ T6635] NILFS (loop2): invalid segment: Checksum error in segment payload [pid 6637] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6637] write(3, "1000", 4) = 4 [pid 6637] close(3) = 0 [pid 6637] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6637] memfd_create("syzkaller", 0) = 3 [pid 6637] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 330.242477][ T6634] NILFS (loop5): trying rollback from an earlier position [ 330.265611][ T6635] NILFS (loop2): trying rollback from an earlier position [ 330.331502][ T6634] NILFS (loop5): recovery complete [pid 6637] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6636] <... write resumed>) = 2097152 [pid 6636] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6636] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6636] ioctl(4, LOOP_SET_FD, 3 [pid 6634] <... mount resumed>) = 0 [pid 6634] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [ 330.354966][ T6635] NILFS (loop2): recovery complete [ 330.369402][ T6638] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 330.377297][ T6636] loop4: detected capacity change from 0 to 4096 [pid 6634] chdir("./file0") = 0 [pid 6635] <... mount resumed>) = 0 [pid 6634] ioctl(4, LOOP_CLR_FD [pid 6635] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6634] <... ioctl resumed>) = 0 [pid 6635] <... openat resumed>) = 3 [pid 6634] close(4 [pid 6635] chdir("./file0" [pid 6634] <... close resumed>) = 0 [pid 6635] <... chdir resumed>) = 0 [pid 6634] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6635] ioctl(4, LOOP_CLR_FD) = 0 [pid 6634] <... open resumed>) = 4 [pid 6635] close(4 [pid 6634] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6635] <... close resumed>) = 0 [pid 6634] <... open resumed>) = 5 [pid 6637] <... write resumed>) = 2097152 [pid 6635] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [ 330.395745][ T6639] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6634] ftruncate(5, 33587195 [pid 6635] <... open resumed>) = 4 [pid 6634] <... ftruncate resumed>) = 0 [pid 6635] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6634] sendfile(4, 5, NULL, 281474978811909 [pid 6636] <... ioctl resumed>) = 0 [pid 6635] <... open resumed>) = 5 [pid 6636] close(3) = 0 [pid 6636] mkdir("./file0", 0777 [pid 6635] ftruncate(5, 33587195 [pid 6636] <... mkdir resumed>) = 0 [pid 6635] <... ftruncate resumed>) = 0 [pid 6635] sendfile(4, 5, NULL, 281474978811909 [pid 6636] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6637] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6637] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6630] <... sendfile resumed>) = 1048576 [pid 6637] <... openat resumed>) = 4 [pid 6630] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6637] ioctl(4, LOOP_SET_FD, 3 [pid 6630] <... open resumed>) = -1 EFAULT (Bad address) [pid 6630] exit_group(0) = ? [pid 6630] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6630, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5067] umount2("./129", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./129", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6637] <... ioctl resumed>) = 0 [pid 5067] umount2("./129/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6637] close(3 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6637] <... close resumed>) = 0 [pid 5067] lstat("./129/binderfs", [pid 6637] mkdir("./file0", 0777 [pid 5067] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6637] <... mkdir resumed>) = 0 [pid 5067] unlink("./129/binderfs" [pid 6637] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5067] <... unlink resumed>) = 0 [ 330.492240][ T6637] loop0: detected capacity change from 0 to 4096 [ 330.519916][ T6636] NILFS (loop4): invalid segment: Checksum error in segment payload [ 330.577549][ T6636] NILFS (loop4): trying rollback from an earlier position [ 330.595194][ T6637] NILFS (loop0): invalid segment: Checksum error in segment payload [pid 5067] umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6636] <... mount resumed>) = 0 [ 330.642827][ T6637] NILFS (loop0): trying rollback from an earlier position [ 330.659949][ T6636] NILFS (loop4): recovery complete [pid 6636] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6636] chdir("./file0") = 0 [pid 6636] ioctl(4, LOOP_CLR_FD) = 0 [pid 6636] close(4) = 0 [pid 6636] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6636] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6636] ftruncate(5, 33587195) = 0 [ 330.699950][ T6640] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 330.737570][ T6637] NILFS (loop0): recovery complete [pid 6636] sendfile(4, 5, NULL, 281474978811909 [pid 6637] <... mount resumed>) = 0 [pid 6637] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6637] chdir("./file0") = 0 [pid 6637] ioctl(4, LOOP_CLR_FD) = 0 [pid 5067] <... umount2 resumed>) = 0 [pid 6637] close(4 [pid 6631] <... sendfile resumed>) = 1048576 [pid 5067] umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6637] <... close resumed>) = 0 [pid 6631] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6637] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6631] <... open resumed>) = -1 EFAULT (Bad address) [pid 6637] <... open resumed>) = 4 [pid 6631] exit_group(0 [pid 5067] lstat("./129/file0", [ 330.818077][ T6641] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6637] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6631] <... exit_group resumed>) = ? [pid 5067] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6637] <... open resumed>) = 5 [pid 6637] ftruncate(5, 33587195) = 0 [pid 6637] sendfile(4, 5, NULL, 281474978811909 [pid 6631] +++ exited with 0 +++ [pid 5067] umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6631, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} --- [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./129/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] fstat(4, [pid 5065] umount2("./127", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] openat(AT_FDCWD, "./127", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] <... openat resumed>) = 3 [pid 5067] close(4 [pid 5065] fstat(3, [pid 5067] <... close resumed>) = 0 [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] rmdir("./129/file0" [pid 5065] getdents64(3, [pid 5067] <... rmdir resumed>) = 0 [pid 5067] getdents64(3, [pid 5065] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] umount2("./127/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] close(3 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] <... close resumed>) = 0 [pid 5065] lstat("./127/binderfs", [pid 5067] rmdir("./129" [pid 5065] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] <... rmdir resumed>) = 0 [pid 5065] unlink("./127/binderfs") = 0 [pid 5067] mkdir("./130", 0777 [pid 5065] umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... mkdir resumed>) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6642 ./strace-static-x86_64: Process 6642 attached [pid 6642] chdir("./130") = 0 [pid 6642] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6642] setpgid(0, 0) = 0 [pid 6642] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6642] write(3, "1000", 4) = 4 [pid 6642] close(3) = 0 [pid 6642] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6642] memfd_create("syzkaller", 0) = 3 [pid 6642] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6642] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5065] <... umount2 resumed>) = 0 [pid 5065] umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./127/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./127/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6642] <... write resumed>) = 2097152 [pid 5065] close(4 [pid 6642] munmap(0x7fc0314e0000, 2097152 [pid 5065] <... close resumed>) = 0 [pid 6642] <... munmap resumed>) = 0 [pid 5065] rmdir("./127/file0" [pid 6642] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5065] <... rmdir resumed>) = 0 [pid 6642] <... openat resumed>) = 4 [pid 5065] getdents64(3, [pid 6642] ioctl(4, LOOP_SET_FD, 3 [pid 5065] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 6642] <... ioctl resumed>) = 0 [pid 5065] rmdir("./127" [pid 6642] close(3 [pid 5065] <... rmdir resumed>) = 0 [pid 6642] <... close resumed>) = 0 [pid 5065] mkdir("./128", 0777 [pid 6642] mkdir("./file0", 0777 [pid 5065] <... mkdir resumed>) = 0 [pid 6642] <... mkdir resumed>) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6642] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5065] <... openat resumed>) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6643 ./strace-static-x86_64: Process 6643 attached [pid 6643] chdir("./128") = 0 [pid 6643] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 331.245177][ T6642] loop3: detected capacity change from 0 to 4096 [pid 6643] setpgid(0, 0) = 0 [pid 6643] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6643] write(3, "1000", 4) = 4 [pid 6643] close(3) = 0 [pid 6643] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6643] memfd_create("syzkaller", 0) = 3 [pid 6643] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 331.304565][ T6642] NILFS (loop3): invalid segment: Checksum error in segment payload [ 331.322141][ T6642] NILFS (loop3): trying rollback from an earlier position [ 331.374171][ T6642] NILFS (loop3): recovery complete [pid 6643] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6642] <... mount resumed>) = 0 [pid 6642] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6634] <... sendfile resumed>) = 1048576 [pid 6642] chdir("./file0" [pid 6634] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6642] <... chdir resumed>) = 0 [pid 6642] ioctl(4, LOOP_CLR_FD [pid 6634] <... open resumed>) = -1 EFAULT (Bad address) [pid 6642] <... ioctl resumed>) = 0 [pid 6634] exit_group(0 [pid 6642] close(4 [pid 6634] <... exit_group resumed>) = ? [pid 6642] <... close resumed>) = 0 [pid 6642] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6634] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6634, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 6642] <... open resumed>) = 4 [pid 5069] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 6642] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5069] umount2("./130", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6642] ftruncate(5, 33587195 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6642] <... ftruncate resumed>) = 0 [pid 5069] openat(AT_FDCWD, "./130", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6642] sendfile(4, 5, NULL, 281474978811909 [pid 6643] <... write resumed>) = 2097152 [pid 5069] <... openat resumed>) = 3 [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./130/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 331.427645][ T6644] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5069] lstat("./130/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./130/binderfs" [pid 6643] munmap(0x7fc0314e0000, 2097152 [pid 5069] <... unlink resumed>) = 0 [pid 5069] umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6643] <... munmap resumed>) = 0 [pid 6643] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6643] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6643] close(3) = 0 [pid 6643] mkdir("./file0", 0777) = 0 [pid 6643] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6635] <... sendfile resumed>) = 1048576 [pid 6635] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [ 331.557774][ T6643] loop1: detected capacity change from 0 to 4096 [pid 6635] exit_group(0) = ? [pid 6635] +++ exited with 0 +++ [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6635, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=24 /* 0.24 s */} --- [pid 5066] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5066] umount2("./128", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./128", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5066] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] umount2("./128/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./128/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] unlink("./128/binderfs") = 0 [pid 5066] umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... umount2 resumed>) = 0 [pid 5069] umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./130/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./130/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 5069] rmdir("./130/file0") = 0 [ 331.663586][ T6643] NILFS (loop1): invalid segment: Checksum error in segment payload [ 331.685902][ T6643] NILFS (loop1): trying rollback from an earlier position [ 331.741478][ T6643] NILFS (loop1): recovery complete [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3 [pid 6643] <... mount resumed>) = 0 [pid 5069] <... close resumed>) = 0 [pid 5069] rmdir("./130" [pid 6643] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5069] <... rmdir resumed>) = 0 [pid 6643] <... openat resumed>) = 3 [pid 5069] mkdir("./131", 0777 [pid 6643] chdir("./file0" [pid 5069] <... mkdir resumed>) = 0 [pid 6643] <... chdir resumed>) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 6643] ioctl(4, LOOP_CLR_FD [pid 5069] <... openat resumed>) = 3 [pid 6643] <... ioctl resumed>) = 0 [pid 5069] ioctl(3, LOOP_CLR_FD [pid 6643] close(4 [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6643] <... close resumed>) = 0 [pid 5069] close(3 [pid 6643] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] <... close resumed>) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6643] <... open resumed>) = 4 [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 6646 [pid 6643] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 ./strace-static-x86_64: Process 6646 attached [ 331.769046][ T6645] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6643] ftruncate(5, 33587195 [pid 5066] <... umount2 resumed>) = 0 [pid 6646] chdir("./131" [pid 6643] <... ftruncate resumed>) = 0 [pid 6646] <... chdir resumed>) = 0 [pid 6643] sendfile(4, 5, NULL, 281474978811909 [pid 5066] umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6646] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6646] setpgid(0, 0 [pid 5066] lstat("./128/file0", [pid 6646] <... setpgid resumed>) = 0 [pid 5066] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6646] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5066] umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6646] <... openat resumed>) = 3 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6646] write(3, "1000", 4 [pid 5066] openat(AT_FDCWD, "./128/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6646] <... write resumed>) = 4 [pid 5066] <... openat resumed>) = 4 [pid 6646] close(3 [pid 5066] fstat(4, [pid 6646] <... close resumed>) = 0 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6646] symlink("/dev/binderfs", "./binderfs" [pid 5066] getdents64(4, [pid 6646] <... symlink resumed>) = 0 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6646] memfd_create("syzkaller", 0 [pid 6636] <... sendfile resumed>) = 1048576 [pid 5066] getdents64(4, [pid 6646] <... memfd_create resumed>) = 3 [pid 6636] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6646] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6636] <... open resumed>) = -1 EFAULT (Bad address) [pid 5066] close(4 [pid 6646] <... mmap resumed>) = 0x7fc0314e0000 [pid 6636] exit_group(0 [pid 5066] <... close resumed>) = 0 [pid 6636] <... exit_group resumed>) = ? [pid 5066] rmdir("./128/file0" [pid 6636] +++ exited with 0 +++ [pid 5066] <... rmdir resumed>) = 0 [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6636, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5066] getdents64(3, [pid 6637] <... sendfile resumed>) = 1048576 [pid 5066] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6637] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5066] close(3 [pid 6637] <... open resumed>) = -1 EFAULT (Bad address) [pid 5066] <... close resumed>) = 0 [pid 6637] exit_group(0 [pid 5066] rmdir("./128" [pid 6637] <... exit_group resumed>) = ? [pid 5066] <... rmdir resumed>) = 0 [pid 6637] +++ exited with 0 +++ [pid 5068] umount2("./129", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] mkdir("./129", 0777 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... mkdir resumed>) = 0 [pid 5068] openat(AT_FDCWD, "./129", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6646] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5068] <... openat resumed>) = 3 [pid 5066] <... openat resumed>) = 3 [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6637, si_uid=0, si_status=0, si_utime=0, si_stime=29 /* 0.29 s */} --- [pid 5068] fstat(3, [pid 5066] ioctl(3, LOOP_CLR_FD [pid 5064] restart_syscall(<... resuming interrupted clone ...> [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5064] <... restart_syscall resumed>) = 0 [pid 5068] getdents64(3, [pid 5066] close(3 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] <... close resumed>) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6647 [pid 5068] umount2("./129/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] umount2("./128", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./129/binderfs", [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] openat(AT_FDCWD, "./128", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] unlink("./129/binderfs" [pid 6646] <... write resumed>) = 2097152 [pid 5068] <... unlink resumed>) = 0 [pid 5064] <... openat resumed>) = 3 [pid 5068] umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] umount2("./128/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 6647 attached [pid 5064] lstat("./128/binderfs", [pid 6647] chdir("./129" [pid 5064] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6647] <... chdir resumed>) = 0 [pid 6647] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5064] unlink("./128/binderfs" [pid 6647] <... prctl resumed>) = 0 [pid 6647] setpgid(0, 0 [pid 5064] <... unlink resumed>) = 0 [pid 6647] <... setpgid resumed>) = 0 [pid 6647] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5064] umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6647] <... openat resumed>) = 3 [pid 6646] munmap(0x7fc0314e0000, 2097152 [pid 6647] write(3, "1000", 4) = 4 [pid 6646] <... munmap resumed>) = 0 [pid 6647] close(3 [pid 6646] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 6647] <... close resumed>) = 0 [pid 6646] <... openat resumed>) = 4 [pid 6647] symlink("/dev/binderfs", "./binderfs" [pid 6646] ioctl(4, LOOP_SET_FD, 3 [pid 6647] <... symlink resumed>) = 0 [pid 6646] <... ioctl resumed>) = 0 [pid 6647] memfd_create("syzkaller", 0 [pid 6646] close(3 [pid 6647] <... memfd_create resumed>) = 3 [pid 6646] <... close resumed>) = 0 [pid 6647] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6646] mkdir("./file0", 0777 [pid 6647] <... mmap resumed>) = 0x7fc0314e0000 [pid 6646] <... mkdir resumed>) = 0 [ 332.088552][ T6646] loop5: detected capacity change from 0 to 4096 [pid 6646] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] <... umount2 resumed>) = 0 [pid 6647] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5068] umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./129/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./129/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5068] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5068] rmdir("./129/file0") = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5068] rmdir("./129") = 0 [ 332.166210][ T6646] NILFS (loop5): invalid segment: Checksum error in segment payload [ 332.186660][ T6646] NILFS (loop5): trying rollback from an earlier position [pid 5068] mkdir("./130", 0777) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD [pid 6647] <... write resumed>) = 2097152 [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5064] <... umount2 resumed>) = 0 [pid 6647] munmap(0x7fc0314e0000, 2097152 [pid 5068] close(3 [pid 5064] umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6647] <... munmap resumed>) = 0 [ 332.237585][ T6646] NILFS (loop5): recovery complete [pid 6646] <... mount resumed>) = 0 [pid 5068] <... close resumed>) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6647] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6646] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5064] lstat("./128/file0", [pid 6647] <... openat resumed>) = 4 [pid 6646] <... openat resumed>) = 3 [pid 5064] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6647] ioctl(4, LOOP_SET_FD, 3 [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 6649 [pid 5064] umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6646] chdir("./file0" [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6646] <... chdir resumed>) = 0 [pid 5064] openat(AT_FDCWD, "./128/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6646] ioctl(4, LOOP_CLR_FD [pid 5064] <... openat resumed>) = 4 ./strace-static-x86_64: Process 6649 attached [pid 5064] fstat(4, [pid 6649] chdir("./130" [pid 6646] <... ioctl resumed>) = 0 [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6649] <... chdir resumed>) = 0 [pid 6646] close(4 [pid 5064] getdents64(4, [pid 6649] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6649] <... prctl resumed>) = 0 [pid 5064] getdents64(4, [pid 6649] setpgid(0, 0 [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6649] <... setpgid resumed>) = 0 [pid 5064] close(4 [pid 6649] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6646] <... close resumed>) = 0 [pid 5064] <... close resumed>) = 0 [pid 6649] <... openat resumed>) = 3 [pid 6647] <... ioctl resumed>) = 0 [pid 6646] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5064] rmdir("./128/file0" [pid 6649] write(3, "1000", 4 [pid 6647] close(3 [pid 5064] <... rmdir resumed>) = 0 [pid 6649] <... write resumed>) = 4 [pid 6647] <... close resumed>) = 0 [pid 5064] getdents64(3, [pid 6649] close(3 [pid 6647] mkdir("./file0", 0777 [pid 5064] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6649] <... close resumed>) = 0 [pid 6647] <... mkdir resumed>) = 0 [pid 5064] close(3 [pid 6649] symlink("/dev/binderfs", "./binderfs" [pid 6647] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5064] <... close resumed>) = 0 [pid 6649] <... symlink resumed>) = 0 [ 332.292468][ T6648] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 332.300590][ T6647] loop2: detected capacity change from 0 to 4096 [pid 5064] rmdir("./128" [pid 6649] memfd_create("syzkaller", 0 [pid 6646] <... open resumed>) = 4 [pid 5064] <... rmdir resumed>) = 0 [pid 6649] <... memfd_create resumed>) = 3 [pid 6646] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5064] mkdir("./129", 0777 [pid 6649] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6646] <... open resumed>) = 5 [pid 5064] <... mkdir resumed>) = 0 [pid 6649] <... mmap resumed>) = 0x7fc0314e0000 [pid 6646] ftruncate(5, 33587195 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5064] ioctl(3, LOOP_CLR_FD [pid 6646] <... ftruncate resumed>) = 0 [pid 5064] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5064] close(3 [pid 6646] sendfile(4, 5, NULL, 281474978811909 [pid 5064] <... close resumed>) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6650 ./strace-static-x86_64: Process 6650 attached [pid 6650] chdir("./129") = 0 [pid 6650] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6650] setpgid(0, 0) = 0 [pid 6650] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6649] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6650] write(3, "1000", 4) = 4 [pid 6650] close(3) = 0 [pid 6650] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6650] memfd_create("syzkaller", 0 [pid 6642] <... sendfile resumed>) = 1048576 [pid 6650] <... memfd_create resumed>) = 3 [ 332.351858][ T6647] NILFS (loop2): invalid segment: Checksum error in segment payload [pid 6642] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6650] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6642] <... open resumed>) = -1 EFAULT (Bad address) [pid 6650] <... mmap resumed>) = 0x7fc0314e0000 [pid 6642] exit_group(0) = ? [pid 6642] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6642, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=25 /* 0.25 s */} --- [pid 5067] umount2("./130", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./130", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./130/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./130/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./130/binderfs") = 0 [pid 5067] umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW [ 332.440201][ T6647] NILFS (loop2): trying rollback from an earlier position [pid 6650] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6649] <... write resumed>) = 2097152 [pid 6649] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6649] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 332.503303][ T6647] NILFS (loop2): recovery complete [pid 6649] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6649] close(3) = 0 [pid 6649] mkdir("./file0", 0777 [pid 6647] <... mount resumed>) = 0 [pid 6647] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6647] chdir("./file0") = 0 [pid 6647] ioctl(4, LOOP_CLR_FD) = 0 [pid 6647] close(4) = 0 [pid 6647] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6647] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6647] ftruncate(5, 33587195) = 0 [pid 6650] <... write resumed>) = 2097152 [pid 6649] <... mkdir resumed>) = 0 [pid 6647] sendfile(4, 5, NULL, 281474978811909 [pid 6649] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6650] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6650] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 332.540344][ T6649] loop4: detected capacity change from 0 to 4096 [ 332.559398][ T6651] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6650] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6650] close(3) = 0 [pid 6650] mkdir("./file0", 0777) = 0 [pid 6650] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5067] <... umount2 resumed>) = 0 [pid 5067] umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./130/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 332.629998][ T6650] loop0: detected capacity change from 0 to 4096 [ 332.647099][ T6649] NILFS (loop4): invalid segment: Checksum error in segment payload [ 332.655167][ T6649] NILFS (loop4): trying rollback from an earlier position [pid 5067] umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./130/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./130/file0") = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./130") = 0 [ 332.710563][ T6650] NILFS (loop0): invalid segment: Checksum error in segment payload [ 332.738126][ T6650] NILFS (loop0): trying rollback from an earlier position [pid 5067] mkdir("./131", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] close(3 [pid 6649] <... mount resumed>) = 0 [pid 5067] <... close resumed>) = 0 [pid 6649] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6649] <... openat resumed>) = 3 [pid 6649] chdir("./file0") = 0 [ 332.763908][ T6649] NILFS (loop4): recovery complete ./strace-static-x86_64: Process 6653 attached [pid 6649] ioctl(4, LOOP_CLR_FD) = 0 [pid 6649] close(4) = 0 [pid 6649] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5067] <... clone resumed>, child_tidptr=0x555556c965d0) = 6653 [pid 6649] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6653] chdir("./131" [pid 6649] ftruncate(5, 33587195 [pid 6653] <... chdir resumed>) = 0 [pid 6649] <... ftruncate resumed>) = 0 [pid 6643] <... sendfile resumed>) = 1048576 [pid 6649] sendfile(4, 5, NULL, 281474978811909 [pid 6643] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6653] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6643] <... open resumed>) = -1 EFAULT (Bad address) [pid 6643] exit_group(0) = ? [pid 6653] <... prctl resumed>) = 0 [pid 6643] +++ exited with 0 +++ [pid 6653] setpgid(0, 0 [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6643, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 5065] restart_syscall(<... resuming interrupted clone ...