./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor860532986 <...> Warning: Permanently added '10.128.1.188' (ED25519) to the list of known hosts. execve("./syz-executor860532986", ["./syz-executor860532986"], 0x7ffcd374cec0 /* 10 vars */) = 0 brk(NULL) = 0x55555b716000 brk(0x55555b716e00) = 0x55555b716e00 arch_prctl(ARCH_SET_FS, 0x55555b716480) = 0 set_tid_address(0x55555b716750) = 305 set_robust_list(0x55555b716760, 24) = 0 rseq(0x55555b716da0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented) prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor860532986", 4096) = 27 getrandom("\xee\xbd\xef\x17\xab\xda\x6b\x3c", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55555b716e00 brk(0x55555b737e00) = 0x55555b737e00 brk(0x55555b738000) = 0x55555b738000 mprotect(0x7f537f4d7000, 16384, PROT_READ) = 0 mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000 mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000 mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 306 openat(AT_FDCWD, "/sys/kernel/debug/x86/nmi_longest_ns", O_WRONLY|O_CLOEXEC) = 3 write(3, "10000000000", 11) = 11 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/hung_task_check_interval_secs", O_WRONLY|O_CLOEXEC) = 3 write(3, "20", 2) = 2 close(3) = 0 openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_kallsyms", O_WRONLY|O_CLOEXEC) = 3 write(3, "1", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_harden", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/kptr_restrict", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/softlockup_all_cpu_backtrace", O_WRONLY|O_CLOEXEC) = 3 write(3, "1", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC) = 3 write(3, "100", 3) = 3 close(3) = 0 openat(AT_FDCWD, "/proc/sys/vm/oom_dump_tasks", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/debug/exception-trace", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/printk", O_WRONLY|O_CLOEXEC) = 3 write(3, "7 4 1 3", 7) = 7 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/keys/gc_delay", O_WRONLY|O_CLOEXEC) = 3 write(3, "1", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/vm/oom_kill_allocating_task", O_WRONLY|O_CLOEXEC) = 3 write(3, "1", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/ctrl-alt-del", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/cad_pid", O_WRONLY|O_CLOEXEC) = 3 write(3, "306", 3) = 3 close(3) = 0 kill(306, SIGKILL) = 0 ./strace-static-x86_64: Process 306 attached [pid 306] +++ killed by SIGKILL +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=306, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=0} --- rt_sigaction(SIGRTMIN, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0 rt_sigaction(SIGSEGV, {sa_handler=0x7f537f416d30, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 rt_sigaction(SIGBUS, {sa_handler=0x7f537f416d30, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 307 attached , child_tidptr=0x55555b716750) = 307 [pid 305] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 308 [pid 305] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 307] set_robust_list(0x55555b716760, 24 [pid 305] <... clone resumed>, child_tidptr=0x55555b716750) = 309 [pid 305] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 307] <... set_robust_list resumed>) = 0 [pid 305] <... clone resumed>, child_tidptr=0x55555b716750) = 310 [pid 305] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 311 ./strace-static-x86_64: Process 309 attached [pid 309] set_robust_list(0x55555b716760, 24) = 0 [pid 309] mkdir("./syzkaller.Jzdtcv", 0700 [pid 307] mkdir("./syzkaller.pRDLdv", 0700./strace-static-x86_64: Process 310 attached [pid 309] <... mkdir resumed>) = 0 [pid 309] chmod("./syzkaller.Jzdtcv", 0777) = 0 [pid 309] chdir("./syzkaller.Jzdtcv") = 0 [pid 309] mkdir("./0", 0777) = 0 [ 40.001198][ T24] audit: type=1400 audit(1743587961.440:66): avc: denied { execmem } for pid=305 comm="syz-executor860" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [pid 309] openat(AT_FDCWD, "/dev/loop2", O_RDWRexecuting program ) = 3 [pid 309] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 309] close(3) = 0 [pid 309] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 308 attached [pid 308] set_robust_list(0x55555b716760, 24) = 0 [pid 308] mkdir("./syzkaller.qoNSkA", 0700 [pid 309] <... clone resumed>, child_tidptr=0x55555b716750) = 313 ./strace-static-x86_64: Process 313 attached [pid 313] set_robust_list(0x55555b716760, 24) = 0 [pid 313] chdir("./0") = 0 [pid 313] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 313] setpgid(0, 0) = 0 [pid 313] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 313] write(3, "1000", 4) = 4 [pid 313] close(3) = 0 [pid 313] symlink("/dev/binderfs", "./binderfs") = 0 [pid 313] write(1, "executing program\n", 18) = 18 [pid 313] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 313] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 313] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 313] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 313] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 313] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 313] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[314]}, 88) = 314 [pid 313] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 313] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 313] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 311 attached [pid 311] set_robust_list(0x55555b716760, 24) = 0 [pid 311] mkdir("./syzkaller.aBabPZ", 0700 [pid 310] set_robust_list(0x55555b716760, 24) = 0 [pid 310] mkdir("./syzkaller.ZKGEsY", 0700 [pid 308] <... mkdir resumed>) = 0 [pid 308] chmod("./syzkaller.qoNSkA", 0777) = 0 [pid 308] chdir("./syzkaller.qoNSkA") = 0 [pid 308] mkdir("./0", 0777) = 0 [pid 308] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 308] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 308] close(3) = 0 [pid 308] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 315 [pid 307] <... mkdir resumed>) = 0 [pid 307] chmod("./syzkaller.pRDLdv", 0777) = 0 [pid 307] chdir("./syzkaller.pRDLdv") = 0 [pid 307] mkdir("./0", 0777) = 0 [pid 307] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 307] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 307] close(3) = 0 ./strace-static-x86_64: Process 314 attached [pid 311] <... mkdir resumed>) = 0 [pid 307] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 315 attached [pid 314] set_robust_list(0x7f537f40c9a0, 24 [pid 311] chmod("./syzkaller.aBabPZ", 0777) = 0 [pid 307] <... clone resumed>, child_tidptr=0x55555b716750) = 316 [pid 311] chdir("./syzkaller.aBabPZ" [pid 315] set_robust_list(0x55555b716760, 24 [pid 311] <... chdir resumed>) = 0 [pid 315] <... set_robust