> [pid 6653] <... setpgid resumed>) = 0 [pid 5065] <... restart_syscall resumed>) = 0 [pid 5065] umount2("./128", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6653] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./128", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] fstat(3, [pid 6653] <... openat resumed>) = 3 [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6653] write(3, "1000", 4 [pid 5065] getdents64(3, [pid 6653] <... write resumed>) = 4 [pid 5065] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6653] close(3 [pid 5065] umount2("./128/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./128/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] unlink("./128/binderfs" [pid 6653] <... close resumed>) = 0 [ 332.789560][ T6652] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 332.814647][ T6650] NILFS (loop0): recovery complete [pid 5065] <... unlink resumed>) = 0 [pid 6653] symlink("/dev/binderfs", "./binderfs" [pid 5065] umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6653] <... symlink resumed>) = 0 [pid 6653] memfd_create("syzkaller", 0) = 3 [pid 6650] <... mount resumed>) = 0 [pid 6650] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6653] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6650] <... openat resumed>) = 3 [pid 6650] chdir("./file0" [pid 6653] <... mmap resumed>) = 0x7fc0314e0000 [pid 6650] <... chdir resumed>) = 0 [pid 6650] ioctl(4, LOOP_CLR_FD) = 0 [pid 6650] close(4) = 0 [pid 6650] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6650] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6650] ftruncate(5, 33587195) = 0 [ 332.868881][ T6654] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6650] sendfile(4, 5, NULL, 281474978811909 [pid 6653] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152 [pid 6653] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6653] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6653] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5065] <... umount2 resumed>) = 0 [pid 6653] close(3 [pid 5065] umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6653] <... close resumed>) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6653] mkdir("./file0", 0777 [pid 5065] lstat("./128/file0", [pid 6653] <... mkdir resumed>) = 0 [pid 6653] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5065] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./128/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [ 333.117210][ T6653] loop3: detected capacity change from 0 to 4096 [pid 5065] rmdir("./128/file0") = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 5065] rmdir("./128") = 0 [pid 5065] mkdir("./129", 0777) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6655 [ 333.180273][ T6653] NILFS (loop3): invalid segment: Checksum error in segment payload [ 333.188721][ T6653] NILFS (loop3): trying rollback from an earlier position [ 333.209998][ T6653] NILFS (loop3): recovery complete ./strace-static-x86_64: Process 6655 attached [pid 6653] <... mount resumed>) = 0 [pid 6655] chdir("./129" [pid 6653] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6655] <... chdir resumed>) = 0 [pid 6653] <... openat resumed>) = 3 [pid 6655] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6653] chdir("./file0" [pid 6655] <... prctl resumed>) = 0 [pid 6653] <... chdir resumed>) = 0 [pid 6655] setpgid(0, 0 [pid 6653] ioctl(4, LOOP_CLR_FD [pid 6655] <... setpgid resumed>) = 0 [pid 6653] <... ioctl resumed>) = 0 [pid 6655] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6653] close(4 [pid 6655] <... openat resumed>) = 3 [pid 6653] <... close resumed>) = 0 [pid 6655] write(3, "1000", 4 [pid 6653] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6655] <... write resumed>) = 4 [pid 6655] close(3 [pid 6653] <... open resumed>) = 4 [pid 6655] <... close resumed>) = 0 [pid 6653] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6655] symlink("/dev/binderfs", "./binderfs" [pid 6653] <... open resumed>) = 5 [pid 6655] <... symlink resumed>) = 0 [pid 6653] ftruncate(5, 33587195 [pid 6655] memfd_create("syzkaller", 0 [pid 6653] <... ftruncate resumed>) = 0 [pid 6655] <... memfd_create resumed>) = 3 [ 333.300320][ T6656] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6653] sendfile(4, 5, NULL, 281474978811909 [pid 6655] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6646] <... sendfile resumed>) = 1048576 [pid 6655] <... mmap resumed>) = 0x7fc0314e0000 [pid 6646] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6655] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6646] exit_group(0) = ? [pid 6646] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6646, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5069] umount2("./131", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./131", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./131/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./131/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./131/binderfs") = 0 [pid 5069] umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6655] <... write resumed>) = 2097152 [pid 6655] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6655] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6655] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6655] close(3) = 0 [pid 6655] mkdir("./file0", 0777) = 0 [pid 6655] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5069] <... umount2 resumed>) = 0 [pid 5069] umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./131/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./131/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 5069] rmdir("./131/file0") = 0 [ 333.590329][ T6655] loop1: detected capacity change from 0 to 4096 [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./131") = 0 [pid 5069] mkdir("./132", 0777) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5069] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6657 ./strace-static-x86_64: Process 6657 attached [pid 6657] chdir("./132" [pid 6647] <... sendfile resumed>) = 1048576 [pid 6657] <... chdir resumed>) = 0 [pid 6647] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6657] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6647] <... open resumed>) = -1 EFAULT (Bad address) [pid 6657] <... prctl resumed>) = 0 [pid 6647] exit_group(0 [pid 6657] setpgid(0, 0 [pid 6647] <... exit_group resumed>) = ? [pid 6657] <... setpgid resumed>) = 0 [pid 6657] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6647] +++ exited with 0 +++ [pid 6657] <... openat resumed>) = 3 [pid 6657] write(3, "1000", 4 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6647, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 6657] <... write resumed>) = 4 [pid 5066] umount2("./129", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6657] close(3 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6657] <... close resumed>) = 0 [pid 5066] openat(AT_FDCWD, "./129", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6657] symlink("/dev/binderfs", "./binderfs" [pid 5066] <... openat resumed>) = 3 [pid 6657] <... symlink resumed>) = 0 [pid 5066] fstat(3, [pid 6657] memfd_create("syzkaller", 0 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6657] <... memfd_create resumed>) = 3 [pid 5066] getdents64(3, [pid 6657] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5066] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6657] <... mmap resumed>) = 0x7fc0314e0000 [ 333.701104][ T6655] NILFS (loop1): invalid segment: Checksum error in segment payload [ 333.727729][ T6655] NILFS (loop1): trying rollback from an earlier position [pid 5066] umount2("./129/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./129/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] unlink("./129/binderfs") = 0 [pid 5066] umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW [ 333.811353][ T6655] NILFS (loop1): recovery complete [pid 6657] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6655] <... mount resumed>) = 0 [pid 6655] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6655] chdir("./file0") = 0 [pid 6655] ioctl(4, LOOP_CLR_FD) = 0 [pid 6655] close(4) = 0 [pid 6649] <... sendfile resumed>) = 1048576 [pid 6655] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6649] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6655] <... open resumed>) = 4 [pid 6655] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6649] <... open resumed>) = -1 EFAULT (Bad address) [pid 6655] <... open resumed>) = 5 [ 333.863191][ T6658] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6649] exit_group(0 [pid 6655] ftruncate(5, 33587195 [pid 6649] <... exit_group resumed>) = ? [pid 6655] <... ftruncate resumed>) = 0 [pid 6655] sendfile(4, 5, NULL, 281474978811909 [pid 6649] +++ exited with 0 +++ [pid 6657] <... write resumed>) = 2097152 [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6649, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 5068] umount2("./130", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6657] munmap(0x7fc0314e0000, 2097152 [pid 5068] openat(AT_FDCWD, "./130", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6657] <... munmap resumed>) = 0 [pid 5068] <... openat resumed>) = 3 [pid 6657] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5068] fstat(3, [pid 5066] <... umount2 resumed>) = 0 [pid 6657] <... openat resumed>) = 4 [pid 6657] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6657] close(3 [pid 5068] getdents64(3, [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6657] <... close resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] lstat("./129/file0", [pid 6657] mkdir("./file0", 0777 [pid 5068] umount2("./130/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6657] <... mkdir resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6657] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] lstat("./130/binderfs", [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] openat(AT_FDCWD, "./129/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] unlink("./130/binderfs" [pid 5066] <... openat resumed>) = 4 [pid 5068] <... unlink resumed>) = 0 [pid 5066] fstat(4, [pid 5068] umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 5066] rmdir("./129/file0") = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./129") = 0 [pid 5066] mkdir("./130", 0777) = 0 [ 333.968362][ T6657] loop5: detected capacity change from 0 to 4096 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5066] close(3) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6659 ./strace-static-x86_64: Process 6659 attached [pid 6659] chdir("./130") = 0 [pid 6659] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6659] setpgid(0, 0) = 0 [pid 6659] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6659] write(3, "1000", 4) = 4 [pid 6659] close(3) = 0 [pid 6659] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6659] memfd_create("syzkaller", 0) = 3 [pid 6659] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6650] <... sendfile resumed>) = 1048576 [pid 6650] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [ 334.056242][ T6657] NILFS (loop5): invalid segment: Checksum error in segment payload [ 334.064325][ T6657] NILFS (loop5): trying rollback from an earlier position [pid 6650] exit_group(0) = ? [pid 6650] +++ exited with 0 +++ [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6650, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=26 /* 0.26 s */} --- [pid 5064] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5064] umount2("./129", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./129", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5064] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] umount2("./129/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./129/binderfs", [pid 6659] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5064] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] unlink("./129/binderfs") = 0 [ 334.177119][ T6657] NILFS (loop5): recovery complete [pid 5064] umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6657] <... mount resumed>) = 0 [pid 6657] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5068] <... umount2 resumed>) = 0 [pid 6659] <... write resumed>) = 2097152 [pid 6657] chdir("./file0") = 0 [pid 6657] ioctl(4, LOOP_CLR_FD) = 0 [pid 6657] close(4) = 0 [pid 6657] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./130/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./130/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5068] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5068] rmdir("./130/file0") = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5068] rmdir("./130") = 0 [pid 5068] mkdir("./131", 0777 [pid 6659] munmap(0x7fc0314e0000, 2097152 [pid 6657] <... open resumed>) = 4 [pid 6659] <... munmap resumed>) = 0 [pid 6657] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] <... mkdir resumed>) = 0 [pid 6657] <... open resumed>) = 5 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6659] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6657] ftruncate(5, 33587195 [pid 5068] <... openat resumed>) = 3 [pid 6659] <... openat resumed>) = 4 [pid 6657] <... ftruncate resumed>) = 0 [pid 5068] ioctl(3, LOOP_CLR_FD [pid 6659] ioctl(4, LOOP_SET_FD, 3 [ 334.224059][ T6660] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6657] sendfile(4, 5, NULL, 281474978811909 [pid 6659] <... ioctl resumed>) = 0 [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6653] <... sendfile resumed>) = 1048576 [pid 5068] close(3) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6653] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 6661 [pid 6653] <... open resumed>) = -1 EFAULT (Bad address) [pid 6653] exit_group(0) = ? ./strace-static-x86_64: Process 6661 attached [pid 6661] chdir("./131") = 0 [pid 6661] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6661] setpgid(0, 0) = 0 [pid 6653] +++ exited with 0 +++ [pid 6661] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6653, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} --- [pid 6661] write(3, "1000", 4 [pid 5067] restart_syscall(<... resuming interrupted clone ...> [pid 6661] <... write resumed>) = 4 [pid 6661] close(3 [pid 6659] close(3 [pid 6661] <... close resumed>) = 0 [pid 6659] <... close resumed>) = 0 [pid 6661] symlink("/dev/binderfs", "./binderfs" [pid 6659] mkdir("./file0", 0777 [pid 6661] <... symlink resumed>) = 0 [pid 6659] <... mkdir resumed>) = 0 [pid 5067] <... restart_syscall resumed>) = 0 [pid 6661] memfd_create("syzkaller", 0 [pid 6659] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6661] <... memfd_create resumed>) = 3 [pid 6661] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5067] umount2("./131", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 334.286136][ T6659] loop2: detected capacity change from 0 to 4096 [pid 5067] openat(AT_FDCWD, "./131", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./131/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./131/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./131/binderfs") = 0 [pid 5067] umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... umount2 resumed>) = 0 [pid 5064] umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./129/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6661] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5064] openat(AT_FDCWD, "./129/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5064] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [ 334.405928][ T6659] NILFS (loop2): invalid segment: Checksum error in segment payload [ 334.414095][ T6659] NILFS (loop2): trying rollback from an earlier position [pid 5064] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] close(4) = 0 [pid 5064] rmdir("./129/file0") = 0 [pid 6659] <... mount resumed>) = 0 [pid 5064] getdents64(3, [pid 6659] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5064] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6659] <... openat resumed>) = 3 [pid 6659] chdir("./file0" [pid 5064] close(3 [pid 6659] <... chdir resumed>) = 0 [pid 5064] <... close resumed>) = 0 [pid 6659] ioctl(4, LOOP_CLR_FD [pid 5064] rmdir("./129" [pid 6659] <... ioctl resumed>) = 0 [pid 6659] close(4 [pid 5064] <... rmdir resumed>) = 0 [pid 6659] <... close resumed>) = 0 [pid 5064] mkdir("./130", 0777 [pid 6659] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5064] <... mkdir resumed>) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6659] <... open resumed>) = 4 [pid 6659] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5064] <... openat resumed>) = 3 [pid 5064] ioctl(3, LOOP_CLR_FD [pid 6659] <... open resumed>) = 5 [ 334.458294][ T6659] NILFS (loop2): recovery complete [ 334.472703][ T6662] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6659] ftruncate(5, 33587195 [pid 5064] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6661] <... write resumed>) = 2097152 [pid 6659] <... ftruncate resumed>) = 0 [pid 6659] sendfile(4, 5, NULL, 281474978811909 [pid 5064] close(3) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6663 [pid 6661] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6661] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6661] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 6663 attached ) = 0 [pid 5067] <... umount2 resumed>) = 0 [pid 6663] chdir("./130" [pid 5067] umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6663] <... chdir resumed>) = 0 [pid 6663] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6663] setpgid(0, 0 [pid 5067] lstat("./131/file0", [pid 6663] <... setpgid resumed>) = 0 [pid 6663] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5067] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6663] <... openat resumed>) = 3 [pid 5067] umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6663] write(3, "1000", 4 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6661] close(3) = 0 [pid 6661] mkdir("./file0", 0777 [pid 6663] <... write resumed>) = 4 [pid 6663] close(3 [pid 6661] <... mkdir resumed>) = 0 [pid 5067] openat(AT_FDCWD, "./131/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6663] <... close resumed>) = 0 [pid 6663] symlink("/dev/binderfs", "./binderfs" [pid 6661] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5067] <... openat resumed>) = 4 [pid 6663] <... symlink resumed>) = 0 [pid 5067] fstat(4, [pid 6663] memfd_create("syzkaller", 0 [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 334.576209][ T6661] loop4: detected capacity change from 0 to 4096 [pid 6663] <... memfd_create resumed>) = 3 [pid 5067] getdents64(4, [pid 6663] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6663] <... mmap resumed>) = 0x7fc0314e0000 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./131/file0") = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3 [pid 6663] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5067] <... close resumed>) = 0 [pid 5067] rmdir("./131") = 0 [pid 5067] mkdir("./132", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6664 ./strace-static-x86_64: Process 6664 attached [ 334.691311][ T6661] NILFS (loop4): invalid segment: Checksum error in segment payload [pid 6664] chdir("./132") = 0 [pid 6664] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6664] setpgid(0, 0) = 0 [pid 6664] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6664] write(3, "1000", 4) = 4 [pid 6664] close(3) = 0 [pid 6664] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6664] memfd_create("syzkaller", 0) = 3 [pid 6664] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6663] <... write resumed>) = 2097152 [pid 6663] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6663] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 334.733731][ T6661] NILFS (loop4): trying rollback from an earlier position [pid 6664] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6663] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6663] close(3) = 0 [pid 6663] mkdir("./file0", 0777) = 0 [ 334.810661][ T6663] loop0: detected capacity change from 0 to 4096 [ 334.812394][ T6661] NILFS (loop4): recovery complete [pid 6663] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6661] <... mount resumed>) = 0 [pid 6661] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6661] chdir("./file0") = 0 [pid 6661] ioctl(4, LOOP_CLR_FD) = 0 [pid 6661] close(4) = 0 [pid 6661] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6661] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6661] ftruncate(5, 33587195) = 0 [ 334.876485][ T6665] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 334.877087][ T6663] NILFS (loop0): invalid segment: Checksum error in segment payload [pid 6661] sendfile(4, 5, NULL, 281474978811909 [pid 6664] <... write resumed>) = 2097152 [pid 6664] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6664] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6664] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6664] close(3) = 0 [pid 6664] mkdir("./file0", 0777) = 0 [pid 6664] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6655] <... sendfile resumed>) = 1048576 [ 334.960695][ T6663] NILFS (loop0): trying rollback from an earlier position [ 334.968049][ T6664] loop3: detected capacity change from 0 to 4096 [ 334.992890][ T6664] NILFS (loop3): invalid segment: Checksum error in segment payload [pid 6655] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6655] exit_group(0) = ? [pid 6655] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6655, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5065] umount2("./129", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./129", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./129/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./129/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] unlink("./129/binderfs") = 0 [ 335.042444][ T6664] NILFS (loop3): trying rollback from an earlier position [pid 5065] umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6664] <... mount resumed>) = 0 [pid 6663] <... mount resumed>) = 0 [pid 6664] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [ 335.105542][ T6663] NILFS (loop0): recovery complete [ 335.112029][ T6664] NILFS (loop3): recovery complete [ 335.135724][ T6666] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6663] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6664] <... openat resumed>) = 3 [pid 6663] <... openat resumed>) = 3 [pid 6663] chdir("./file0") = 0 [pid 6663] ioctl(4, LOOP_CLR_FD [pid 6664] chdir("./file0" [pid 6663] <... ioctl resumed>) = 0 [pid 6664] <... chdir resumed>) = 0 [pid 6663] close(4 [pid 6664] ioctl(4, LOOP_CLR_FD [pid 6663] <... close resumed>) = 0 [pid 6664] <... ioctl resumed>) = 0 [pid 6663] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6664] close(4 [pid 6663] <... open resumed>) = 4 [pid 6664] <... close resumed>) = 0 [pid 6663] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6664] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6663] <... open resumed>) = 5 [ 335.141108][ T6667] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6663] ftruncate(5, 33587195 [pid 6664] <... open resumed>) = 4 [pid 6664] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6663] <... ftruncate resumed>) = 0 [pid 6664] <... open resumed>) = 5 [pid 6663] sendfile(4, 5, NULL, 281474978811909 [pid 6664] ftruncate(5, 33587195) = 0 [pid 6664] sendfile(4, 5, NULL, 281474978811909 [pid 5065] <... umount2 resumed>) = 0 [pid 5065] umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6657] <... sendfile resumed>) = 1048576 [pid 6657] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6657] <... open resumed>) = -1 EFAULT (Bad address) [pid 5065] lstat("./129/file0", [pid 6657] exit_group(0 [pid 5065] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6657] <... exit_group resumed>) = ? [pid 5065] umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6657] +++ exited with 0 +++ [pid 5065] openat(AT_FDCWD, "./129/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6657, si_uid=0, si_status=0, si_utime=0, si_stime=28 /* 0.28 s */} --- [pid 5069] restart_syscall(<... resuming interrupted clone ...> [pid 5065] <... openat resumed>) = 4 [pid 5069] <... restart_syscall resumed>) = 0 [pid 5069] umount2("./132", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./132", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, [pid 5065] fstat(4, [pid 5069] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./132/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] getdents64(4, [pid 5069] lstat("./132/binderfs", [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] getdents64(4, [pid 5069] unlink("./132/binderfs" [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] <... unlink resumed>) = 0 [pid 5065] close(4 [pid 5069] umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... close resumed>) = 0 [pid 5065] rmdir("./129/file0") = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 5065] rmdir("./129") = 0 [pid 5065] mkdir("./130", 0777) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6668 ./strace-static-x86_64: Process 6668 attached [pid 6668] chdir("./130") = 0 [pid 6668] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6668] setpgid(0, 0) = 0 [pid 6668] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6668] write(3, "1000", 4) = 4 [pid 6668] close(3) = 0 [pid 6668] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6668] memfd_create("syzkaller", 0) = 3 [pid 6668] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5069] <... umount2 resumed>) = 0 [pid 6668] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6659] <... sendfile resumed>) = 1048576 [pid 6659] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5069] umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6659] <... open resumed>) = -1 EFAULT (Bad address) [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6659] exit_group(0 [pid 5069] lstat("./132/file0", [pid 6659] <... exit_group resumed>) = ? [pid 6659] +++ exited with 0 +++ [pid 5069] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6659, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5069] umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./132/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] umount2("./130", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... openat resumed>) = 4 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] fstat(4, [pid 5066] openat(AT_FDCWD, "./130", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] <... openat resumed>) = 3 [pid 5069] getdents64(4, [pid 5066] fstat(3, [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] getdents64(3, [pid 5069] close(4 [pid 5066] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6668] <... write resumed>) = 2097152 [pid 5069] <... close resumed>) = 0 [pid 5066] umount2("./130/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] rmdir("./132/file0" [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... rmdir resumed>) = 0 [pid 5066] lstat("./130/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] getdents64(3, [pid 5066] unlink("./130/binderfs" [pid 5069] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3 [pid 5066] <... unlink resumed>) = 0 [pid 5069] <... close resumed>) = 0 [pid 5066] umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] rmdir("./132" [pid 6668] munmap(0x7fc0314e0000, 2097152 [pid 5069] <... rmdir resumed>) = 0 [pid 6661] <... sendfile resumed>) = 1048576 [pid 5069] mkdir("./133", 0777 [pid 6668] <... munmap resumed>) = 0 [pid 5069] <... mkdir resumed>) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 6668] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6661] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5069] <... openat resumed>) = 3 [pid 6661] <... open resumed>) = -1 EFAULT (Bad address) [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 6661] exit_group(0 [pid 6668] <... openat resumed>) = 4 [pid 6661] <... exit_group resumed>) = ? [pid 5069] close(3 [pid 6668] ioctl(4, LOOP_SET_FD, 3 [pid 5069] <... close resumed>) = 0 [pid 6661] +++ exited with 0 +++ [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6669 attached [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6661, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=20 /* 0.20 s */} --- [pid 6669] chdir("./133" [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 6669 [pid 6669] <... chdir resumed>) = 0 [pid 6669] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5068] umount2("./131", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6669] <... prctl resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6669] setpgid(0, 0 [pid 5068] openat(AT_FDCWD, "./131", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6669] <... setpgid resumed>) = 0 [pid 5068] <... openat resumed>) = 3 [pid 6669] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5068] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6669] <... openat resumed>) = 3 [pid 5068] getdents64(3, [pid 6669] write(3, "1000", 4 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6669] <... write resumed>) = 4 [pid 5068] umount2("./131/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6669] close(3 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6669] <... close resumed>) = 0 [pid 5068] lstat("./131/binderfs", [pid 6669] symlink("/dev/binderfs", "./binderfs" [pid 6668] <... ioctl resumed>) = 0 [pid 5068] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6669] <... symlink resumed>) = 0 [pid 6668] close(3 [pid 5068] unlink("./131/binderfs" [pid 6669] memfd_create("syzkaller", 0 [pid 6668] <... close resumed>) = 0 [pid 5068] <... unlink resumed>) = 0 [pid 6669] <... memfd_create resumed>) = 3 [pid 6668] mkdir("./file0", 0777 [pid 5068] umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6669] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6668] <... mkdir resumed>) = 0 [pid 6668] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6669] <... mmap resumed>) = 0x7fc0314e0000 [ 335.839528][ T6668] loop1: detected capacity change from 0 to 4096 [ 335.909998][ T6668] NILFS (loop1): invalid segment: Checksum error in segment payload [ 335.948716][ T6668] NILFS (loop1): trying rollback from an earlier position [pid 6669] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5066] <... umount2 resumed>) = 0 [pid 5066] umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./130/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./130/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] fstat(4, [pid 6669] <... write resumed>) = 2097152 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6669] munmap(0x7fc0314e0000, 2097152 [pid 5066] close(4 [pid 6669] <... munmap resumed>) = 0 [pid 5066] <... close resumed>) = 0 [pid 6669] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5066] rmdir("./130/file0" [pid 6669] ioctl(4, LOOP_SET_FD, 3 [pid 5066] <... rmdir resumed>) = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./130" [pid 5068] <... umount2 resumed>) = 0 [pid 5066] <... rmdir resumed>) = 0 [pid 5068] umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6669] <... ioctl resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] mkdir("./131", 0777 [pid 6669] close(3 [pid 5068] lstat("./131/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] <... mkdir resumed>) = 0 [pid 6669] <... close resumed>) = 0 [pid 6669] mkdir("./file0", 0777 [pid 5068] umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6669] <... mkdir resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... openat resumed>) = 3 [pid 6669] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] openat(AT_FDCWD, "./131/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [ 336.065177][ T6668] NILFS (loop1): recovery complete [ 336.079027][ T6669] loop5: detected capacity change from 0 to 4096 [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 6668] <... mount resumed>) = 0 [pid 5068] <... openat resumed>) = 4 [pid 5066] close(3 [pid 5068] fstat(4, [pid 5066] <... close resumed>) = 0 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] <... clone resumed>, child_tidptr=0x555556c965d0) = 6671 [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5068] rmdir("./131/file0") = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5068] rmdir("./131") = 0 [pid 5068] mkdir("./132", 0777) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5068] close(3) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6671 attached [pid 6668] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 6672 [pid 6671] chdir("./131") = 0 [pid 6668] <... openat resumed>) = 3 [pid 6671] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6668] chdir("./file0" [pid 6671] <... prctl resumed>) = 0 [pid 6668] <... chdir resumed>) = 0 [pid 6668] ioctl(4, LOOP_CLR_FD [pid 6671] setpgid(0, 0 [pid 6668] <... ioctl resumed>) = 0 [pid 6671] <... setpgid resumed>) = 0 [pid 6668] close(4./strace-static-x86_64: Process 6672 attached [pid 6671] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6668] <... close resumed>) = 0 [pid 6672] chdir("./132" [pid 6671] <... openat resumed>) = 3 [pid 6668] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6672] <... chdir resumed>) = 0 [pid 6671] write(3, "1000", 4 [pid 6672] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6671] <... write resumed>) = 4 [pid 6672] <... prctl resumed>) = 0 [pid 6671] close(3 [pid 6672] setpgid(0, 0 [pid 6671] <... close resumed>) = 0 [pid 6668] <... open resumed>) = 4 [pid 6672] <... setpgid resumed>) = 0 [pid 6671] symlink("/dev/binderfs", "./binderfs" [pid 6672] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6671] <... symlink resumed>) = 0 [pid 6672] <... openat resumed>) = 3 [pid 6671] memfd_create("syzkaller", 0 [pid 6672] write(3, "1000", 4 [pid 6671] <... memfd_create resumed>) = 3 [pid 6672] <... write resumed>) = 4 [pid 6671] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6672] close(3 [pid 6671] <... mmap resumed>) = 0x7fc0314e0000 [ 336.113451][ T6670] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6672] <... close resumed>) = 0 [pid 6668] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6672] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6668] <... open resumed>) = 5 [pid 6672] memfd_create("syzkaller", 0 [pid 6668] ftruncate(5, 33587195 [pid 6672] <... memfd_create resumed>) = 3 [pid 6672] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6668] <... ftruncate resumed>) = 0 [pid 6672] <... mmap resumed>) = 0x7fc0314e0000 [pid 6668] sendfile(4, 5, NULL, 281474978811909 [pid 6664] <... sendfile resumed>) = 1048576 [pid 6664] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6664] exit_group(0) = ? [pid 6671] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6664] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6664, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} --- [pid 5067] umount2("./132", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./132", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6672] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5067] <... openat resumed>) = 3 [ 336.161151][ T6669] NILFS (loop5): invalid segment: Checksum error in segment payload [ 336.195575][ T6669] NILFS (loop5): trying rollback from an earlier position [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./132/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6663] <... sendfile resumed>) = 1048576 [pid 5067] lstat("./132/binderfs", [pid 6663] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5067] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6663] <... open resumed>) = -1 EFAULT (Bad address) [ 336.269108][ T6669] NILFS (loop5): recovery complete [pid 5067] unlink("./132/binderfs" [pid 6671] <... write resumed>) = 2097152 [pid 6669] <... mount resumed>) = 0 [pid 6663] exit_group(0 [pid 5067] <... unlink resumed>) = 0 [pid 6671] munmap(0x7fc0314e0000, 2097152 [pid 6669] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6663] <... exit_group resumed>) = ? [pid 5067] umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6669] <... openat resumed>) = 3 [pid 6671] <... munmap resumed>) = 0 [pid 6669] chdir("./file0") = 0 [pid 6669] ioctl(4, LOOP_CLR_FD) = 0 [pid 6669] close(4) = 0 [pid 6663] +++ exited with 0 +++ [pid 6669] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6663, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=22 /* 0.22 s */} --- [pid 6671] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6669] <... open resumed>) = 4 [pid 6669] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6671] <... openat resumed>) = 4 [pid 6669] ftruncate(5, 33587195 [pid 6671] ioctl(4, LOOP_SET_FD, 3 [pid 6669] <... ftruncate resumed>) = 0 [ 336.293185][ T6673] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6669] sendfile(4, 5, NULL, 281474978811909 [pid 6672] <... write resumed>) = 2097152 [pid 6671] <... ioctl resumed>) = 0 [pid 6671] close(3) = 0 [pid 5064] umount2("./130", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6671] mkdir("./file0", 0777 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6671] <... mkdir resumed>) = 0 [pid 5064] openat(AT_FDCWD, "./130", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6671] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5064] <... openat resumed>) = 3 [pid 6672] munmap(0x7fc0314e0000, 2097152 [pid 5064] fstat(3, [pid 6672] <... munmap resumed>) = 0 [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6672] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5064] getdents64(3, [pid 6672] <... openat resumed>) = 4 [pid 5064] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6672] ioctl(4, LOOP_SET_FD, 3 [pid 5064] umount2("./130/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./130/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] unlink("./130/binderfs") = 0 [ 336.336614][ T6671] loop2: detected capacity change from 0 to 4096 [ 336.375125][ T6671] NILFS (loop2): invalid segment: Checksum error in segment payload [pid 5064] umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6672] <... ioctl resumed>) = 0 [pid 6672] close(3) = 0 [pid 6672] mkdir("./file0", 0777) = 0 [ 336.392168][ T6672] loop4: detected capacity change from 0 to 4096 [ 336.397326][ T6671] NILFS (loop2): trying rollback from an earlier position [pid 6672] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6671] <... mount resumed>) = 0 [pid 6671] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [ 336.478239][ T6672] NILFS (loop4): invalid segment: Checksum error in segment payload [ 336.489513][ T6671] NILFS (loop2): recovery complete [ 336.503634][ T6674] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6671] chdir("./file0") = 0 [pid 6671] ioctl(4, LOOP_CLR_FD) = 0 [pid 6671] close(4) = 0 [pid 6671] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6671] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6671] ftruncate(5, 33587195) = 0 [ 336.529422][ T6672] NILFS (loop4): trying rollback from an earlier position [pid 6671] sendfile(4, 5, NULL, 281474978811909 [pid 5067] <... umount2 resumed>) = 0 [pid 5064] <... umount2 resumed>) = 0 [pid 5064] umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./132/file0", [pid 5064] lstat("./130/file0", [ 336.611516][ T6672] NILFS (loop4): recovery complete [pid 5067] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6672] <... mount resumed>) = 0 [pid 5067] openat(AT_FDCWD, "./132/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] openat(AT_FDCWD, "./130/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6672] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5067] <... openat resumed>) = 4 [pid 5064] <... openat resumed>) = 4 [pid 6672] <... openat resumed>) = 3 [pid 5067] fstat(4, [pid 5064] fstat(4, [pid 6672] chdir("./file0" [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6672] <... chdir resumed>) = 0 [pid 5067] getdents64(4, [pid 5064] getdents64(4, [pid 6672] ioctl(4, LOOP_CLR_FD [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6672] <... ioctl resumed>) = 0 [pid 5067] getdents64(4, [pid 5064] getdents64(4, [pid 6672] close(4 [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6672] <... close resumed>) = 0 [pid 5067] close(4 [pid 5064] close(4 [pid 6672] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] <... close resumed>) = 0 [pid 5064] <... close resumed>) = 0 [ 336.678571][ T6675] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6672] <... open resumed>) = 4 [pid 5067] rmdir("./132/file0" [pid 5064] rmdir("./130/file0" [pid 6672] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] <... rmdir resumed>) = 0 [pid 5064] <... rmdir resumed>) = 0 [pid 5064] getdents64(3, [pid 6672] <... open resumed>) = 5 [pid 6672] ftruncate(5, 33587195 [pid 5067] getdents64(3, [pid 5064] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6672] <... ftruncate resumed>) = 0 [pid 5067] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] close(3 [pid 6672] sendfile(4, 5, NULL, 281474978811909 [pid 5067] close(3 [pid 5064] <... close resumed>) = 0 [pid 5064] rmdir("./130") = 0 [pid 5067] <... close resumed>) = 0 [pid 5064] mkdir("./131", 0777 [pid 5067] rmdir("./132" [pid 5064] <... mkdir resumed>) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5067] <... rmdir resumed>) = 0 [pid 5064] <... openat resumed>) = 3 [pid 5067] mkdir("./133", 0777 [pid 5064] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] <... mkdir resumed>) = 0 [pid 5064] close(3 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5064] <... close resumed>) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5067] <... openat resumed>) = 3 [pid 5064] <... clone resumed>, child_tidptr=0x555556c965d0) = 6676 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6677 ./strace-static-x86_64: Process 6677 attached ./strace-static-x86_64: Process 6676 attached [pid 6677] chdir("./133" [pid 6676] chdir("./131" [pid 6677] <... chdir resumed>) = 0 [pid 6676] <... chdir resumed>) = 0 [pid 6677] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6676] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6677] <... prctl resumed>) = 0 [pid 6676] <... prctl resumed>) = 0 [pid 6677] setpgid(0, 0 [pid 6676] setpgid(0, 0 [pid 6677] <... setpgid resumed>) = 0 [pid 6676] <... setpgid resumed>) = 0 [pid 6677] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6676] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6677] <... openat resumed>) = 3 [pid 6677] write(3, "1000", 4 [pid 6676] <... openat resumed>) = 3 [pid 6677] <... write resumed>) = 4 [pid 6676] write(3, "1000", 4 [pid 6677] close(3 [pid 6676] <... write resumed>) = 4 [pid 6677] <... close resumed>) = 0 [pid 6676] close(3 [pid 6677] symlink("/dev/binderfs", "./binderfs" [pid 6676] <... close resumed>) = 0 [pid 6677] <... symlink resumed>) = 0 [pid 6676] symlink("/dev/binderfs", "./binderfs" [pid 6677] memfd_create("syzkaller", 0 [pid 6676] <... symlink resumed>) = 0 [pid 6677] <... memfd_create resumed>) = 3 [pid 6676] memfd_create("syzkaller", 0 [pid 6677] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6676] <... memfd_create resumed>) = 3 [pid 6677] <... mmap resumed>) = 0x7fc0314e0000 [pid 6676] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6676] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6677] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152 [pid 6677] munmap(0x7fc0314e0000, 2097152 [pid 6676] <... write resumed>) = 2097152 [pid 6677] <... munmap resumed>) = 0 [pid 6676] munmap(0x7fc0314e0000, 2097152 [pid 6677] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6676] <... munmap resumed>) = 0 [pid 6677] ioctl(4, LOOP_SET_FD, 3 [pid 6676] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6676] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6677] <... ioctl resumed>) = 0 [pid 6676] close(3 [pid 6677] close(3 [pid 6676] <... close resumed>) = 0 [pid 6677] <... close resumed>) = 0 [pid 6676] mkdir("./file0", 0777 [pid 6677] mkdir("./file0", 0777 [pid 6676] <... mkdir resumed>) = 0 [pid 6677] <... mkdir resumed>) = 0 [pid 6676] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [ 337.064580][ T6677] loop3: detected capacity change from 0 to 4096 [ 337.076478][ T6676] loop0: detected capacity change from 0 to 4096 [ 337.123980][ T6676] NILFS (loop0): invalid segment: Checksum error in segment payload [ 337.135375][ T6677] NILFS (loop3): invalid segment: Checksum error in segment payload [ 337.152778][ T6676] NILFS (loop0): trying rollback from an earlier position [ 337.162831][ T6677] NILFS (loop3): trying rollback from an earlier position [pid 6677] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6676] <... mount resumed>) = 0 [pid 6668] <... sendfile resumed>) = 1048576 [pid 6676] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6668] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6676] <... openat resumed>) = 3 [pid 6668] <... open resumed>) = -1 EFAULT (Bad address) [pid 6676] chdir("./file0" [pid 6668] exit_group(0 [pid 6676] <... chdir resumed>) = 0 [pid 6668] <... exit_group resumed>) = ? [pid 6677] <... mount resumed>) = 0 [pid 6676] ioctl(4, LOOP_CLR_FD [pid 6668] +++ exited with 0 +++ [pid 6677] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6676] <... ioctl resumed>) = 0 [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6668, si_uid=0, si_status=0, si_utime=0, si_stime=24 /* 0.24 s */} --- [pid 6676] close(4) = 0 [pid 6676] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5065] umount2("./130", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./130", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./130/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6677] <... openat resumed>) = 3 [pid 5065] lstat("./130/binderfs", [pid 6677] chdir("./file0" [pid 6676] <... open resumed>) = 4 [pid 5065] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6677] <... chdir resumed>) = 0 [pid 6676] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5065] unlink("./130/binderfs" [pid 6677] ioctl(4, LOOP_CLR_FD [pid 6676] <... open resumed>) = 5 [pid 5065] <... unlink resumed>) = 0 [pid 6677] <... ioctl resumed>) = 0 [pid 6676] ftruncate(5, 33587195 [pid 5065] umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6677] close(4 [pid 6676] <... ftruncate resumed>) = 0 [pid 6677] <... close resumed>) = 0 [pid 6676] sendfile(4, 5, NULL, 281474978811909 [ 337.220299][ T6676] NILFS (loop0): recovery complete [ 337.229044][ T6677] NILFS (loop3): recovery complete [ 337.244638][ T6678] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 337.256149][ T6679] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6677] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6677] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6677] ftruncate(5, 33587195) = 0 [pid 6677] sendfile(4, 5, NULL, 281474978811909 [pid 6669] <... sendfile resumed>) = 1048576 [pid 6669] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6669] exit_group(0) = ? [pid 6669] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6669, si_uid=0, si_status=0, si_utime=0, si_stime=28 /* 0.28 s */} --- [pid 5069] umount2("./133", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./133", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./133/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./133/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./133/binderfs") = 0 [pid 5069] umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... umount2 resumed>) = 0 [pid 5065] umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./130/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./130/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [pid 5065] rmdir("./130/file0") = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 5065] rmdir("./130") = 0 [pid 5065] mkdir("./131", 0777) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6680 ./strace-static-x86_64: Process 6680 attached [pid 6671] <... sendfile resumed>) = 1048576 [pid 6680] chdir("./131" [pid 6671] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6680] <... chdir resumed>) = 0 [pid 6671] <... open resumed>) = -1 EFAULT (Bad address) [pid 6680] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6671] exit_group(0 [pid 6680] <... prctl resumed>) = 0 [pid 6671] <... exit_group resumed>) = ? [pid 6680] setpgid(0, 0 [pid 6671] +++ exited with 0 +++ [pid 6680] <... setpgid resumed>) = 0 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6671, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} --- [pid 6680] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6680] write(3, "1000", 4 [pid 5066] umount2("./131", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6680] <... write resumed>) = 4 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6680] close(3 [pid 5066] openat(AT_FDCWD, "./131", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6680] <... close resumed>) = 0 [pid 5066] <... openat resumed>) = 3 [pid 6680] symlink("/dev/binderfs", "./binderfs" [pid 5066] fstat(3, [pid 6680] <... symlink resumed>) = 0 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6680] memfd_create("syzkaller", 0 [pid 5066] getdents64(3, [pid 6680] <... memfd_create resumed>) = 3 [pid 5066] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6680] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5066] umount2("./131/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6680] <... mmap resumed>) = 0x7fc0314e0000 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./131/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] unlink("./131/binderfs") = 0 [pid 5066] umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... umount2 resumed>) = 0 [pid 5069] umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./133/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./133/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 5069] rmdir("./133/file0") = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./133") = 0 [pid 6680] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5069] mkdir("./134", 0777) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5069] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6681 ./strace-static-x86_64: Process 6681 attached [pid 6681] chdir("./134") = 0 [pid 6681] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6681] setpgid(0, 0) = 0 [pid 6681] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6681] write(3, "1000", 4) = 4 [pid 6681] close(3) = 0 [pid 6681] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6681] memfd_create("syzkaller", 0) = 3 [pid 6681] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6672] <... sendfile resumed>) = 1048576 [pid 6672] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6672] exit_group(0) = ? [pid 6672] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6672, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=24 /* 0.24 s */} --- [pid 5068] umount2("./132", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./132", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] umount2("./132/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./132/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] unlink("./132/binderfs") = 0 [pid 5068] umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6680] <... write resumed>) = 2097152 [pid 6680] munmap(0x7fc0314e0000, 2097152 [pid 6681] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6680] <... munmap resumed>) = 0 [pid 6680] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6680] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6680] close(3) = 0 [pid 6680] mkdir("./file0", 0777) = 0 [ 337.844843][ T6680] loop1: detected capacity change from 0 to 4096 [pid 6680] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5066] <... umount2 resumed>) = 0 [pid 5066] umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./131/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./131/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6681] <... write resumed>) = 2097152 [pid 5066] <... openat resumed>) = 4 [pid 5066] fstat(4, [pid 6681] munmap(0x7fc0314e0000, 2097152 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6681] <... munmap resumed>) = 0 [pid 5066] getdents64(4, [pid 6681] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 6681] ioctl(4, LOOP_SET_FD, 3 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 5066] rmdir("./131/file0") = 0 [ 337.918761][ T6680] NILFS (loop1): invalid segment: Checksum error in segment payload [ 337.955277][ T6681] loop5: detected capacity change from 0 to 4096 [pid 5066] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./131" [pid 6681] <... ioctl resumed>) = 0 [pid 6681] close(3) = 0 [pid 6681] mkdir("./file0", 0777 [pid 5066] <... rmdir resumed>) = 0 [pid 5066] mkdir("./132", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6681] <... mkdir resumed>) = 0 [pid 5066] <... openat resumed>) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 6681] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5066] close(3) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6682 [ 337.966683][ T6680] NILFS (loop1): trying rollback from an earlier position ./strace-static-x86_64: Process 6682 attached [pid 6682] chdir("./132") = 0 [pid 6682] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6682] setpgid(0, 0) = 0 [pid 6682] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6682] write(3, "1000", 4) = 4 [pid 6682] close(3) = 0 [pid 6682] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6682] memfd_create("syzkaller", 0) = 3 [pid 6682] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5068] <... umount2 resumed>) = 0 [pid 6680] <... mount resumed>) = 0 [pid 6680] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6680] chdir("./file0") = 0 [pid 6680] ioctl(4, LOOP_CLR_FD) = 0 [pid 6680] close(4) = 0 [ 338.040160][ T6681] NILFS (loop5): invalid segment: Checksum error in segment payload [ 338.058284][ T6680] NILFS (loop1): recovery complete [ 338.075907][ T6683] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6680] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5068] umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6680] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6680] ftruncate(5, 33587195 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6680] <... ftruncate resumed>) = 0 [pid 5068] lstat("./132/file0", [pid 6680] sendfile(4, 5, NULL, 281474978811909 [pid 5068] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./132/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5068] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5068] rmdir("./132/file0") = 0 [ 338.081490][ T6681] NILFS (loop5): trying rollback from an earlier position [pid 5068] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5068] rmdir("./132") = 0 [pid 5068] mkdir("./133", 0777 [pid 6682] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5068] <... mkdir resumed>) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5068] close(3) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6684 ./strace-static-x86_64: Process 6684 attached [pid 6684] chdir("./133") = 0 [ 338.183035][ T6681] NILFS (loop5): recovery complete [pid 6684] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6681] <... mount resumed>) = 0 [pid 6684] <... prctl resumed>) = 0 [pid 6681] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6684] setpgid(0, 0 [pid 6681] <... openat resumed>) = 3 [pid 6684] <... setpgid resumed>) = 0 [pid 6681] chdir("./file0" [pid 6684] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6681] <... chdir resumed>) = 0 [pid 6684] <... openat resumed>) = 3 [pid 6681] ioctl(4, LOOP_CLR_FD [pid 6684] write(3, "1000", 4 [pid 6681] <... ioctl resumed>) = 0 [pid 6684] <... write resumed>) = 4 [pid 6684] close(3 [pid 6681] close(4 [pid 6684] <... close resumed>) = 0 [pid 6681] <... close resumed>) = 0 [pid 6684] symlink("/dev/binderfs", "./binderfs" [pid 6681] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6684] <... symlink resumed>) = 0 [pid 6684] memfd_create("syzkaller", 0) = 3 [pid 6681] <... open resumed>) = 4 [pid 6684] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6682] <... write resumed>) = 2097152 [ 338.233244][ T6685] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6681] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6682] munmap(0x7fc0314e0000, 2097152 [pid 6684] <... mmap resumed>) = 0x7fc0314e0000 [pid 6681] <... open resumed>) = 5 [pid 6682] <... munmap resumed>) = 0 [pid 6682] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6682] ioctl(4, LOOP_SET_FD, 3 [pid 6681] ftruncate(5, 33587195 [pid 6684] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6682] <... ioctl resumed>) = 0 [pid 6681] <... ftruncate resumed>) = 0 [pid 6682] close(3 [pid 6681] sendfile(4, 5, NULL, 281474978811909 [pid 6682] <... close resumed>) = 0 [pid 6682] mkdir("./file0", 0777) = 0 [ 338.301001][ T6682] loop2: detected capacity change from 0 to 4096 [pid 6682] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6676] <... sendfile resumed>) = 1048576 [pid 6676] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6676] exit_group(0) = ? [pid 6676] +++ exited with 0 +++ [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6676, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=26 /* 0.26 s */} --- [pid 5064] umount2("./131", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./131", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5064] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] umount2("./131/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./131/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] unlink("./131/binderfs") = 0 [pid 6684] <... write resumed>) = 2097152 [pid 5064] umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6684] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6684] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6684] ioctl(4, LOOP_SET_FD, 3) = 0 [ 338.378193][ T6682] NILFS (loop2): invalid segment: Checksum error in segment payload [pid 6677] <... sendfile resumed>) = 1048576 [pid 6677] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6677] exit_group(0) = ? [pid 6684] close(3 [pid 6677] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6677, si_uid=0, si_status=0, si_utime=0, si_stime=24 /* 0.24 s */} --- [pid 6684] <... close resumed>) = 0 [pid 6684] mkdir("./file0", 0777 [pid 5067] umount2("./133", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6684] <... mkdir resumed>) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./133", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6684] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5067] <... openat resumed>) = 3 [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 338.436458][ T6684] loop4: detected capacity change from 0 to 4096 [ 338.447747][ T6682] NILFS (loop2): trying rollback from an earlier position [pid 5067] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./133/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./133/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./133/binderfs") = 0 [pid 5067] umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6682] <... mount resumed>) = 0 [pid 6682] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6682] chdir("./file0") = 0 [pid 6682] ioctl(4, LOOP_CLR_FD) = 0 [pid 6682] close(4) = 0 [pid 6682] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6682] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6682] ftruncate(5, 33587195) = 0 [ 338.491205][ T6684] NILFS (loop4): invalid segment: Checksum error in segment payload [ 338.518161][ T6684] NILFS (loop4): trying rollback from an earlier position [ 338.526908][ T6682] NILFS (loop2): recovery complete [ 338.575220][ T6684] NILFS (loop4): recovery complete [ 338.579327][ T6686] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6682] sendfile(4, 5, NULL, 281474978811909 [pid 6684] <... mount resumed>) = 0 [pid 6684] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6684] chdir("./file0") = 0 [pid 6684] ioctl(4, LOOP_CLR_FD) = 0 [pid 5064] <... umount2 resumed>) = 0 [ 338.615220][ T6687] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6684] close(4) = 0 [pid 5064] umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6684] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6684] <... open resumed>) = 4 [pid 5064] lstat("./131/file0", [pid 6684] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5064] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6684] ftruncate(5, 33587195 [pid 5064] umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6684] <... ftruncate resumed>) = 0 [pid 6684] sendfile(4, 5, NULL, 281474978811909 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./131/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5064] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] <... umount2 resumed>) = 0 [pid 5064] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] close(4) = 0 [pid 5064] rmdir("./131/file0") = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] close(3 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... close resumed>) = 0 [pid 5064] rmdir("./131" [pid 5067] lstat("./133/file0", [pid 5064] <... rmdir resumed>) = 0 [pid 5067] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] mkdir("./132", 0777 [pid 5067] umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] <... mkdir resumed>) = 0 [pid 5067] openat(AT_FDCWD, "./133/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5067] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] <... openat resumed>) = 3 [pid 5067] getdents64(4, [pid 5064] ioctl(3, LOOP_CLR_FD [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5067] getdents64(4, [pid 5064] close(3 [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] <... close resumed>) = 0 [pid 5067] close(4 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5067] <... close resumed>) = 0 [pid 5067] rmdir("./133/file0" [pid 5064] <... clone resumed>, child_tidptr=0x555556c965d0) = 6688 [pid 5067] <... rmdir resumed>) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./133") = 0 [pid 5067] mkdir("./134", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6689 ./strace-static-x86_64: Process 6689 attached [pid 6689] chdir("./134") = 0 [pid 6689] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6689] setpgid(0, 0) = 0 [pid 6689] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6689] write(3, "1000", 4) = 4 [pid 6689] close(3) = 0 [pid 6689] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6689] memfd_create("syzkaller", 0) = 3 [pid 6689] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 ./strace-static-x86_64: Process 6688 attached [pid 6688] chdir("./132") = 0 [pid 6689] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6688] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6688] setpgid(0, 0) = 0 [pid 6688] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6688] write(3, "1000", 4) = 4 [pid 6688] close(3) = 0 [pid 6688] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6688] memfd_create("syzkaller", 0) = 3 [pid 6688] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6688] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6689] <... write resumed>) = 2097152 [pid 6689] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6689] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6689] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6689] close(3) = 0 [pid 6689] mkdir("./file0", 0777 [pid 6680] <... sendfile resumed>) = 1048576 [pid 6689] <... mkdir resumed>) = 0 [pid 6688] <... write resumed>) = 2097152 [pid 6689] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6680] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [ 339.037354][ T6689] loop3: detected capacity change from 0 to 4096 [pid 6680] exit_group(0) = ? [pid 6688] munmap(0x7fc0314e0000, 2097152 [pid 6680] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6680, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 6688] <... munmap resumed>) = 0 [pid 6688] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5065] umount2("./131", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6688] <... openat resumed>) = 4 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6688] ioctl(4, LOOP_SET_FD, 3 [pid 5065] openat(AT_FDCWD, "./131", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./131/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./131/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] unlink("./131/binderfs") = 0 [pid 5065] umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6688] <... ioctl resumed>) = 0 [pid 6688] close(3) = 0 [ 339.082120][ T6689] NILFS (loop3): invalid segment: Checksum error in segment payload [ 339.115308][ T6688] loop0: detected capacity change from 0 to 4096 [pid 6688] mkdir("./file0", 0777) = 0 [ 339.172340][ T6689] NILFS (loop3): trying rollback from an earlier position [ 339.196844][ T6688] NILFS (loop0): invalid segment: Checksum error in segment payload [ 339.235982][ T6689] NILFS (loop3): recovery complete [ 339.243391][ T6688] NILFS (loop0): trying rollback from an earlier position [pid 6688] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6689] <... mount resumed>) = 0 [pid 6689] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6689] chdir("./file0") = 0 [pid 6689] ioctl(4, LOOP_CLR_FD) = 0 [ 339.282617][ T6690] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 339.302196][ T6688] NILFS (loop0): recovery complete [pid 6688] <... mount resumed>) = 0 [pid 6689] close(4 [pid 6688] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6689] <... close resumed>) = 0 [pid 6688] <... openat resumed>) = 3 [pid 6689] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6688] chdir("./file0" [pid 5065] <... umount2 resumed>) = 0 [pid 6689] <... open resumed>) = 4 [pid 6688] <... chdir resumed>) = 0 [pid 5065] umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW [ 339.333325][ T6691] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6689] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6688] ioctl(4, LOOP_CLR_FD [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6689] <... open resumed>) = 5 [pid 6688] <... ioctl resumed>) = 0 [pid 6689] ftruncate(5, 33587195 [pid 6688] close(4 [pid 5065] lstat("./131/file0", [pid 6689] <... ftruncate resumed>) = 0 [pid 6688] <... close resumed>) = 0 [pid 6681] <... sendfile resumed>) = 1048576 [pid 6689] sendfile(4, 5, NULL, 281474978811909 [pid 6688] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6681] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5065] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6688] <... open resumed>) = 4 [pid 6681] <... open resumed>) = -1 EFAULT (Bad address) [pid 5065] umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6688] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6681] exit_group(0) = ? [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6681] +++ exited with 0 +++ [pid 5065] openat(AT_FDCWD, "./131/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6681, si_uid=0, si_status=0, si_utime=0, si_stime=29 /* 0.29 s */} --- [pid 5065] <... openat resumed>) = 4 [pid 6688] <... open resumed>) = 5 [pid 5065] fstat(4, [pid 6688] ftruncate(5, 33587195 [pid 5069] umount2("./134", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6688] <... ftruncate resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] openat(AT_FDCWD, "./134", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] getdents64(4, [pid 6688] sendfile(4, 5, NULL, 281474978811909 [pid 5069] <... openat resumed>) = 3 [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] fstat(3, [pid 5065] getdents64(4, [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] getdents64(3, [pid 5065] close(4 [pid 5069] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./134/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... close resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] rmdir("./131/file0" [pid 5069] lstat("./134/binderfs", [pid 5065] <... rmdir resumed>) = 0 [pid 5069] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] getdents64(3, [pid 5069] unlink("./134/binderfs" [pid 5065] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] <... unlink resumed>) = 0 [pid 5065] close(3 [pid 5069] umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... close resumed>) = 0 [pid 5065] rmdir("./131") = 0 [pid 5065] mkdir("./132", 0777) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6692 ./strace-static-x86_64: Process 6692 attached [pid 6692] chdir("./132") = 0 [pid 6692] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6692] setpgid(0, 0) = 0 [pid 6692] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6692] write(3, "1000", 4) = 4 [pid 6692] close(3) = 0 [pid 6692] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6692] memfd_create("syzkaller", 0) = 3 [pid 6692] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6682] <... sendfile resumed>) = 1048576 [pid 6682] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6692] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6682] exit_group(0) = ? [pid 6682] +++ exited with 0 +++ [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6682, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 5066] umount2("./132", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./132", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5066] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] umount2("./132/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./132/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] unlink("./132/binderfs") = 0 [pid 5066] umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6684] <... sendfile resumed>) = 1048576 [pid 6684] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6684] exit_group(0 [pid 6692] <... write resumed>) = 2097152 [pid 6684] <... exit_group resumed>) = ? [pid 6684] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6684, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=24 /* 0.24 s */} --- [pid 5068] umount2("./133", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./133", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] fstat(3, [pid 5069] <... umount2 resumed>) = 0 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(3, [pid 5069] umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] umount2("./133/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] lstat("./134/file0", [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] lstat("./133/binderfs", [pid 6692] munmap(0x7fc0314e0000, 2097152 [pid 5069] umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6692] <... munmap resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] unlink("./133/binderfs" [pid 6692] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5069] openat(AT_FDCWD, "./134/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] <... unlink resumed>) = 0 [pid 6692] <... openat resumed>) = 4 [pid 5069] <... openat resumed>) = 4 [pid 5068] umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6692] ioctl(4, LOOP_SET_FD, 3 [pid 5069] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, [pid 6692] <... ioctl resumed>) = 0 [pid 6692] close(3) = 0 [pid 6692] mkdir("./file0", 0777) = 0 [pid 6692] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 5069] rmdir("./134/file0") = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./134") = 0 [pid 5069] mkdir("./135", 0777) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5069] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6693 ./strace-static-x86_64: Process 6693 attached [pid 6693] chdir("./135") = 0 [pid 6693] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 339.761000][ T6692] loop1: detected capacity change from 0 to 4096 [pid 6693] setpgid(0, 0) = 0 [pid 6693] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6693] write(3, "1000", 4) = 4 [pid 6693] close(3) = 0 [pid 6693] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6693] memfd_create("syzkaller", 0) = 3 [pid 6693] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5066] <... umount2 resumed>) = 0 [pid 5066] umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./132/file0", [pid 6693] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5066] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./132/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 5066] rmdir("./132/file0") = 0 [ 339.886959][ T6692] NILFS (loop1): invalid segment: Checksum error in segment payload [ 339.912336][ T6692] NILFS (loop1): trying rollback from an earlier position [pid 5066] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./132") = 0 [pid 5066] mkdir("./133", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5066] close(3 [pid 6692] <... mount resumed>) = 0 [ 339.976598][ T6692] NILFS (loop1): recovery complete [pid 5066] <... close resumed>) = 0 [pid 6692] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6692] <... openat resumed>) = 3 [pid 5066] <... clone resumed>, child_tidptr=0x555556c965d0) = 6695 [pid 6692] chdir("./file0" [pid 5068] <... umount2 resumed>) = 0 [pid 6692] <... chdir resumed>) = 0 ./strace-static-x86_64: Process 6695 attached [pid 6692] ioctl(4, LOOP_CLR_FD [pid 6695] chdir("./133" [pid 6692] <... ioctl resumed>) = 0 [pid 6695] <... chdir resumed>) = 0 [pid 6692] close(4 [pid 5068] umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6693] <... write resumed>) = 2097152 [pid 6695] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6692] <... close resumed>) = 0 [pid 5068] lstat("./133/file0", [pid 6695] <... prctl resumed>) = 0 [pid 6692] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6695] setpgid(0, 0 [pid 5068] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6695] <... setpgid resumed>) = 0 [pid 6692] <... open resumed>) = 4 [pid 5068] umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6695] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6692] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 339.997727][ T6694] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6695] <... openat resumed>) = 3 [pid 6692] <... open resumed>) = 5 [pid 5068] openat(AT_FDCWD, "./133/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6695] write(3, "1000", 4 [pid 6692] ftruncate(5, 33587195 [pid 5068] <... openat resumed>) = 4 [pid 6695] <... write resumed>) = 4 [pid 6692] <... ftruncate resumed>) = 0 [pid 5068] fstat(4, [pid 6695] close(3 [pid 6692] sendfile(4, 5, NULL, 281474978811909 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6695] <... close resumed>) = 0 [pid 6693] munmap(0x7fc0314e0000, 2097152 [pid 5068] getdents64(4, [pid 6695] symlink("/dev/binderfs", "./binderfs" [pid 6693] <... munmap resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6695] <... symlink resumed>) = 0 [pid 6693] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5068] getdents64(4, [pid 6695] memfd_create("syzkaller", 0 [pid 6693] <... openat resumed>) = 4 [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6695] <... memfd_create resumed>) = 3 [pid 6693] ioctl(4, LOOP_SET_FD, 3 [pid 5068] close(4 [pid 6695] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5068] <... close resumed>) = 0 [pid 6695] <... mmap resumed>) = 0x7fc0314e0000 [pid 5068] rmdir("./133/file0") = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5068] rmdir("./133") = 0 [pid 5068] mkdir("./134", 0777) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5068] close(3) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6693] <... ioctl resumed>) = 0 [pid 6693] close(3 [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 6696 [pid 6695] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6693] <... close resumed>) = 0 [pid 6693] mkdir("./file0", 0777) = 0 [ 340.081005][ T6693] loop5: detected capacity change from 0 to 4096 [pid 6693] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, ""./strace-static-x86_64: Process 6696 attached [pid 6696] chdir("./134") = 0 [pid 6696] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6696] setpgid(0, 0) = 0 [pid 6696] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6696] write(3, "1000", 4) = 4 [pid 6696] close(3) = 0 [pid 6696] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6696] memfd_create("syzkaller", 0) = 3 [pid 6696] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6695] <... write resumed>) = 2097152 [ 340.170483][ T6693] NILFS (loop5): invalid segment: Checksum error in segment payload [pid 6696] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6695] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6695] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6695] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6695] close(3) = 0 [pid 6695] mkdir("./file0", 0777) = 0 [ 340.229122][ T6693] NILFS (loop5): trying rollback from an earlier position [ 340.266760][ T6695] loop2: detected capacity change from 0 to 4096 [pid 6695] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6693] <... mount resumed>) = 0 [pid 6693] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6696] <... write resumed>) = 2097152 [pid 6693] <... openat resumed>) = 3 [pid 6693] chdir("./file0") = 0 [pid 6693] ioctl(4, LOOP_CLR_FD) = 0 [pid 6693] close(4) = 0 [pid 6693] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6696] munmap(0x7fc0314e0000, 2097152 [pid 6693] <... open resumed>) = 4 [pid 6696] <... munmap resumed>) = 0 [pid 6693] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6696] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6693] <... open resumed>) = 5 [pid 6696] <... openat resumed>) = 4 [pid 6693] ftruncate(5, 33587195 [pid 6696] ioctl(4, LOOP_SET_FD, 3 [pid 6693] <... ftruncate resumed>) = 0 [ 340.297577][ T6693] NILFS (loop5): recovery complete [ 340.312174][ T6695] NILFS (loop2): invalid segment: Checksum error in segment payload [ 340.323047][ T6697] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6696] <... ioctl resumed>) = 0 [pid 6693] sendfile(4, 5, NULL, 281474978811909 [pid 6696] close(3) = 0 [pid 6696] mkdir("./file0", 0777) = 0 [ 340.377874][ T6696] loop4: detected capacity change from 0 to 4096 [ 340.389130][ T6695] NILFS (loop2): trying rollback from an earlier position [pid 6696] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6688] <... sendfile resumed>) = 1048576 [pid 6688] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6688] exit_group(0) = ? [pid 6688] +++ exited with 0 +++ [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6688, si_uid=0, si_status=0, si_utime=0, si_stime=29 /* 0.29 s */} --- [pid 5064] umount2("./132", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./132", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5064] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] umount2("./132/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./132/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] unlink("./132/binderfs") = 0 [pid 5064] umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6695] <... mount resumed>) = 0 [ 340.461811][ T6696] NILFS (loop4): invalid segment: Checksum error in segment payload [ 340.478101][ T6695] NILFS (loop2): recovery complete [ 340.500209][ T6696] NILFS (loop4): trying rollback from an earlier position [pid 6695] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6695] chdir("./file0") = 0 [pid 6695] ioctl(4, LOOP_CLR_FD) = 0 [pid 6695] close(4) = 0 [pid 6695] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6689] <... sendfile resumed>) = 1048576 [pid 6689] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6695] <... open resumed>) = 4 [pid 6689] exit_group(0) = ? [pid 6695] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6689] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6689, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5067] restart_syscall(<... resuming interrupted clone ...> [pid 6695] <... open resumed>) = 5 [pid 5067] <... restart_syscall resumed>) = 0 [pid 6695] ftruncate(5, 33587195 [pid 5067] umount2("./134", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6695] <... ftruncate resumed>) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./134", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, [pid 6695] sendfile(4, 5, NULL, 281474978811909 [pid 5067] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./134/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./134/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./134/binderfs") = 0 [ 340.527775][ T6698] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 340.557528][ T6696] NILFS (loop4): recovery complete [pid 5067] umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6696] <... mount resumed>) = 0 [pid 6696] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6696] chdir("./file0") = 0 [pid 6696] ioctl(4, LOOP_CLR_FD) = 0 [pid 6696] close(4) = 0 [pid 6696] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6696] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6696] ftruncate(5, 33587195) = 0 [ 340.591569][ T6699] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6696] sendfile(4, 5, NULL, 281474978811909 [pid 5064] <... umount2 resumed>) = 0 [pid 5064] umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./132/file0", [pid 5067] <... umount2 resumed>) = 0 [pid 5067] umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] lstat("./134/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] openat(AT_FDCWD, "./132/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./134/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] <... openat resumed>) = 4 [pid 5067] <... openat resumed>) = 4 [pid 5067] fstat(4, [pid 5064] fstat(4, [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] getdents64(4, [pid 5067] getdents64(4, [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] getdents64(4, [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4 [pid 5064] close(4 [pid 5067] <... close resumed>) = 0 [pid 5067] rmdir("./134/file0" [pid 5064] <... close resumed>) = 0 [pid 5067] <... rmdir resumed>) = 0 [pid 5067] getdents64(3, [pid 5064] rmdir("./132/file0" [pid 5067] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3 [pid 5064] <... rmdir resumed>) = 0 [pid 5067] <... close resumed>) = 0 [pid 5064] getdents64(3, [pid 5067] rmdir("./134" [pid 5064] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] <... rmdir resumed>) = 0 [pid 5067] mkdir("./135", 0777 [pid 5064] close(3 [pid 5067] <... mkdir resumed>) = 0 [pid 5064] <... close resumed>) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5064] rmdir("./132" [pid 5067] <... openat resumed>) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD [pid 5064] <... rmdir resumed>) = 0 [pid 5067] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5067] close(3 [pid 5064] mkdir("./133", 0777 [pid 5067] <... close resumed>) = 0 [pid 5064] <... mkdir resumed>) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5067] <... clone resumed>, child_tidptr=0x555556c965d0) = 6700 [pid 5064] <... openat resumed>) = 3 [pid 5064] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 6700 attached ) = -1 ENXIO (No such device or address) [pid 6700] chdir("./135" [pid 5064] close(3 [pid 6700] <... chdir resumed>) = 0 [pid 6700] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5064] <... close resumed>) = 0 [pid 6700] <... prctl resumed>) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6700] setpgid(0, 0) = 0 [pid 5064] <... clone resumed>, child_tidptr=0x555556c965d0) = 6701 [pid 6700] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6700] write(3, "1000", 4./strace-static-x86_64: Process 6701 attached ) = 4 [pid 6700] close(3 [pid 6701] chdir("./133" [pid 6700] <... close resumed>) = 0 [pid 6701] <... chdir resumed>) = 0 [pid 6700] symlink("/dev/binderfs", "./binderfs" [pid 6701] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6700] <... symlink resumed>) = 0 [pid 6701] <... prctl resumed>) = 0 [pid 6700] memfd_create("syzkaller", 0 [pid 6701] setpgid(0, 0 [pid 6700] <... memfd_create resumed>) = 3 [pid 6701] <... setpgid resumed>) = 0 [pid 6700] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6701] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6700] <... mmap resumed>) = 0x7fc0314e0000 [pid 6701] <... openat resumed>) = 3 [pid 6701] write(3, "1000", 4) = 4 [pid 6701] close(3) = 0 [pid 6701] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6701] memfd_create("syzkaller", 0) = 3 [pid 6701] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6700] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6701] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6692] <... sendfile resumed>) = 1048576 [pid 6692] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6692] exit_group(0) = ? [pid 6692] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6692, si_uid=0, si_status=0, si_utime=0, si_stime=31 /* 0.31 s */} --- [pid 5065] umount2("./132", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./132", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./132/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./132/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] unlink("./132/binderfs") = 0 [pid 5065] umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6701] <... write resumed>) = 2097152 [pid 6701] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6701] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6701] ioctl(4, LOOP_SET_FD, 3 [pid 6700] <... write resumed>) = 2097152 [pid 6700] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6700] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6700] ioctl(4, LOOP_SET_FD, 3 [pid 6701] <... ioctl resumed>) = 0 [pid 6701] close(3) = 0 [pid 6701] mkdir("./file0", 0777) = 0 [pid 6701] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6700] <... ioctl resumed>) = 0 [pid 6700] close(3) = 0 [pid 6700] mkdir("./file0", 0777) = 0 [ 341.192023][ T6701] loop0: detected capacity change from 0 to 4096 [ 341.200431][ T6700] loop3: detected capacity change from 0 to 4096 [ 341.252091][ T6701] NILFS (loop0): invalid segment: Checksum error in segment payload [ 341.285515][ T6701] NILFS (loop0): trying rollback from an earlier position [ 341.295189][ T6700] NILFS (loop3): invalid segment: Checksum error in segment payload [ 341.318085][ T6701] NILFS (loop0): recovery complete [pid 6700] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6701] <... mount resumed>) = 0 [pid 6701] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6701] chdir("./file0") = 0 [pid 6701] ioctl(4, LOOP_CLR_FD) = 0 [pid 6701] close(4) = 0 [pid 6701] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5065] <... umount2 resumed>) = 0 [pid 6701] <... open resumed>) = 4 [ 341.355038][ T6700] NILFS (loop3): trying rollback from an earlier position [ 341.367065][ T6702] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6701] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5065] umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6701] <... open resumed>) = 5 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6701] ftruncate(5, 33587195 [pid 5065] lstat("./132/file0", [pid 6701] <... ftruncate resumed>) = 0 [pid 6701] sendfile(4, 5, NULL, 281474978811909 [pid 5065] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./132/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [ 341.451197][ T6700] NILFS (loop3): recovery complete [pid 5065] close(4 [pid 6700] <... mount resumed>) = 0 [pid 6695] <... sendfile resumed>) = 1048576 [pid 6693] <... sendfile resumed>) = 1048576 [pid 5065] <... close resumed>) = 0 [pid 6700] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6695] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6693] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5065] rmdir("./132/file0" [pid 6700] chdir("./file0" [pid 6695] <... open resumed>) = -1 EFAULT (Bad address) [pid 6693] <... open resumed>) = -1 EFAULT (Bad address) [pid 6700] <... chdir resumed>) = 0 [pid 6695] exit_group(0 [pid 6693] exit_group(0 [pid 5065] <... rmdir resumed>) = 0 [pid 6700] ioctl(4, LOOP_CLR_FD [pid 6695] <... exit_group resumed>) = ? [pid 6693] <... exit_group resumed>) = ? [pid 5065] getdents64(3, [pid 6700] <... ioctl resumed>) = 0 [pid 6700] close(4 [pid 6695] +++ exited with 0 +++ [pid 6700] <... close resumed>) = 0 [pid 6693] +++ exited with 0 +++ [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6695, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=23 /* 0.23 s */} --- [pid 5065] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6700] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6693, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5066] restart_syscall(<... resuming interrupted clone ...> [pid 5065] close(3 [pid 6700] <... open resumed>) = 4 [ 341.497395][ T6703] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5066] <... restart_syscall resumed>) = 0 [pid 5065] <... close resumed>) = 0 [pid 6700] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5069] umount2("./135", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6700] ftruncate(5, 33587195 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] umount2("./133", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] rmdir("./132" [pid 6700] <... ftruncate resumed>) = 0 [pid 5069] openat(AT_FDCWD, "./135", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6700] sendfile(4, 5, NULL, 281474978811909 [pid 5069] <... openat resumed>) = 3 [pid 5066] openat(AT_FDCWD, "./133", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] <... rmdir resumed>) = 0 [pid 5069] fstat(3, [pid 5066] <... openat resumed>) = 3 [pid 5065] mkdir("./133", 0777 [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] fstat(3, [pid 5069] getdents64(3, [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] <... mkdir resumed>) = 0 [pid 5069] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] getdents64(3, [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5069] umount2("./135/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] umount2("./133/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... openat resumed>) = 3 [pid 5069] lstat("./135/binderfs", [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] lstat("./133/binderfs", [pid 5069] unlink("./135/binderfs" [pid 5066] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] <... unlink resumed>) = 0 [pid 5066] unlink("./133/binderfs" [pid 5069] umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... unlink resumed>) = 0 [pid 5066] umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6704 ./strace-static-x86_64: Process 6704 attached [pid 6704] chdir("./133") = 0 [pid 6704] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6704] setpgid(0, 0) = 0 [pid 6704] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6704] write(3, "1000", 4) = 4 [pid 6704] close(3) = 0 [pid 6704] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6704] memfd_create("syzkaller", 0) = 3 [pid 6704] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6704] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6696] <... sendfile resumed>) = 1048576 [pid 6696] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6696] exit_group(0) = ? [pid 6696] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6696, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5068] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5068] umount2("./134", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./134", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] umount2("./134/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./134/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] unlink("./134/binderfs") = 0 [pid 5069] <... umount2 resumed>) = 0 [pid 5068] umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./135/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./135/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 5069] rmdir("./135/file0") = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./135") = 0 [pid 6704] <... write resumed>) = 2097152 [pid 5069] mkdir("./136", 0777 [pid 5066] <... umount2 resumed>) = 0 [pid 5069] <... mkdir resumed>) = 0 [pid 6704] munmap(0x7fc0314e0000, 2097152 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5066] umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6704] <... munmap resumed>) = 0 [pid 5069] <... openat resumed>) = 3 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6704] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5066] lstat("./133/file0", [pid 6704] <... openat resumed>) = 4 [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6704] ioctl(4, LOOP_SET_FD, 3 [pid 5069] close(3 [pid 5066] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] <... close resumed>) = 0 [pid 5066] umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./133/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6704] <... ioctl resumed>) = 0 [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 6705 [pid 6704] close(3 [pid 5066] <... openat resumed>) = 4 [pid 6704] <... close resumed>) = 0 [pid 5066] fstat(4, [pid 6704] mkdir("./file0", 0777 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(4, ./strace-static-x86_64: Process 6705 attached [pid 6704] <... mkdir resumed>) = 0 [pid 6705] chdir("./136" [pid 6704] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6705] <... chdir resumed>) = 0 [pid 5066] getdents64(4, [pid 6705] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6705] <... prctl resumed>) = 0 [pid 5066] close(4 [pid 6705] setpgid(0, 0) = 0 [pid 5066] <... close resumed>) = 0 [pid 6705] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5066] rmdir("./133/file0" [pid 6705] <... openat resumed>) = 3 [pid 6705] write(3, "1000", 4 [pid 5066] <... rmdir resumed>) = 0 [pid 6705] <... write resumed>) = 4 [pid 5066] getdents64(3, [pid 6705] close(3 [pid 5066] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6705] <... close resumed>) = 0 [pid 5066] close(3 [pid 6705] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5066] <... close resumed>) = 0 [pid 6705] memfd_create("syzkaller", 0 [pid 5066] rmdir("./133" [pid 6705] <... memfd_create resumed>) = 3 [pid 6705] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5066] <... rmdir resumed>) = 0 [pid 6705] <... mmap resumed>) = 0x7fc0314e0000 [pid 5066] mkdir("./134", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 341.892218][ T6704] loop1: detected capacity change from 0 to 4096 [pid 5066] close(3) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6706 [pid 6705] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152./strace-static-x86_64: Process 6706 attached [pid 6706] chdir("./134") = 0 [pid 6706] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6706] setpgid(0, 0) = 0 [pid 6706] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6706] write(3, "1000", 4) = 4 [pid 6706] close(3) = 0 [pid 6706] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6706] memfd_create("syzkaller", 0) = 3 [pid 6706] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 341.960252][ T6704] NILFS (loop1): invalid segment: Checksum error in segment payload [ 342.016063][ T6704] NILFS (loop1): trying rollback from an earlier position [pid 6706] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5068] <... umount2 resumed>) = 0 [pid 5068] umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./134/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./134/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5068] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6705] <... write resumed>) = 2097152 [pid 5068] getdents64(4, [pid 6705] munmap(0x7fc0314e0000, 2097152 [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5068] rmdir("./134/file0") = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6705] <... munmap resumed>) = 0 [pid 5068] close(3 [pid 6705] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5068] <... close resumed>) = 0 [pid 6705] <... openat resumed>) = 4 [pid 5068] rmdir("./134" [ 342.108972][ T6704] NILFS (loop1): recovery complete [pid 6705] ioctl(4, LOOP_SET_FD, 3 [pid 6704] <... mount resumed>) = 0 [pid 5068] <... rmdir resumed>) = 0 [pid 6704] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6704] chdir("./file0") = 0 [pid 6704] ioctl(4, LOOP_CLR_FD) = 0 [pid 6704] close(4) = 0 [pid 5068] mkdir("./135", 0777 [pid 6704] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5068] <... mkdir resumed>) = 0 [pid 6704] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6704] ftruncate(5, 33587195 [pid 5068] <... openat resumed>) = 3 [pid 6704] <... ftruncate resumed>) = 0 [pid 5068] ioctl(3, LOOP_CLR_FD [pid 6704] sendfile(4, 5, NULL, 281474978811909 [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5068] close(3) = 0 [pid 6705] <... ioctl resumed>) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6705] close(3) = 0 [ 342.153024][ T6705] loop5: detected capacity change from 0 to 4096 [ 342.155846][ T6707] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 6708 ./strace-static-x86_64: Process 6708 attached [pid 6706] <... write resumed>) = 2097152 [pid 6705] mkdir("./file0", 0777 [pid 6708] chdir("./135" [pid 6705] <... mkdir resumed>) = 0 [pid 6708] <... chdir resumed>) = 0 [pid 6705] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6708] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6708] setpgid(0, 0) = 0 [pid 6708] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6708] write(3, "1000", 4) = 4 [pid 6706] munmap(0x7fc0314e0000, 2097152 [pid 6708] close(3 [pid 6706] <... munmap resumed>) = 0 [pid 6708] <... close resumed>) = 0 [pid 6706] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6708] symlink("/dev/binderfs", "./binderfs" [pid 6706] <... openat resumed>) = 4 [pid 6708] <... symlink resumed>) = 0 [pid 6706] ioctl(4, LOOP_SET_FD, 3 [pid 6708] memfd_create("syzkaller", 0) = 3 [pid 6708] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6706] <... ioctl resumed>) = 0 [pid 6706] close(3) = 0 [pid 6706] mkdir("./file0", 0777) = 0 [pid 6706] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6701] <... sendfile resumed>) = 1048576 [pid 6701] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6701] exit_group(0) = ? [ 342.265202][ T6706] loop2: detected capacity change from 0 to 4096 [ 342.277011][ T6705] NILFS (loop5): invalid segment: Checksum error in segment payload [ 342.285093][ T6705] NILFS (loop5): trying rollback from an earlier position [pid 6708] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6701] +++ exited with 0 +++ [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6701, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5064] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5064] umount2("./133", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./133", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5064] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] umount2("./133/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./133/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] unlink("./133/binderfs") = 0 [pid 5064] umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6708] <... write resumed>) = 2097152 [ 342.356384][ T6705] NILFS (loop5): recovery complete [pid 6708] munmap(0x7fc0314e0000, 2097152 [pid 6705] <... mount resumed>) = 0 [pid 6705] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6705] chdir("./file0" [pid 6708] <... munmap resumed>) = 0 [pid 6705] <... chdir resumed>) = 0 [pid 6708] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6708] ioctl(4, LOOP_SET_FD, 3 [ 342.381465][ T6706] NILFS (loop2): invalid segment: Checksum error in segment payload [ 342.395249][ T6706] NILFS (loop2): trying rollback from an earlier position [ 342.405594][ T6709] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6705] ioctl(4, LOOP_CLR_FD) = 0 [pid 6705] close(4) = 0 [pid 6706] <... mount resumed>) = 0 [pid 6705] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6706] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6705] <... open resumed>) = 4 [pid 6706] <... openat resumed>) = 3 [pid 6706] chdir("./file0" [pid 6705] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6706] <... chdir resumed>) = 0 [pid 6706] ioctl(4, LOOP_CLR_FD [pid 6705] <... open resumed>) = 5 [pid 6706] <... ioctl resumed>) = 0 [pid 6705] ftruncate(5, 33587195 [pid 6706] close(4 [pid 6705] <... ftruncate resumed>) = 0 [pid 6708] <... ioctl resumed>) = 0 [pid 6708] close(3 [pid 6706] <... close resumed>) = 0 [pid 6705] sendfile(4, 5, NULL, 281474978811909 [pid 6708] <... close resumed>) = 0 [pid 6706] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6708] mkdir("./file0", 0777 [pid 6706] <... open resumed>) = 4 [pid 6708] <... mkdir resumed>) = 0 [pid 6708] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6706] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6706] ftruncate(5, 33587195) = 0 [ 342.427748][ T6706] NILFS (loop2): recovery complete [ 342.430271][ T6708] loop4: detected capacity change from 0 to 4096 [ 342.460933][ T6710] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 342.533744][ T6708] NILFS (loop4): invalid segment: Checksum error in segment payload [pid 6706] sendfile(4, 5, NULL, 281474978811909 [pid 5064] <... umount2 resumed>) = 0 [pid 6700] <... sendfile resumed>) = 1048576 [pid 6700] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [ 342.579893][ T6708] NILFS (loop4): trying rollback from an earlier position [pid 6700] exit_group(0) = ? [pid 6700] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6700, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 5067] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5064] umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] umount2("./135", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./135", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] <... openat resumed>) = 3 [pid 5064] lstat("./133/file0", [pid 5067] fstat(3, [pid 5064] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] getdents64(3, [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./135/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] openat(AT_FDCWD, "./133/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./135/binderfs", [pid 5064] <... openat resumed>) = 4 [pid 5067] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] fstat(4, [pid 5067] unlink("./135/binderfs" [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] <... unlink resumed>) = 0 [pid 5067] umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] getdents64(4, [pid 6708] <... mount resumed>) = 0 [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6708] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5064] getdents64(4, [pid 6708] <... openat resumed>) = 3 [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6708] chdir("./file0" [pid 5064] close(4 [pid 6708] <... chdir resumed>) = 0 [pid 6708] ioctl(4, LOOP_CLR_FD [pid 5064] <... close resumed>) = 0 [pid 6708] <... ioctl resumed>) = 0 [ 342.668814][ T6708] NILFS (loop4): recovery complete [pid 5064] rmdir("./133/file0" [pid 6708] close(4 [pid 5064] <... rmdir resumed>) = 0 [pid 6708] <... close resumed>) = 0 [pid 6708] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5064] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6708] <... open resumed>) = 4 [ 342.705325][ T6711] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5064] close(3) = 0 [pid 5064] rmdir("./133") = 0 [pid 6708] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5064] mkdir("./134", 0777 [pid 6708] <... open resumed>) = 5 [pid 5064] <... mkdir resumed>) = 0 [pid 6708] ftruncate(5, 33587195 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6708] <... ftruncate resumed>) = 0 [pid 6708] sendfile(4, 5, NULL, 281474978811909 [pid 5064] <... openat resumed>) = 3 [pid 5064] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5064] close(3) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6712 ./strace-static-x86_64: Process 6712 attached [pid 6712] chdir("./134") = 0 [pid 6712] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6712] setpgid(0, 0) = 0 [pid 6712] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6712] write(3, "1000", 4) = 4 [pid 6712] close(3) = 0 [pid 6712] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6712] memfd_create("syzkaller", 0) = 3 [pid 6712] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6712] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5067] <... umount2 resumed>) = 0 [pid 5067] umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./135/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./135/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./135/file0") = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./135") = 0 [pid 5067] mkdir("./136", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] close(3 [pid 6712] <... write resumed>) = 2097152 [pid 6712] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6712] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6712] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6712] close(3) = 0 [pid 5067] <... close resumed>) = 0 [pid 6712] mkdir("./file0", 0777 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6712] <... mkdir resumed>) = 0 [pid 6712] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5067] <... clone resumed>, child_tidptr=0x555556c965d0) = 6713 ./strace-static-x86_64: Process 6713 attached [pid 6713] chdir("./136") = 0 [pid 6713] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6713] setpgid(0, 0) = 0 [pid 6713] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6713] write(3, "1000", 4) = 4 [pid 6713] close(3) = 0 [pid 6713] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6713] memfd_create("syzkaller", 0) = 3 [pid 6713] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 343.038125][ T6712] loop0: detected capacity change from 0 to 4096 [ 343.086666][ T6712] NILFS (loop0): invalid segment: Checksum error in segment payload [ 343.116200][ T6712] NILFS (loop0): trying rollback from an earlier position [pid 6713] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152 [pid 6713] munmap(0x7fc0314e0000, 2097152) = 0 [ 343.165841][ T6712] NILFS (loop0): recovery complete [pid 6713] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6713] ioctl(4, LOOP_SET_FD, 3 [pid 6712] <... mount resumed>) = 0 [pid 6713] <... ioctl resumed>) = 0 [pid 6712] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6713] close(3 [pid 6712] <... openat resumed>) = 3 [pid 6712] chdir("./file0") = 0 [pid 6713] <... close resumed>) = 0 [pid 6712] ioctl(4, LOOP_CLR_FD [pid 6704] <... sendfile resumed>) = 1048576 [pid 6712] <... ioctl resumed>) = 0 [pid 6704] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6713] mkdir("./file0", 0777 [pid 6712] close(4 [pid 6704] <... open resumed>) = -1 EFAULT (Bad address) [pid 6712] <... close resumed>) = 0 [pid 6704] exit_group(0 [pid 6712] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6704] <... exit_group resumed>) = ? [pid 6704] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6704, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5065] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 6712] <... open resumed>) = 4 [pid 6712] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6713] <... mkdir resumed>) = 0 [pid 6712] <... open resumed>) = 5 [ 343.194642][ T6714] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 343.218219][ T6713] loop3: detected capacity change from 0 to 4096 [pid 5065] umount2("./133", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6713] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6712] ftruncate(5, 33587195 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6712] <... ftruncate resumed>) = 0 [pid 5065] openat(AT_FDCWD, "./133", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6712] sendfile(4, 5, NULL, 281474978811909 [pid 5065] <... openat resumed>) = 3 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./133/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./133/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] unlink("./133/binderfs") = 0 [ 343.297802][ T6713] NILFS (loop3): invalid segment: Checksum error in segment payload [ 343.353535][ T6713] NILFS (loop3): trying rollback from an earlier position [pid 5065] umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6713] <... mount resumed>) = 0 [pid 6713] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6713] chdir("./file0") = 0 [pid 6713] ioctl(4, LOOP_CLR_FD) = 0 [pid 6713] close(4) = 0 [pid 6713] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5065] <... umount2 resumed>) = 0 [pid 6713] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6713] ftruncate(5, 33587195) = 0 [ 343.457190][ T6713] NILFS (loop3): recovery complete [ 343.495402][ T6715] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6713] sendfile(4, 5, NULL, 281474978811909 [pid 5065] umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./133/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./133/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [pid 5065] rmdir("./133/file0") = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 5065] rmdir("./133") = 0 [pid 5065] mkdir("./134", 0777) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5065] close(3 [pid 6706] <... sendfile resumed>) = 1048576 [pid 5065] <... close resumed>) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6716 [pid 6705] <... sendfile resumed>) = 1048576 [pid 6705] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6706] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6705] exit_group(0./strace-static-x86_64: Process 6716 attached [pid 6706] <... open resumed>) = -1 EFAULT (Bad address) [pid 6705] <... exit_group resumed>) = ? [pid 6716] chdir("./134" [pid 6706] exit_group(0 [pid 6705] +++ exited with 0 +++ [pid 6716] <... chdir resumed>) = 0 [pid 6706] <... exit_group resumed>) = ? [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6705, si_uid=0, si_status=0, si_utime=0, si_stime=19 /* 0.19 s */} --- [pid 6716] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6716] setpgid(0, 0 [pid 6706] +++ exited with 0 +++ [pid 5069] umount2("./136", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6716] <... setpgid resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6706, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 6716] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5069] openat(AT_FDCWD, "./136", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6716] <... openat resumed>) = 3 [pid 5069] <... openat resumed>) = 3 [pid 6716] write(3, "1000", 4 [pid 5069] fstat(3, [pid 6716] <... write resumed>) = 4 [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6716] close(3 [pid 5069] getdents64(3, [pid 6716] <... close resumed>) = 0 [pid 6716] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6716] memfd_create("syzkaller", 0 [pid 5069] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] umount2("./134", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6716] <... memfd_create resumed>) = 3 [pid 5069] umount2("./136/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6716] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./134", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6716] <... mmap resumed>) = 0x7fc0314e0000 [pid 5069] lstat("./136/binderfs", [pid 5066] <... openat resumed>) = 3 [pid 5069] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] fstat(3, [pid 5069] unlink("./136/binderfs" [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] <... unlink resumed>) = 0 [pid 5066] getdents64(3, [pid 5069] umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] umount2("./134/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./134/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] unlink("./134/binderfs") = 0 [pid 5066] umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6716] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6708] <... sendfile resumed>) = 1048576 [pid 6708] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6708] exit_group(0) = ? [pid 6708] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6708, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 5068] umount2("./135", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./135", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6716] <... write resumed>) = 2097152 [pid 5068] fstat(3, [pid 6716] munmap(0x7fc0314e0000, 2097152 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6716] <... munmap resumed>) = 0 [pid 5068] getdents64(3, [pid 6716] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5068] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6716] <... openat resumed>) = 4 [pid 5068] umount2("./135/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6716] ioctl(4, LOOP_SET_FD, 3 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./135/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] unlink("./135/binderfs") = 0 [pid 6716] <... ioctl resumed>) = 0 [pid 5068] umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6716] close(3) = 0 [pid 6716] mkdir("./file0", 0777) = 0 [pid 6716] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5066] <... umount2 resumed>) = 0 [ 343.906043][ T6716] loop1: detected capacity change from 0 to 4096 [pid 5066] umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./134/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... umount2 resumed>) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./134/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... openat resumed>) = 4 [pid 5066] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] lstat("./136/file0", [pid 5066] close(4 [pid 5069] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] <... close resumed>) = 0 [pid 5069] umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] rmdir("./134/file0" [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... rmdir resumed>) = 0 [pid 5069] openat(AT_FDCWD, "./136/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] getdents64(3, [pid 5069] <... openat resumed>) = 4 [pid 5066] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] fstat(4, [pid 5066] close(3 [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] <... close resumed>) = 0 [pid 5066] rmdir("./134" [pid 5069] getdents64(4, [pid 5066] <... rmdir resumed>) = 0 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] mkdir("./135", 0777 [pid 5069] getdents64(4, [pid 5066] <... mkdir resumed>) = 0 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5069] close(4 [pid 5066] <... openat resumed>) = 3 [pid 5069] <... close resumed>) = 0 [pid 5066] ioctl(3, LOOP_CLR_FD [pid 5069] rmdir("./136/file0" [pid 5066] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5069] <... rmdir resumed>) = 0 [ 343.980025][ T6716] NILFS (loop1): invalid segment: Checksum error in segment payload [ 344.003777][ T6716] NILFS (loop1): trying rollback from an earlier position [pid 5066] close(3 [pid 5069] getdents64(3, [pid 5066] <... close resumed>) = 0 [pid 5069] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6717 ./strace-static-x86_64: Process 6717 attached [pid 5069] close(3 [pid 6717] chdir("./135" [pid 5069] <... close resumed>) = 0 [pid 6717] <... chdir resumed>) = 0 [pid 5069] rmdir("./136" [pid 6717] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6717] setpgid(0, 0) = 0 [pid 6717] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6717] write(3, "1000", 4 [pid 5069] <... rmdir resumed>) = 0 [pid 6717] <... write resumed>) = 4 [pid 6717] close(3 [pid 5069] mkdir("./137", 0777 [pid 6717] <... close resumed>) = 0 [pid 6717] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6716] <... mount resumed>) = 0 [pid 5069] <... mkdir resumed>) = 0 [ 344.088277][ T6716] NILFS (loop1): recovery complete [pid 6717] memfd_create("syzkaller", 0) = 3 [pid 6717] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6716] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 6716] <... openat resumed>) = 3 [pid 5069] <... openat resumed>) = 3 [pid 5068] <... umount2 resumed>) = 0 [pid 6716] chdir("./file0" [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5068] umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6716] <... chdir resumed>) = 0 [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6716] ioctl(4, LOOP_CLR_FD [pid 5069] close(3 [pid 5068] lstat("./135/file0", [pid 6716] <... ioctl resumed>) = 0 [pid 5069] <... close resumed>) = 0 [pid 5068] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6716] close(4 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6716] <... close resumed>) = 0 [pid 6716] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 6719 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./135/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6716] <... open resumed>) = 4 [pid 5068] <... openat resumed>) = 4 [pid 6716] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] fstat(4, [pid 6716] <... open resumed>) = 5 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6716] ftruncate(5, 33587195 [pid 5068] getdents64(4, [pid 6716] <... ftruncate resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 ./strace-static-x86_64: Process 6719 attached [pid 6716] sendfile(4, 5, NULL, 281474978811909 [ 344.111338][ T6718] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5068] rmdir("./135/file0") = 0 [pid 6719] chdir("./137" [pid 5068] getdents64(3, [pid 6719] <... chdir resumed>) = 0 [pid 6717] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5068] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6719] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5068] close(3 [pid 6719] <... prctl resumed>) = 0 [pid 5068] <... close resumed>) = 0 [pid 6719] setpgid(0, 0 [pid 5068] rmdir("./135" [pid 6719] <... setpgid resumed>) = 0 [pid 6719] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5068] <... rmdir resumed>) = 0 [pid 6719] <... openat resumed>) = 3 [pid 5068] mkdir("./136", 0777 [pid 6719] write(3, "1000", 4 [pid 5068] <... mkdir resumed>) = 0 [pid 6719] <... write resumed>) = 4 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6719] close(3 [pid 5068] <... openat resumed>) = 3 [pid 6719] <... close resumed>) = 0 [pid 5068] ioctl(3, LOOP_CLR_FD [pid 6719] symlink("/dev/binderfs", "./binderfs" [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6719] <... symlink resumed>) = 0 [pid 5068] close(3 [pid 6719] memfd_create("syzkaller", 0 [pid 5068] <... close resumed>) = 0 [pid 6719] <... memfd_create resumed>) = 3 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6719] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 6720 ./strace-static-x86_64: Process 6720 attached [pid 6720] chdir("./136") = 0 [pid 6720] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6719] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6717] <... write resumed>) = 2097152 [pid 6712] <... sendfile resumed>) = 1048576 [pid 6720] <... prctl resumed>) = 0 [pid 6712] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6720] setpgid(0, 0 [pid 6712] <... open resumed>) = -1 EFAULT (Bad address) [pid 6720] <... setpgid resumed>) = 0 [pid 6712] exit_group(0 [pid 6720] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6712] <... exit_group resumed>) = ? [pid 6720] <... openat resumed>) = 3 [pid 6720] write(3, "1000", 4) = 4 [pid 6712] +++ exited with 0 +++ [pid 6720] close(3) = 0 [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6712, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 6720] symlink("/dev/binderfs", "./binderfs" [pid 5064] umount2("./134", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6720] <... symlink resumed>) = 0 [pid 6717] munmap(0x7fc0314e0000, 2097152 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6720] memfd_create("syzkaller", 0 [pid 6717] <... munmap resumed>) = 0 [pid 5064] openat(AT_FDCWD, "./134", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6720] <... memfd_create resumed>) = 3 [pid 6717] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5064] <... openat resumed>) = 3 [pid 6720] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6717] <... openat resumed>) = 4 [pid 5064] fstat(3, [pid 6720] <... mmap resumed>) = 0x7fc0314e0000 [pid 6717] ioctl(4, LOOP_SET_FD, 3 [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6717] <... ioctl resumed>) = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] umount2("./134/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./134/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] unlink("./134/binderfs") = 0 [pid 5064] umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6720] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6717] close(3) = 0 [pid 6717] mkdir("./file0", 0777) = 0 [ 344.347911][ T6717] loop2: detected capacity change from 0 to 4096 [pid 6717] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6719] <... write resumed>) = 2097152 [pid 6719] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6713] <... sendfile resumed>) = 1048576 [pid 6719] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 6713] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6719] <... openat resumed>) = 4 [pid 6713] <... open resumed>) = -1 EFAULT (Bad address) [pid 6719] ioctl(4, LOOP_SET_FD, 3 [pid 6713] exit_group(0 [pid 6719] <... ioctl resumed>) = 0 [pid 6713] <... exit_group resumed>) = ? [pid 6713] +++ exited with 0 +++ [pid 6719] close(3 [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6713, si_uid=0, si_status=0, si_utime=0, si_stime=28 /* 0.28 s */} --- [pid 6719] <... close resumed>) = 0 [pid 6719] mkdir("./file0", 0777 [pid 5067] umount2("./136", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6719] <... mkdir resumed>) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6719] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5067] openat(AT_FDCWD, "./136", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./136/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6720] <... write resumed>) = 2097152 [pid 5067] lstat("./136/binderfs", [pid 6720] munmap(0x7fc0314e0000, 2097152 [pid 5067] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./136/binderfs" [pid 6720] <... munmap resumed>) = 0 [pid 5067] <... unlink resumed>) = 0 [pid 6720] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5067] umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6720] <... openat resumed>) = 4 [ 344.422254][ T6717] NILFS (loop2): invalid segment: Checksum error in segment payload [ 344.447684][ T6719] loop5: detected capacity change from 0 to 4096 [ 344.457158][ T6717] NILFS (loop2): trying rollback from an earlier position [pid 6720] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6720] close(3) = 0 [pid 6720] mkdir("./file0", 0777) = 0 [ 344.495111][ T6720] loop4: detected capacity change from 0 to 4096 [ 344.507668][ T6719] NILFS (loop5): invalid segment: Checksum error in segment payload [pid 6720] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5064] <... umount2 resumed>) = 0 [pid 5064] umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./134/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./134/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5064] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] close(4 [pid 6717] <... mount resumed>) = 0 [ 344.546236][ T6719] NILFS (loop5): trying rollback from an earlier position [ 344.560601][ T6717] NILFS (loop2): recovery complete [ 344.583066][ T6720] NILFS (loop4): invalid segment: Checksum error in segment payload [pid 5064] <... close resumed>) = 0 [pid 6717] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5064] rmdir("./134/file0" [pid 6717] <... openat resumed>) = 3 [pid 5064] <... rmdir resumed>) = 0 [pid 6717] chdir("./file0" [pid 5064] getdents64(3, [pid 6717] <... chdir resumed>) = 0 [pid 5064] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6717] ioctl(4, LOOP_CLR_FD [pid 5064] close(3 [pid 6717] <... ioctl resumed>) = 0 [pid 5064] <... close resumed>) = 0 [pid 6717] close(4 [pid 5064] rmdir("./134" [pid 6717] <... close resumed>) = 0 [pid 5064] <... rmdir resumed>) = 0 [pid 6717] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5064] mkdir("./135", 0777) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 344.588680][ T6721] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6717] <... open resumed>) = 4 [pid 5064] ioctl(3, LOOP_CLR_FD [pid 6717] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5064] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6717] <... open resumed>) = 5 [pid 5064] close(3 [pid 6717] ftruncate(5, 33587195 [pid 5064] <... close resumed>) = 0 [pid 6717] <... ftruncate resumed>) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6717] sendfile(4, 5, NULL, 281474978811909 [pid 5064] <... clone resumed>, child_tidptr=0x555556c965d0) = 6722 ./strace-static-x86_64: Process 6722 attached [pid 6722] chdir("./135") = 0 [pid 6722] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6722] setpgid(0, 0) = 0 [pid 6722] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6722] write(3, "1000", 4) = 4 [pid 6722] close(3) = 0 [ 344.620102][ T6720] NILFS (loop4): trying rollback from an earlier position [ 344.653274][ T6719] NILFS (loop5): recovery complete [pid 6722] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6719] <... mount resumed>) = 0 [pid 6722] memfd_create("syzkaller", 0 [pid 6719] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6722] <... memfd_create resumed>) = 3 [pid 6719] <... openat resumed>) = 3 [pid 6722] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6719] chdir("./file0" [pid 6722] <... mmap resumed>) = 0x7fc0314e0000 [pid 6719] <... chdir resumed>) = 0 [pid 6719] ioctl(4, LOOP_CLR_FD [pid 5067] <... umount2 resumed>) = 0 [pid 6719] <... ioctl resumed>) = 0 [pid 6719] close(4) = 0 [pid 6719] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6719] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [ 344.687412][ T6723] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6719] ftruncate(5, 33587195) = 0 [pid 6719] sendfile(4, 5, NULL, 281474978811909 [pid 6722] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [ 344.735836][ T6720] NILFS (loop4): recovery complete [pid 5067] umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6720] <... mount resumed>) = 0 [pid 6720] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6720] <... openat resumed>) = 3 [pid 5067] lstat("./136/file0", [pid 6720] chdir("./file0" [pid 5067] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6720] <... chdir resumed>) = 0 [pid 6720] ioctl(4, LOOP_CLR_FD [pid 5067] umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6720] <... ioctl resumed>) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6720] close(4 [pid 5067] openat(AT_FDCWD, "./136/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6720] <... close resumed>) = 0 [pid 5067] <... openat resumed>) = 4 [pid 6720] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6720] <... open resumed>) = 4 [pid 5067] getdents64(4, [pid 6720] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6720] <... open resumed>) = 5 [pid 6720] ftruncate(5, 33587195 [pid 5067] getdents64(4, [pid 6720] <... ftruncate resumed>) = 0 [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6720] sendfile(4, 5, NULL, 281474978811909 [ 344.758654][ T6724] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5067] close(4) = 0 [pid 5067] rmdir("./136/file0") = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./136") = 0 [pid 5067] mkdir("./137", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] close(3) = 0 [pid 6722] <... write resumed>) = 2097152 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6725 attached [pid 6722] munmap(0x7fc0314e0000, 2097152 [pid 6725] chdir("./137" [pid 6722] <... munmap resumed>) = 0 [pid 5067] <... clone resumed>, child_tidptr=0x555556c965d0) = 6725 [pid 6725] <... chdir resumed>) = 0 [pid 6722] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6725] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6722] <... openat resumed>) = 4 [pid 6725] <... prctl resumed>) = 0 [pid 6722] ioctl(4, LOOP_SET_FD, 3 [pid 6725] setpgid(0, 0) = 0 [pid 6725] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6725] write(3, "1000", 4) = 4 [pid 6725] close(3 [pid 6722] <... ioctl resumed>) = 0 [pid 6725] <... close resumed>) = 0 [pid 6722] close(3 [pid 6725] symlink("/dev/binderfs", "./binderfs" [pid 6722] <... close resumed>) = 0 [pid 6725] <... symlink resumed>) = 0 [pid 6722] mkdir("./file0", 0777 [pid 6725] memfd_create("syzkaller", 0 [pid 6722] <... mkdir resumed>) = 0 [pid 6725] <... memfd_create resumed>) = 3 [pid 6722] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6725] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 344.929898][ T6722] loop0: detected capacity change from 0 to 4096 [ 344.985819][ T6722] NILFS (loop0): invalid segment: Checksum error in segment payload [ 344.993905][ T6722] NILFS (loop0): trying rollback from an earlier position [ 345.097875][ T6722] NILFS (loop0): recovery complete [pid 6725] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6722] <... mount resumed>) = 0 [pid 6722] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6725] <... write resumed>) = 2097152 [pid 6722] <... openat resumed>) = 3 [pid 6722] chdir("./file0" [pid 6725] munmap(0x7fc0314e0000, 2097152 [pid 6722] <... chdir resumed>) = 0 [pid 6722] ioctl(4, LOOP_CLR_FD [pid 6725] <... munmap resumed>) = 0 [pid 6725] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6725] ioctl(4, LOOP_SET_FD, 3 [pid 6722] <... ioctl resumed>) = 0 [pid 6722] close(4 [pid 6725] <... ioctl resumed>) = 0 [pid 6722] <... close resumed>) = 0 [pid 6725] close(3 [pid 6722] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6725] <... close resumed>) = 0 [pid 6725] mkdir("./file0", 0777) = 0 [pid 6725] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6722] <... open resumed>) = 4 [pid 6722] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6716] <... sendfile resumed>) = 1048576 [pid 6722] <... open resumed>) = 5 [ 345.128941][ T6726] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 345.159682][ T6725] loop3: detected capacity change from 0 to 4096 [pid 6716] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6722] ftruncate(5, 33587195 [pid 6716] <... open resumed>) = -1 EFAULT (Bad address) [pid 6722] <... ftruncate resumed>) = 0 [pid 6716] exit_group(0 [pid 6722] sendfile(4, 5, NULL, 281474978811909 [pid 6716] <... exit_group resumed>) = ? [pid 6716] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6716, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} --- [pid 5065] umount2("./134", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./134", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./134/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./134/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [ 345.235737][ T6725] NILFS (loop3): invalid segment: Checksum error in segment payload [pid 5065] unlink("./134/binderfs") = 0 [ 345.291809][ T6725] NILFS (loop3): trying rollback from an earlier position [ 345.382779][ T6725] NILFS (loop3): recovery complete [pid 5065] umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6725] <... mount resumed>) = 0 [pid 6725] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6725] chdir("./file0") = 0 [pid 6725] ioctl(4, LOOP_CLR_FD) = 0 [pid 6725] close(4) = 0 [pid 6725] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6725] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6725] ftruncate(5, 33587195) = 0 [ 345.440127][ T6727] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6725] sendfile(4, 5, NULL, 281474978811909 [pid 5065] <... umount2 resumed>) = 0 [pid 5065] umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./134/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./134/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [pid 5065] rmdir("./134/file0") = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 5065] rmdir("./134") = 0 [pid 5065] mkdir("./135", 0777) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5065] close(3) = 0 [pid 6720] <... sendfile resumed>) = 1048576 [pid 6719] <... sendfile resumed>) = 1048576 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6720] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6719] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6720] <... open resumed>) = -1 EFAULT (Bad address) [pid 6719] exit_group(0 [pid 6720] exit_group(0 [pid 6719] <... exit_group resumed>) = ? [pid 5065] <... clone resumed>, child_tidptr=0x555556c965d0) = 6728 [pid 6720] <... exit_group resumed>) = ? [pid 6719] +++ exited with 0 +++ ./strace-static-x86_64: Process 6728 attached [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6719, si_uid=0, si_status=0, si_utime=0, si_stime=24 /* 0.24 s */} --- [pid 6728] chdir("./135" [pid 6720] +++ exited with 0 +++ [pid 6728] <... chdir resumed>) = 0 [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6720, si_uid=0, si_status=0, si_utime=0, si_stime=29 /* 0.29 s */} --- [pid 6728] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5068] restart_syscall(<... resuming interrupted clone ...> [pid 6728] <... prctl resumed>) = 0 [pid 5068] <... restart_syscall resumed>) = 0 [pid 6728] setpgid(0, 0) = 0 [pid 5069] umount2("./137", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6728] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] umount2("./136", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6728] <... openat resumed>) = 3 [pid 5069] openat(AT_FDCWD, "./137", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6728] write(3, "1000", 4 [pid 5069] <... openat resumed>) = 3 [pid 5068] openat(AT_FDCWD, "./136", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6728] <... write resumed>) = 4 [pid 5069] fstat(3, [pid 5068] <... openat resumed>) = 3 [pid 6728] close(3 [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] fstat(3, [pid 6728] <... close resumed>) = 0 [pid 5069] getdents64(3, [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6728] symlink("/dev/binderfs", "./binderfs" [pid 6717] <... sendfile resumed>) = 1048576 [pid 5069] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] getdents64(3, [pid 6728] <... symlink resumed>) = 0 [pid 5069] umount2("./137/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6728] memfd_create("syzkaller", 0 [pid 6717] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] umount2("./136/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6728] <... memfd_create resumed>) = 3 [pid 6717] <... open resumed>) = -1 EFAULT (Bad address) [pid 5069] lstat("./137/binderfs", [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6728] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6717] exit_group(0 [pid 5069] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] lstat("./136/binderfs", [pid 6728] <... mmap resumed>) = 0x7fc0314e0000 [pid 6717] <... exit_group resumed>) = ? [pid 5069] unlink("./137/binderfs" [pid 5068] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 6728] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6717] +++ exited with 0 +++ [pid 5069] <... unlink resumed>) = 0 [pid 5068] unlink("./136/binderfs" [pid 5069] umount2("./137/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... unlink resumed>) = 0 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6717, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=23 /* 0.23 s */} --- [pid 5068] umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] umount2("./135", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./135", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5066] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] umount2("./135/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./135/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] unlink("./135/binderfs") = 0 [pid 5066] umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6728] <... write resumed>) = 2097152 [pid 6728] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6728] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6728] ioctl(4, LOOP_SET_FD, 3 [pid 5068] <... umount2 resumed>) = 0 [pid 6728] <... ioctl resumed>) = 0 [pid 6728] close(3) = 0 [pid 6728] mkdir("./file0", 0777) = 0 [pid 6728] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./136/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./136/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 345.950931][ T6728] loop1: detected capacity change from 0 to 4096 [pid 5068] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5068] rmdir("./136/file0") = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5068] rmdir("./136") = 0 [ 346.011759][ T6728] NILFS (loop1): invalid segment: Checksum error in segment payload [pid 5068] mkdir("./137", 0777) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5068] close(3) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6729 [pid 5069] <... umount2 resumed>) = 0 [pid 5069] umount2("./137/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./137/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 ./strace-static-x86_64: Process 6729 attached [pid 5069] umount2("./137/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6729] chdir("./137" [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6729] <... chdir resumed>) = 0 [pid 5069] openat(AT_FDCWD, "./137/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6729] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5069] <... openat resumed>) = 4 [pid 5066] <... umount2 resumed>) = 0 [pid 6729] <... prctl resumed>) = 0 [pid 5069] fstat(4, [pid 5066] umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6729] setpgid(0, 0 [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6729] <... setpgid resumed>) = 0 [pid 5069] getdents64(4, [pid 5066] lstat("./135/file0", [pid 6729] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6729] <... openat resumed>) = 3 [pid 5069] getdents64(4, [ 346.062973][ T6728] NILFS (loop1): trying rollback from an earlier position [pid 5066] umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6729] write(3, "1000", 4 [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6729] <... write resumed>) = 4 [pid 5069] close(4 [pid 5066] openat(AT_FDCWD, "./135/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6729] close(3 [pid 5069] <... close resumed>) = 0 [pid 5066] <... openat resumed>) = 4 [pid 6729] <... close resumed>) = 0 [pid 5069] rmdir("./137/file0" [pid 5066] fstat(4, [pid 5069] <... rmdir resumed>) = 0 [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6729] symlink("/dev/binderfs", "./binderfs" [pid 5069] getdents64(3, [pid 5066] getdents64(4, [pid 6729] <... symlink resumed>) = 0 [pid 5069] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6729] memfd_create("syzkaller", 0 [pid 5069] close(3 [pid 5066] getdents64(4, [pid 6729] <... memfd_create resumed>) = 3 [pid 6728] <... mount resumed>) = 0 [pid 5069] <... close resumed>) = 0 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] rmdir("./137" [pid 5066] close(4 [pid 6729] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6728] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5069] <... rmdir resumed>) = 0 [pid 5066] <... close resumed>) = 0 [pid 6729] <... mmap resumed>) = 0x7fc0314e0000 [pid 6728] <... openat resumed>) = 3 [pid 5069] mkdir("./138", 0777 [pid 5066] rmdir("./135/file0" [pid 6728] chdir("./file0" [pid 5069] <... mkdir resumed>) = 0 [pid 5066] <... rmdir resumed>) = 0 [pid 6728] <... chdir resumed>) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5066] getdents64(3, [pid 6728] ioctl(4, LOOP_CLR_FD [pid 5069] <... openat resumed>) = 3 [pid 5066] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6728] <... ioctl resumed>) = 0 [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5066] close(3 [pid 6728] close(4 [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5066] <... close resumed>) = 0 [pid 6728] <... close resumed>) = 0 [pid 5069] close(3 [pid 5066] rmdir("./135" [pid 6728] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] <... close resumed>) = 0 [pid 5066] <... rmdir resumed>) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6728] <... open resumed>) = 4 [pid 5066] mkdir("./136", 0777 [pid 6728] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5066] <... mkdir resumed>) = 0 [pid 6728] <... open resumed>) = 5 [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 6731 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6728] ftruncate(5, 33587195 [pid 5066] <... openat resumed>) = 3 [pid 6728] <... ftruncate resumed>) = 0 [pid 5066] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 6731 attached [pid 6728] sendfile(4, 5, NULL, 281474978811909 [pid 5066] <... ioctl resumed>) = -1 ENXIO (No such device or address) [ 346.143548][ T6728] NILFS (loop1): recovery complete [ 346.152614][ T6730] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6731] chdir("./138" [pid 5066] close(3 [pid 6731] <... chdir resumed>) = 0 [pid 5066] <... close resumed>) = 0 [pid 6731] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6731] <... prctl resumed>) = 0 [pid 6731] setpgid(0, 0 [pid 5066] <... clone resumed>, child_tidptr=0x555556c965d0) = 6732 [pid 6731] <... setpgid resumed>) = 0 [pid 6731] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6731] write(3, "1000", 4) = 4 [pid 6731] close(3) = 0 [pid 6731] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6729] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152./strace-static-x86_64: Process 6732 attached [pid 6731] memfd_create("syzkaller", 0) = 3 [pid 6732] chdir("./136" [pid 6731] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6732] <... chdir resumed>) = 0 [pid 6731] <... mmap resumed>) = 0x7fc0314e0000 [pid 6732] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6732] setpgid(0, 0) = 0 [pid 6732] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6732] write(3, "1000", 4) = 4 [pid 6732] close(3) = 0 [pid 6732] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6732] memfd_create("syzkaller", 0) = 3 [pid 6732] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6731] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6729] <... write resumed>) = 2097152 [pid 6732] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6729] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6729] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6729] ioctl(4, LOOP_SET_FD, 3 [pid 6725] <... sendfile resumed>) = 1048576 [pid 6725] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6725] exit_group(0) = ? [pid 6725] +++ exited with 0 +++ [pid 6731] <... write resumed>) = 2097152 [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6725, si_uid=0, si_status=0, si_utime=0, si_stime=28 /* 0.28 s */} --- [pid 6729] <... ioctl resumed>) = 0 [pid 5067] umount2("./137", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6729] close(3 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6729] <... close resumed>) = 0 [pid 5067] openat(AT_FDCWD, "./137", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6729] mkdir("./file0", 0777 [pid 6722] <... sendfile resumed>) = 1048576 [pid 5067] <... openat resumed>) = 3 [pid 6722] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 5067] fstat(3, [pid 6729] <... mkdir resumed>) = 0 [pid 6722] <... open resumed>) = -1 EFAULT (Bad address) [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6729] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6722] exit_group(0 [pid 5067] getdents64(3, [pid 6722] <... exit_group resumed>) = ? [pid 5067] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6722] +++ exited with 0 +++ [pid 5067] umount2("./137/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6722, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./137/binderfs", [pid 5064] restart_syscall(<... resuming interrupted clone ...> [pid 5067] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] <... restart_syscall resumed>) = 0 [pid 6731] munmap(0x7fc0314e0000, 2097152 [pid 5067] unlink("./137/binderfs" [pid 6731] <... munmap resumed>) = 0 [pid 5067] <... unlink resumed>) = 0 [pid 6731] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5067] umount2("./137/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] umount2("./135", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6731] <... openat resumed>) = 4 [ 346.373079][ T6729] loop4: detected capacity change from 0 to 4096 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6731] ioctl(4, LOOP_SET_FD, 3 [pid 5064] openat(AT_FDCWD, "./135", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6732] <... write resumed>) = 2097152 [pid 5064] <... openat resumed>) = 3 [pid 5064] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5064] umount2("./135/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./135/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5064] unlink("./135/binderfs") = 0 [pid 5064] umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6732] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6732] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6732] ioctl(4, LOOP_SET_FD, 3) = 0 [ 346.444492][ T6729] NILFS (loop4): invalid segment: Checksum error in segment payload [ 346.446420][ T6731] loop5: detected capacity change from 0 to 4096 [ 346.455175][ T6729] NILFS (loop4): trying rollback from an earlier position [pid 6732] close(3) = 0 [pid 6732] mkdir("./file0", 0777) = 0 [pid 6732] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6731] <... ioctl resumed>) = 0 [pid 6731] close(3) = 0 [pid 6731] mkdir("./file0", 0777) = 0 [ 346.488406][ T6732] loop2: detected capacity change from 0 to 4096 [pid 6731] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6729] <... mount resumed>) = 0 [ 346.534152][ T6729] NILFS (loop4): recovery complete [ 346.550683][ T6732] NILFS (loop2): invalid segment: Checksum error in segment payload [ 346.565031][ T6731] NILFS (loop5): invalid segment: Checksum error in segment payload [pid 6729] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6729] chdir("./file0") = 0 [pid 6729] ioctl(4, LOOP_CLR_FD) = 0 [pid 6729] close(4) = 0 [pid 6729] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6729] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6729] ftruncate(5, 33587195) = 0 [ 346.580645][ T6733] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 346.593687][ T6732] NILFS (loop2): trying rollback from an earlier position [pid 6729] sendfile(4, 5, NULL, 281474978811909 [pid 5064] <... umount2 resumed>) = 0 [pid 5067] <... umount2 resumed>) = 0 [pid 5067] umount2("./137/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./137/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] umount2("./137/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 346.632296][ T6731] NILFS (loop5): trying rollback from an earlier position [ 346.669621][ T6732] NILFS (loop2): recovery complete [pid 5067] openat(AT_FDCWD, "./137/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6732] <... mount resumed>) = 0 [pid 6732] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5067] getdents64(4, [pid 6732] <... openat resumed>) = 3 [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6732] chdir("./file0" [pid 5067] getdents64(4, [pid 5064] umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6732] <... chdir resumed>) = 0 [pid 5067] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6732] ioctl(4, LOOP_CLR_FD [pid 5067] close(4 [pid 6732] <... ioctl resumed>) = 0 [pid 5067] <... close resumed>) = 0 [pid 5064] lstat("./135/file0", [pid 6732] close(4 [pid 5067] rmdir("./137/file0" [pid 5064] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6732] <... close resumed>) = 0 [pid 5067] <... rmdir resumed>) = 0 [pid 5064] umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6732] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] getdents64(3, [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6732] <... open resumed>) = 4 [pid 5067] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] openat(AT_FDCWD, "./135/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6732] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] close(3 [pid 5064] <... openat resumed>) = 4 [pid 6732] <... open resumed>) = 5 [pid 5067] <... close resumed>) = 0 [pid 5064] fstat(4, [pid 6732] ftruncate(5, 33587195 [pid 5067] rmdir("./137" [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6732] <... ftruncate resumed>) = 0 [pid 5067] <... rmdir resumed>) = 0 [pid 5064] getdents64(4, [pid 6732] sendfile(4, 5, NULL, 281474978811909 [pid 5067] mkdir("./138", 0777 [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] <... mkdir resumed>) = 0 [pid 5064] getdents64(4, [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5064] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] <... openat resumed>) = 3 [pid 5064] close(4 [pid 5067] ioctl(3, LOOP_CLR_FD [pid 5064] <... close resumed>) = 0 [pid 5067] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5064] rmdir("./135/file0" [pid 5067] close(3 [pid 5064] <... rmdir resumed>) = 0 [ 346.698017][ T6734] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 346.736866][ T6731] NILFS (loop5): recovery complete [pid 5067] <... close resumed>) = 0 [pid 5064] getdents64(3, [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5064] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6731] <... mount resumed>) = 0 [pid 5064] close(3 [pid 6731] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5067] <... clone resumed>, child_tidptr=0x555556c965d0) = 6736 [pid 5064] <... close resumed>) = 0 [pid 6731] <... openat resumed>) = 3 [pid 5064] rmdir("./135" [pid 6731] chdir("./file0" [pid 5064] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 6736 attached [pid 6731] <... chdir resumed>) = 0 [pid 5064] mkdir("./136", 0777 [pid 6736] chdir("./138" [pid 6731] ioctl(4, LOOP_CLR_FD [pid 5064] <... mkdir resumed>) = 0 [pid 6736] <... chdir resumed>) = 0 [pid 6731] <... ioctl resumed>) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6736] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6731] close(4 [pid 5064] <... openat resumed>) = 3 [pid 6736] <... prctl resumed>) = 0 [pid 6731] <... close resumed>) = 0 [pid 5064] ioctl(3, LOOP_CLR_FD [pid 6736] setpgid(0, 0 [pid 6731] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5064] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6736] <... setpgid resumed>) = 0 [pid 6731] <... open resumed>) = 4 [pid 5064] close(3 [pid 6736] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6731] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5064] <... close resumed>) = 0 [pid 6736] <... openat resumed>) = 3 [pid 6731] <... open resumed>) = 5 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6736] write(3, "1000", 4 [pid 6731] ftruncate(5, 33587195 [pid 6736] <... write resumed>) = 4 [pid 6731] <... ftruncate resumed>) = 0 [pid 5064] <... clone resumed>, child_tidptr=0x555556c965d0) = 6737 [pid 6736] close(3 [pid 6731] sendfile(4, 5, NULL, 281474978811909 [pid 6736] <... close resumed>) = 0 [pid 6736] symlink("/dev/binderfs", "./binderfs") = 0 ./strace-static-x86_64: Process 6737 attached [pid 6736] memfd_create("syzkaller", 0 [pid 6737] chdir("./136" [pid 6736] <... memfd_create resumed>) = 3 [pid 6737] <... chdir resumed>) = 0 [ 346.808247][ T6735] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6736] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6737] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6736] <... mmap resumed>) = 0x7fc0314e0000 [pid 6737] <... prctl resumed>) = 0 [pid 6737] setpgid(0, 0) = 0 [pid 6737] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6737] write(3, "1000", 4) = 4 [pid 6737] close(3) = 0 [pid 6737] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6737] memfd_create("syzkaller", 0) = 3 [pid 6737] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6736] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6737] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6736] <... write resumed>) = 2097152 [pid 6736] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6736] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6736] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6737] <... write resumed>) = 2097152 [pid 6737] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6736] close(3 [pid 6737] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6736] <... close resumed>) = 0 [pid 6737] <... openat resumed>) = 4 [pid 6736] mkdir("./file0", 0777 [pid 6737] ioctl(4, LOOP_SET_FD, 3 [pid 6736] <... mkdir resumed>) = 0 [pid 6736] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6737] <... ioctl resumed>) = 0 [pid 6737] close(3) = 0 [ 347.066214][ T6736] loop3: detected capacity change from 0 to 4096 [ 347.099621][ T6737] loop0: detected capacity change from 0 to 4096 [pid 6737] mkdir("./file0", 0777) = 0 [ 347.140329][ T6736] NILFS (loop3): invalid segment: Checksum error in segment payload [pid 6737] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6728] <... sendfile resumed>) = 1048576 [pid 6728] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6728] exit_group(0) = ? [pid 6728] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6728, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 5065] umount2("./135", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./135", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [ 347.183690][ T6737] NILFS (loop0): invalid segment: Checksum error in segment payload [ 347.193319][ T6736] NILFS (loop3): trying rollback from an earlier position [ 347.214363][ T6737] NILFS (loop0): trying rollback from an earlier position [pid 5065] umount2("./135/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./135/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] unlink("./135/binderfs") = 0 [ 347.274124][ T6736] NILFS (loop3): recovery complete [pid 5065] umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6736] <... mount resumed>) = 0 [pid 6736] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6736] chdir("./file0") = 0 [pid 6736] ioctl(4, LOOP_CLR_FD) = 0 [pid 6736] close(4) = 0 [pid 6736] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6736] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6736] ftruncate(5, 33587195) = 0 [ 347.316854][ T6738] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 347.330498][ T6737] NILFS (loop0): recovery complete [pid 6736] sendfile(4, 5, NULL, 281474978811909 [pid 6737] <... mount resumed>) = 0 [pid 6737] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6737] chdir("./file0") = 0 [pid 6737] ioctl(4, LOOP_CLR_FD) = 0 [pid 6737] close(4) = 0 [pid 6737] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6737] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6737] ftruncate(5, 33587195) = 0 [ 347.373411][ T6739] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6737] sendfile(4, 5, NULL, 281474978811909 [pid 5065] <... umount2 resumed>) = 0 [pid 5065] umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./135/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./135/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [pid 5065] rmdir("./135/file0") = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 5065] rmdir("./135") = 0 [pid 5065] mkdir("./136", 0777) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6740 ./strace-static-x86_64: Process 6740 attached [pid 6740] chdir("./136") = 0 [pid 6740] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6740] setpgid(0, 0) = 0 [pid 6740] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6740] write(3, "1000", 4) = 4 [pid 6740] close(3) = 0 [pid 6740] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6740] memfd_create("syzkaller", 0) = 3 [pid 6740] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6740] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6729] <... sendfile resumed>) = 1048576 [pid 6729] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6729] exit_group(0) = ? [pid 6729] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6729, si_uid=0, si_status=0, si_utime=0, si_stime=22 /* 0.22 s */} --- [pid 5068] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5068] umount2("./137", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./137", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6740] <... write resumed>) = 2097152 [pid 5068] umount2("./137/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./137/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] unlink("./137/binderfs") = 0 [pid 5068] umount2("./137/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6740] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6740] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6740] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6740] close(3) = 0 [pid 6740] mkdir("./file0", 0777) = 0 [ 347.791037][ T6740] loop1: detected capacity change from 0 to 4096 [pid 6740] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6732] <... sendfile resumed>) = 1048576 [pid 5068] <... umount2 resumed>) = 0 [pid 6732] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5068] umount2("./137/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./137/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] umount2("./137/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./137/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5068] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6732] exit_group(0 [pid 5068] getdents64(4, [pid 6732] <... exit_group resumed>) = ? [pid 5068] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4 [pid 6732] +++ exited with 0 +++ [pid 5068] <... close resumed>) = 0 [pid 5068] rmdir("./137/file0") = 0 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6732, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5068] getdents64(3, [pid 5066] restart_syscall(<... resuming interrupted clone ...> [pid 5068] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] <... restart_syscall resumed>) = 0 [pid 5068] close(3) = 0 [ 347.891098][ T6740] NILFS (loop1): invalid segment: Checksum error in segment payload [ 347.902066][ T6740] NILFS (loop1): trying rollback from an earlier position [ 347.925804][ T6740] NILFS (loop1): recovery complete [pid 5068] rmdir("./137" [pid 6740] <... mount resumed>) = 0 [pid 5066] umount2("./136", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./136", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6740] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5068] <... rmdir resumed>) = 0 [pid 5066] <... openat resumed>) = 3 [pid 6740] <... openat resumed>) = 3 [pid 5068] mkdir("./138", 0777 [pid 5066] fstat(3, [pid 6740] chdir("./file0" [pid 5066] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6740] <... chdir resumed>) = 0 [pid 5066] getdents64(3, [pid 6740] ioctl(4, LOOP_CLR_FD [pid 5068] <... mkdir resumed>) = 0 [pid 5066] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 6740] <... ioctl resumed>) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5066] umount2("./136/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6740] close(4 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6740] <... close resumed>) = 0 [pid 5068] <... openat resumed>) = 3 [pid 5066] lstat("./136/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5066] unlink("./136/binderfs") = 0 [pid 5066] umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6740] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 6740] <... open resumed>) = 4 [pid 5068] close(3 [pid 6740] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] <... close resumed>) = 0 [pid 6740] <... open resumed>) = 5 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6740] ftruncate(5, 33587195) = 0 [pid 6740] sendfile(4, 5, NULL, 281474978811909 [pid 5068] <... clone resumed>, child_tidptr=0x555556c965d0) = 6742 ./strace-static-x86_64: Process 6742 attached [ 347.974696][ T6741] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6742] chdir("./138" [pid 6731] <... sendfile resumed>) = 1048576 [pid 6742] <... chdir resumed>) = 0 [pid 6731] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6742] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6731] <... open resumed>) = -1 EFAULT (Bad address) [pid 6742] <... prctl resumed>) = 0 [pid 6731] exit_group(0 [pid 6742] setpgid(0, 0 [pid 6731] <... exit_group resumed>) = ? [pid 6742] <... setpgid resumed>) = 0 [pid 6742] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6731] +++ exited with 0 +++ [pid 6742] write(3, "1000", 4) = 4 [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6731, si_uid=0, si_status=0, si_utime=0, si_stime=22 /* 0.22 s */} --- [pid 6742] close(3 [pid 5069] restart_syscall(<... resuming interrupted clone ...> [pid 6742] <... close resumed>) = 0 [pid 5069] <... restart_syscall resumed>) = 0 [pid 6742] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6742] memfd_create("syzkaller", 0 [pid 5069] umount2("./138", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6742] <... memfd_create resumed>) = 3 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6742] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5069] openat(AT_FDCWD, "./138", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6742] <... mmap resumed>) = 0x7fc0314e0000 [pid 5069] <... openat resumed>) = 3 [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./138/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./138/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./138/binderfs") = 0 [pid 5069] umount2("./138/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6742] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5066] <... umount2 resumed>) = 0 [pid 5066] umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] lstat("./136/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./136/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6742] <... write resumed>) = 2097152 [pid 6742] munmap(0x7fc0314e0000, 2097152) = 0 [pid 5066] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] close(4 [pid 6742] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5066] <... close resumed>) = 0 [pid 6742] <... openat resumed>) = 4 [pid 6742] ioctl(4, LOOP_SET_FD, 3 [pid 5066] rmdir("./136/file0") = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./136" [pid 6742] <... ioctl resumed>) = 0 [pid 5066] <... rmdir resumed>) = 0 [pid 6742] close(3) = 0 [pid 5066] mkdir("./137", 0777 [pid 6742] mkdir("./file0", 0777 [pid 5069] <... umount2 resumed>) = 0 [pid 6742] <... mkdir resumed>) = 0 [pid 5066] <... mkdir resumed>) = 0 [ 348.278553][ T6742] loop4: detected capacity change from 0 to 4096 [pid 6742] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5069] umount2("./138/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5066] close(3) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./138/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./138/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./138/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5069] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] <... clone resumed>, child_tidptr=0x555556c965d0) = 6743 [pid 5069] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 5069] rmdir("./138/file0"./strace-static-x86_64: Process 6743 attached ) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5069] close(3 [ 348.341495][ T6742] NILFS (loop4): invalid segment: Checksum error in segment payload [pid 6743] chdir("./137" [pid 5069] <... close resumed>) = 0 [pid 6743] <... chdir resumed>) = 0 [pid 5069] rmdir("./138" [pid 6743] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5069] <... rmdir resumed>) = 0 [pid 6743] <... prctl resumed>) = 0 [pid 5069] mkdir("./139", 0777 [pid 6743] setpgid(0, 0 [pid 5069] <... mkdir resumed>) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 6743] <... setpgid resumed>) = 0 [pid 5069] <... openat resumed>) = 3 [pid 6743] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5069] ioctl(3, LOOP_CLR_FD [pid 6743] <... openat resumed>) = 3 [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6743] write(3, "1000", 4 [pid 5069] close(3 [pid 6743] <... write resumed>) = 4 [pid 5069] <... close resumed>) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6743] close(3 [pid 5069] <... clone resumed>, child_tidptr=0x555556c965d0) = 6745 [pid 6743] <... close resumed>) = 0 [ 348.394309][ T6742] NILFS (loop4): trying rollback from an earlier position [ 348.414680][ T6742] NILFS (loop4): recovery complete [pid 6743] symlink("/dev/binderfs", "./binderfs" [pid 6742] <... mount resumed>) = 0 ./strace-static-x86_64: Process 6745 attached [pid 6743] <... symlink resumed>) = 0 [pid 6745] chdir("./139" [pid 6742] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6743] memfd_create("syzkaller", 0 [pid 6745] <... chdir resumed>) = 0 [pid 6743] <... memfd_create resumed>) = 3 [pid 6742] <... openat resumed>) = 3 [pid 6745] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6743] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6742] chdir("./file0" [pid 6745] <... prctl resumed>) = 0 [pid 6743] <... mmap resumed>) = 0x7fc0314e0000 [pid 6742] <... chdir resumed>) = 0 [pid 6745] setpgid(0, 0) = 0 [pid 6745] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6745] write(3, "1000", 4) = 4 [pid 6745] close(3 [pid 6742] ioctl(4, LOOP_CLR_FD [pid 6745] <... close resumed>) = 0 [pid 6742] <... ioctl resumed>) = 0 [pid 6745] symlink("/dev/binderfs", "./binderfs" [pid 6742] close(4 [pid 6745] <... symlink resumed>) = 0 [pid 6742] <... close resumed>) = 0 [pid 6745] memfd_create("syzkaller", 0) = 3 [pid 6745] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6742] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6745] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6742] <... open resumed>) = 4 [ 348.456586][ T6744] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6742] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [pid 6742] ftruncate(5, 33587195) = 0 [pid 6742] sendfile(4, 5, NULL, 281474978811909 [pid 6737] <... sendfile resumed>) = 1048576 [pid 6736] <... sendfile resumed>) = 1048576 [pid 6743] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6737] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6736] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY [pid 6737] <... open resumed>) = -1 EFAULT (Bad address) [pid 6737] exit_group(0) = ? [pid 6737] +++ exited with 0 +++ [pid 6736] <... open resumed>) = -1 EFAULT (Bad address) [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6737, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=24 /* 0.24 s */} --- [pid 6736] exit_group(0 [pid 5064] restart_syscall(<... resuming interrupted clone ...> [pid 6736] <... exit_group resumed>) = ? [pid 5064] <... restart_syscall resumed>) = 0 [pid 6736] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6736, si_uid=0, si_status=0, si_utime=0, si_stime=22 /* 0.22 s */} --- [pid 5064] umount2("./136", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] umount2("./138", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./136", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5067] openat(AT_FDCWD, "./138", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] <... openat resumed>) = 3 [pid 5067] <... openat resumed>) = 3 [pid 5064] fstat(3, [pid 5067] fstat(3, [pid 5064] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] getdents64(3, [pid 5067] getdents64(3, [pid 5064] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] <... getdents64 resumed>0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5067] umount2("./138/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] umount2("./136/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] lstat("./138/binderfs", [pid 5064] lstat("./136/binderfs", [pid 5067] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] unlink("./138/binderfs" [pid 5064] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] <... unlink resumed>) = 0 [pid 5064] unlink("./136/binderfs" [pid 5067] umount2("./138/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... unlink resumed>) = 0 [pid 5064] umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6743] <... write resumed>) = 2097152 [pid 6743] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6743] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6743] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6743] close(3) = 0 [pid 6743] mkdir("./file0", 0777) = 0 [pid 6743] mount("/dev/loop2", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6745] <... write resumed>) = 2097152 [pid 5067] <... umount2 resumed>) = 0 [pid 6745] munmap(0x7fc0314e0000, 2097152 [ 348.656170][ T6743] loop2: detected capacity change from 0 to 4096 [pid 5067] umount2("./138/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6745] <... munmap resumed>) = 0 [pid 6745] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6745] <... openat resumed>) = 4 [pid 5067] lstat("./138/file0", [pid 6745] ioctl(4, LOOP_SET_FD, 3 [pid 5067] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] umount2("./138/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6745] <... ioctl resumed>) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6745] close(3 [pid 5067] openat(AT_FDCWD, "./138/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6745] <... close resumed>) = 0 [pid 5067] <... openat resumed>) = 4 [pid 6745] mkdir("./file0", 0777) = 0 [pid 5067] fstat(4, [pid 6745] mount("/dev/loop5", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5067] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./138/file0") = 0 [pid 5067] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./138") = 0 [ 348.739272][ T6743] NILFS (loop2): invalid segment: Checksum error in segment payload [ 348.752942][ T6745] loop5: detected capacity change from 0 to 4096 [ 348.761438][ T6743] NILFS (loop2): trying rollback from an earlier position [ 348.778331][ T6743] NILFS (loop2): recovery complete [pid 5067] mkdir("./139", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6743] <... mount resumed>) = 0 [pid 6743] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5067] <... clone resumed>, child_tidptr=0x555556c965d0) = 6747 [pid 6743] <... openat resumed>) = 3 [pid 5064] <... umount2 resumed>) = 0 [pid 6743] chdir("./file0") = 0 [pid 6743] ioctl(4, LOOP_CLR_FD) = 0 [pid 6743] close(4 [pid 5064] umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6747 attached [pid 6743] <... close resumed>) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] lstat("./136/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5064] umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6743] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./136/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5064] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6743] <... open resumed>) = 4 [pid 5064] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5064] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5064] close(4) = 0 [pid 5064] rmdir("./136/file0" [pid 6743] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5064] <... rmdir resumed>) = 0 [pid 5064] getdents64(3, [pid 6743] <... open resumed>) = 5 [pid 5064] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5064] close(3) = 0 [pid 5064] rmdir("./136" [pid 6743] ftruncate(5, 33587195 [pid 5064] <... rmdir resumed>) = 0 [pid 6743] <... ftruncate resumed>) = 0 [pid 5064] mkdir("./137", 0777 [pid 6743] sendfile(4, 5, NULL, 281474978811909 [pid 5064] <... mkdir resumed>) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5064] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5064] close(3) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6748 [pid 6747] chdir("./139") = 0 [ 348.832479][ T6745] NILFS (loop5): invalid segment: Checksum error in segment payload [ 348.840732][ T6745] NILFS (loop5): trying rollback from an earlier position [ 348.857926][ T6746] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds ./strace-static-x86_64: Process 6748 attached [pid 6747] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6748] chdir("./137" [pid 6747] <... prctl resumed>) = 0 [pid 6748] <... chdir resumed>) = 0 [pid 6747] setpgid(0, 0 [pid 6745] <... mount resumed>) = 0 [pid 6748] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6747] <... setpgid resumed>) = 0 [pid 6745] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6748] <... prctl resumed>) = 0 [pid 6747] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6745] <... openat resumed>) = 3 [pid 6748] setpgid(0, 0 [pid 6747] <... openat resumed>) = 3 [pid 6745] chdir("./file0" [pid 6748] <... setpgid resumed>) = 0 [pid 6747] write(3, "1000", 4 [pid 6745] <... chdir resumed>) = 0 [pid 6748] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6747] <... write resumed>) = 4 [pid 6745] ioctl(4, LOOP_CLR_FD [pid 6748] <... openat resumed>) = 3 [pid 6747] close(3 [pid 6745] <... ioctl resumed>) = 0 [pid 6748] write(3, "1000", 4 [pid 6747] <... close resumed>) = 0 [pid 6745] close(4 [pid 6748] <... write resumed>) = 4 [pid 6747] symlink("/dev/binderfs", "./binderfs" [pid 6745] <... close resumed>) = 0 [pid 6748] close(3 [pid 6747] <... symlink resumed>) = 0 [pid 6745] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6748] <... close resumed>) = 0 [pid 6747] memfd_create("syzkaller", 0 [pid 6745] <... open resumed>) = 4 [ 348.924040][ T6745] NILFS (loop5): recovery complete [ 348.935703][ T6749] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6748] symlink("/dev/binderfs", "./binderfs" [pid 6747] <... memfd_create resumed>) = 3 [pid 6745] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6748] <... symlink resumed>) = 0 [pid 6747] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6745] <... open resumed>) = 5 [pid 6748] memfd_create("syzkaller", 0 [pid 6747] <... mmap resumed>) = 0x7fc0314e0000 [pid 6745] ftruncate(5, 33587195 [pid 6748] <... memfd_create resumed>) = 3 [pid 6747] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6745] <... ftruncate resumed>) = 0 [pid 6748] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6745] sendfile(4, 5, NULL, 281474978811909 [pid 6748] <... mmap resumed>) = 0x7fc0314e0000 [pid 6748] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 6740] <... sendfile resumed>) = 1048576 [pid 6740] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6740] exit_group(0) = ? [pid 6740] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6740, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5065] umount2("./136", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./136", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5065] umount2("./136/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./136/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5065] unlink("./136/binderfs") = 0 [pid 5065] umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6747] <... write resumed>) = 2097152 [pid 6747] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6747] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6748] <... write resumed>) = 2097152 [pid 6748] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6748] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6748] ioctl(4, LOOP_SET_FD, 3 [pid 6747] <... openat resumed>) = 4 [pid 6747] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6747] close(3) = 0 [pid 6747] mkdir("./file0", 0777) = 0 [pid 6747] mount("/dev/loop3", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 6748] <... ioctl resumed>) = 0 [pid 6748] close(3) = 0 [pid 6748] mkdir("./file0", 0777) = 0 [ 349.179293][ T6747] loop3: detected capacity change from 0 to 4096 [ 349.197630][ T6748] loop0: detected capacity change from 0 to 4096 [ 349.264843][ T6747] NILFS (loop3): invalid segment: Checksum error in segment payload [ 349.268768][ T6748] NILFS (loop0): invalid segment: Checksum error in segment payload [ 349.295838][ T6747] NILFS (loop3): trying rollback from an earlier position [pid 6748] mount("/dev/loop0", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5065] <... umount2 resumed>) = 0 [pid 5065] umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] lstat("./136/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./136/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 349.327961][ T6748] NILFS (loop0): trying rollback from an earlier position [ 349.340941][ T6747] NILFS (loop3): recovery complete [ 349.356252][ T6748] NILFS (loop0): recovery complete [pid 5065] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6747] <... mount resumed>) = 0 [pid 5065] getdents64(4, [pid 6747] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6748] <... mount resumed>) = 0 [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6747] <... openat resumed>) = 3 [pid 6748] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6747] chdir("./file0" [pid 5065] getdents64(4, [pid 6748] <... openat resumed>) = 3 [pid 6747] <... chdir resumed>) = 0 [pid 5065] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6748] chdir("./file0" [pid 6747] ioctl(4, LOOP_CLR_FD [pid 5065] close(4 [pid 6748] <... chdir resumed>) = 0 [pid 6747] <... ioctl resumed>) = 0 [pid 5065] <... close resumed>) = 0 [pid 6747] close(4 [pid 5065] rmdir("./136/file0" [pid 6748] ioctl(4, LOOP_CLR_FD [pid 6747] <... close resumed>) = 0 [pid 6748] <... ioctl resumed>) = 0 [pid 6747] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5065] <... rmdir resumed>) = 0 [pid 6748] close(4) = 0 [pid 5065] getdents64(3, [pid 6748] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5065] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5065] close(3 [pid 6747] <... open resumed>) = 4 [pid 5065] <... close resumed>) = 0 [pid 5065] rmdir("./136" [pid 6748] <... open resumed>) = 4 [pid 6747] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5065] <... rmdir resumed>) = 0 [pid 6748] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6747] <... open resumed>) = 5 [pid 6748] <... open resumed>) = 5 [pid 6748] ftruncate(5, 33587195 [pid 6747] ftruncate(5, 33587195 [pid 5065] mkdir("./137", 0777 [pid 6748] <... ftruncate resumed>) = 0 [pid 5065] <... mkdir resumed>) = 0 [ 349.381639][ T6751] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 349.395763][ T6750] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 6748] sendfile(4, 5, NULL, 281474978811909 [pid 6747] <... ftruncate resumed>) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6747] sendfile(4, 5, NULL, 281474978811909 [pid 5065] <... openat resumed>) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6752 attached , child_tidptr=0x555556c965d0) = 6752 [pid 6752] chdir("./137") = 0 [pid 6752] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6752] setpgid(0, 0) = 0 [pid 6752] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6752] write(3, "1000", 4) = 4 [pid 6752] close(3) = 0 [pid 6752] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6752] memfd_create("syzkaller", 0) = 3 [pid 6752] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [pid 6752] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152 [pid 6752] munmap(0x7fc0314e0000, 2097152) = 0 [pid 6752] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6742] <... sendfile resumed>) = 1048576 [pid 6742] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6742] exit_group(0) = ? [pid 6752] <... openat resumed>) = 4 [pid 6742] +++ exited with 0 +++ [pid 6752] ioctl(4, LOOP_SET_FD, 3 [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6742, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 6752] <... ioctl resumed>) = 0 [pid 6752] close(3 [pid 5068] umount2("./138", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./138", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6752] <... close resumed>) = 0 [pid 5068] <... openat resumed>) = 3 [pid 6752] mkdir("./file0", 0777 [pid 5068] fstat(3, [pid 6752] <... mkdir resumed>) = 0 [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 6752] mount("/dev/loop1", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5068] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5068] umount2("./138/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./138/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] unlink("./138/binderfs") = 0 [ 349.623105][ T6750] ------------[ cut here ]------------ [ 349.646383][ T6750] WARNING: CPU: 1 PID: 6750 at fs/nilfs2/btree.c:2282 nilfs_btree_assign+0xa9f/0xd10 [ 349.656679][ T6752] loop1: detected capacity change from 0 to 4096 [ 349.664577][ T6750] Modules linked in: [ 349.709453][ T6750] CPU: 0 PID: 6750 Comm: segctord Not tainted 6.2.0-rc8-syzkaller-00015-gf6feea56f66d #0 [ 349.720375][ T6750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 349.721922][ T6752] NILFS (loop1): invalid segment: Checksum error in segment payload [ 349.730704][ T6750] RIP: 0010:nilfs_btree_assign+0xa9f/0xd10 [ 349.750797][ T6752] NILFS (loop1): trying rollback from an earlier position [pid 5068] umount2("./138/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6752] <... mount resumed>) = 0 [pid 6752] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6752] chdir("./file0") = 0 [pid 6752] ioctl(4, LOOP_CLR_FD) = 0 [pid 6752] close(4) = 0 [pid 6752] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6752] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5 [ 349.781014][ T6752] NILFS (loop1): recovery complete [ 349.794338][ T6750] Code: 00 0f 85 81 02 00 00 44 89 f0 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 bd 8c 3b fe 4c 8b 7c 24 38 eb a6 e8 b1 8c 3b fe <0f> 0b 41 be fe ff ff ff eb 97 44 89 f1 80 e1 07 80 c1 03 38 c1 0f [ 349.824338][ T6750] RSP: 0018:ffffc9000b117580 EFLAGS: 00010293 [pid 6752] ftruncate(5, 33587195) = 0 [pid 6752] sendfile(4, 5, NULL, 281474978811909 [pid 5068] <... umount2 resumed>) = 0 [ 349.872644][ T6753] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 349.889531][ T6750] RAX: ffffffff8350459f RBX: ffff8880738eccf8 RCX: ffff888022d03a80 [ 349.900510][ T6750] RDX: 0000000000000000 RSI: 00000000fffffffe RDI: 00000000fffffffe [ 349.910490][ T6750] RBP: ffffc9000b1176b0 R08: ffffffff83503efb R09: ffffed100ca8d075 [pid 5068] umount2("./138/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./138/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] umount2("./138/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./138/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5068] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(4, 0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [ 349.972443][ T6750] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [pid 5068] rmdir("./138/file0" [pid 6743] <... sendfile resumed>) = 1048576 [pid 5068] <... rmdir resumed>) = 0 [pid 6743] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 5068] getdents64(3, [pid 6743] exit_group(0) = ? [pid 6743] +++ exited with 0 +++ [pid 5068] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5068] rmdir("./138") = 0 [pid 5068] mkdir("./139", 0777) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6743, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=32 /* 0.32 s */} --- [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5068] close(3) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6754 ./strace-static-x86_64: Process 6754 attached [pid 6754] chdir("./139") = 0 [pid 6754] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6754] setpgid(0, 0) = 0 [pid 6754] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6754] write(3, "1000", 4) = 4 [pid 6754] close(3) = 0 [pid 6754] symlink("/dev/binderfs", "./binderfs" [pid 5066] umount2("./137", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6754] <... symlink resumed>) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6754] memfd_create("syzkaller", 0) = 3 [pid 5066] openat(AT_FDCWD, "./137", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [ 350.014111][ T6750] R13: ffff88807ccc3480 R14: 00000000fffffffe R15: 1ffff92001622ec0 [ 350.025093][ T6750] FS: 0000000000000000(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 [ 350.034973][ T6750] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 350.042357][ T6750] CR2: 0000555556ca7668 CR3: 000000002a645000 CR4: 00000000003506e0 [ 350.051385][ T6750] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [pid 6754] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5066] <... openat resumed>) = 3 [pid 6754] <... mmap resumed>) = 0x7fc0314e0000 [pid 5066] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5066] umount2("./137/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6754] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5066] lstat("./137/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [ 350.103096][ T6750] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 350.111297][ T6750] Call Trace: [ 350.114636][ T6750] [ 350.117793][ T6750] ? read_lock_is_recursive+0x20/0x20 [pid 5066] unlink("./137/binderfs") = 0 [ 350.123775][ T6750] ? nilfs_btree_lookup_dirty_buffers+0xfd0/0xfd0 [ 350.180501][ T6750] ? __up_read+0x670/0x670 [ 350.185029][ T6750] ? __bpf_trace_rcu_stall_warning+0x10/0x10 [pid 5066] umount2("./137/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6745] <... sendfile resumed>) = 1048576 [pid 6745] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [ 350.203624][ T6750] nilfs_bmap_assign+0x8b/0x160 [pid 6745] exit_group(0) = ? [pid 6745] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6745, si_uid=0, si_status=0, si_utime=0, si_stime=29 /* 0.29 s */} --- [pid 5069] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5069] umount2("./139", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./139", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] getdents64(3, 0x555556c97620 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./139/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./139/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] unlink("./139/binderfs") = 0 [pid 5069] umount2("./139/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6754] <... write resumed>) = 2097152 [pid 6754] munmap(0x7fc0314e0000, 2097152) = 0 [ 350.225539][ T6750] nilfs_segctor_do_construct+0x3a11/0x6f70 [ 350.231891][ T6750] ? nilfs_transaction_unlock+0x210/0x210 [pid 5066] <... umount2 resumed>) = 0 [pid 5066] umount2("./137/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6754] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6754] <... openat resumed>) = 4 [pid 6754] ioctl(4, LOOP_SET_FD, 3 [pid 5066] lstat("./137/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] umount2("./137/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./137/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] getdents64(4, [pid 6754] <... ioctl resumed>) = 0 [pid 6754] close(3) = 0 [pid 6754] mkdir("./file0", 0777 [pid 5066] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 5066] rmdir("./137/file0") = 0 [pid 5066] getdents64(3, 0x555556c97620 /* 0 entries */, 32768) = 0 [pid 5066] close(3 [pid 6754] <... mkdir resumed>) = 0 [ 350.278933][ T6750] ? nilfs_segctor_confirm+0x24c/0x2d0 [ 350.292403][ T6750] ? rcu_read_lock_sched_held+0x8d/0x130 [ 350.306115][ T6750] ? __bpf_trace_rcu_stall_warning+0x10/0x10 [ 350.307004][ T6754] loop4: detected capacity change from 0 to 4096 [ 350.315929][ T6750] ? nilfs_segctor_confirm+0x24c/0x2d0 [pid 6754] mount("/dev/loop4", "./file0", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5066] <... close resumed>) = 0 [pid 5066] rmdir("./137") = 0 [pid 5066] mkdir("./138", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5066] close(3) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6755 ./strace-static-x86_64: Process 6755 attached [ 350.349589][ T6750] ? __lock_acquire+0x1f80/0x1f80 [ 350.354745][ T6750] ? do_raw_spin_unlock+0x13b/0x8b0 [pid 6755] chdir("./138") = 0 [pid 6755] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6755] setpgid(0, 0) = 0 [pid 6755] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6755] write(3, "1000", 4) = 4 [pid 6755] close(3) = 0 [pid 6755] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6755] memfd_create("syzkaller", 0) = 3 [pid 6755] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0314e0000 [ 350.404420][ T6750] ? _raw_spin_unlock+0x28/0x40 [ 350.416676][ T6750] ? nilfs_segctor_confirm+0x24c/0x2d0 [ 350.427210][ T6754] NILFS (loop4): invalid segment: Checksum error in segment payload [ 350.431901][ T6750] nilfs_segctor_construct+0x145/0x8c0 [ 350.456540][ T6750] nilfs_segctor_thread+0x53a/0x1140 [ 350.464687][ T6754] NILFS (loop4): trying rollback from an earlier position [ 350.484561][ T6750] ? nilfs_construction_timeout+0x40/0x40 [pid 6755] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5069] <... umount2 resumed>) = 0 [pid 6747] <... sendfile resumed>) = 1048576 [pid 6747] open(NULL, O_RDONLY|O_NOCTTY|O_APPEND|O_DSYNC|O_NOFOLLOW|O_DIRECTORY) = -1 EFAULT (Bad address) [pid 6747] exit_group(0 [pid 6755] <... write resumed>) = 2097152 [pid 6747] <... exit_group resumed>) = ? [pid 6755] munmap(0x7fc0314e0000, 2097152 [pid 6747] +++ exited with 0 +++ [pid 5069] umount2("./139/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./139/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5069] umount2("./139/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./139/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6747, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=25 /* 0.25 s */} --- [pid 6755] <... munmap resumed>) = 0 [pid 6754] <... mount resumed>) = 0 [pid 5069] getdents64(4, [ 350.525667][ T6750] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 350.549592][ T6754] NILFS (loop4): recovery complete [ 350.559758][ T6750] ? _raw_spin_unlock+0x40/0x40 [ 350.564714][ T6750] ? wake_bit_function+0x220/0x220 [pid 6754] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 2 entries */, 32768) = 48 [pid 6754] <... openat resumed>) = 3 [pid 5069] getdents64(4, [pid 6754] chdir("./file0" [pid 5069] <... getdents64 resumed>0x555556c9f660 /* 0 entries */, 32768) = 0 [pid 6754] <... chdir resumed>) = 0 [pid 5069] close(4 [pid 6754] ioctl(4, LOOP_CLR_FD [pid 5069] <... close resumed>) = 0 [pid 6754] <... ioctl resumed>) = 0 [pid 5069] rmdir("./139/file0" [pid 6754] close(4 [pid 5069] <... rmdir resumed>) = 0 [pid 6755] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6754] <... close resumed>) = 0 [pid 5069] getdents64(3, [pid 6754] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] <... getdents64 resumed>0x555556c97620 /* 0 entries */, 32768) = 0 [pid 6755] <... openat resumed>) = 4 [pid 6754] <... open resumed>) = 4 [pid 5069] close(3 [pid 6754] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] <... close resumed>) = 0 [ 350.578482][ T6750] ? _raw_spin_unlock+0x40/0x40 [ 350.585971][ T6750] ? lockdep_hardirqs_on_prepare+0x43c/0x7a0 [ 350.594261][ T6750] ? __kthread_parkme+0x164/0x1c0 [ 350.594425][ T6756] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 350.612502][ T6750] kthread+0x270/0x300 [ 350.616991][ T6750] ? nilfs_construction_timeout+0x40/0x40 [ 350.622975][ T6750] ? kthread_blkcg+0xd0/0xd0 [pid 6755] ioctl(4, LOOP_SET_FD, 3 [pid 6754] <... open resumed>) = 5 [pid 5069] rmdir("./139" [pid 5067] umount2("./139", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6754] ftruncate(5, 33587195 [pid 5069] <... rmdir resumed>) = 0 [pid 6754] <... ftruncate resumed>) = 0 [pid 5069] mkdir("./140", 0777 [pid 6754] sendfile(4, 5, NULL, 281474978811909 [pid 5069] <... mkdir resumed>) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5069] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c965d0) = 6757 [ 350.628203][ T6750] ret_from_fork+0x1f/0x30 [ 350.633801][ T6750] [ 350.637962][ T6750] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 350.645321][ T6750] CPU: 1 PID: 6750 Comm: segctord Not tainted 6.2.0-rc8-syzkaller-00015-gf6feea56f66d #0 [ 350.655254][ T6750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 350.665374][ T6750] Call Trace: [ 350.668698][ T6750] [ 350.671679][ T6750] dump_stack_lvl+0x1e7/0x2d0 [ 350.676450][ T6750] ? nf_tcp_handle_invalid+0x640/0x640 [ 350.681978][ T6750] ? panic+0x770/0x770 [ 350.686116][ T6750] ? vscnprintf+0x5d/0x80 [ 350.690526][ T6750] panic+0x31c/0x770 [ 350.694498][ T6750] ? __warn+0x16c/0x5f0 [ 350.698792][ T6750] ? memcpy_page_flushcache+0x100/0x100 [ 350.704409][ T6750] ? ret_from_fork+0x1f/0x30 [ 350.709071][ T6750] __warn+0x419/0x5f0 [ 350.713105][ T6750] ? nilfs_btree_assign+0xa9f/0xd10 [ 350.718366][ T6750] ? nilfs_btree_assign+0xa9f/0xd10 [ 350.723623][ T6750] report_bug+0x1bd/0x2d0 [ 350.728094][ T6750] handle_bug+0x3d/0x70 [ 350.732306][ T6750] exc_invalid_op+0x1a/0x50 [ 350.736874][ T6750] asm_exc_invalid_op+0x1a/0x20 [ 350.741857][ T6750] RIP: 0010:nilfs_btree_assign+0xa9f/0xd10 [ 350.747728][ T6750] Code: 00 0f 85 81 02 00 00 44 89 f0 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 bd 8c 3b fe 4c 8b 7c 24 38 eb a6 e8 b1 8c 3b fe <0f> 0b 41 be fe ff ff ff eb 97 44 89 f1 80 e1 07 80 c1 03 38 c1 0f [ 350.767394][ T6750] RSP: 0018:ffffc9000b117580 EFLAGS: 00010293 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 350.773517][ T6750] RAX: ffffffff8350459f RBX: ffff8880738eccf8 RCX: ffff888022d03a80 [ 350.781537][ T6750] RDX: 0000000000000000 RSI: 00000000fffffffe RDI: 00000000fffffffe [ 350.789555][ T6750] RBP: ffffc9000b1176b0 R08: ffffffff83503efb R09: ffffed100ca8d075 [ 350.797578][ T6750] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 350.805609][ T6750] R13: ffff88807ccc3480 R14: 00000000fffffffe R15: 1ffff92001622ec0 [ 350.813652][ T6750] ? nilfs_btree_assign+0x3fb/0xd10 [ 350.818923][ T6750] ? nilfs_btree_assign+0xa9f/0xd10 [ 350.824202][ T6750] ? read_lock_is_recursive+0x20/0x20 [ 350.829654][ T6750] ? nilfs_btree_lookup_dirty_buffers+0xfd0/0xfd0 [ 350.836136][ T6750] ? __up_read+0x670/0x670 [ 350.840610][ T6750] ? __bpf_trace_rcu_stall_warning+0x10/0x10 [ 350.846666][ T6750] nilfs_bmap_assign+0x8b/0x160 [ 350.851577][ T6750] nilfs_segctor_do_construct+0x3a11/0x6f70 [ 350.857617][ T6750] ? nilfs_transaction_unlock+0x210/0x210 [ 350.863396][ T6750] ? nilfs_segctor_confirm+0x24c/0x2d0 [ 350.868908][ T6750] ? rcu_read_lock_sched_held+0x8d/0x130 [ 350.874603][ T6750] ? __bpf_trace_rcu_stall_warning+0x10/0x10 [ 350.880670][ T6750] ? nilfs_segctor_confirm+0x24c/0x2d0 [ 350.886182][ T6750] ? __lock_acquire+0x1f80/0x1f80 [ 350.891278][ T6750] ? do_raw_spin_unlock+0x13b/0x8b0 [ 350.896553][ T6750] ? _raw_spin_unlock+0x28/0x40 [ 350.901459][ T6750] ? nilfs_segctor_confirm+0x24c/0x2d0 [ 350.906973][ T6750] nilfs_segctor_construct+0x145/0x8c0 [ 350.912501][ T6750] nilfs_segctor_thread+0x53a/0x1140 [ 350.917883][ T6750] ? nilfs_construction_timeout+0x40/0x40 [ 350.923661][ T6750] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 350.929618][ T6750] ? _raw_spin_unlock+0x40/0x40 [ 350.934529][ T6750] ? wake_bit_function+0x220/0x220 [ 350.936115][ T6755] loop2: detected capacity change from 0 to 4096 [ 350.946049][ T6750] ? _raw_spin_unlock+0x40/0x40 [ 350.950957][ T6750] ? lockdep_hardirqs_on_prepare+0x43c/0x7a0 [ 350.957187][ T6750] ? __kthread_parkme+0x164/0x1c0 [ 350.960263][ T6755] NILFS (loop2): invalid segment: Checksum error in segment payload [ 350.960292][ T6755] NILFS (loop2): trying rollback from an earlier position [ 350.977514][ T6750] kthread+0x270/0x300 [ 350.981641][ T6750] ? nilfs_construction_timeout+0x40/0x40 [ 350.987423][ T6750] ? kthread_blkcg+0xd0/0xd0 [ 350.989193][ T6755] NILFS (loop2): recovery complete [ 350.997206][ T6750] ret_from_fork+0x1f/0x30 [ 351.001720][ T6750] [ 351.004951][ T6750] Kernel Offset: disabled [ 351.009402][ T6750] Rebooting in 86400 seconds..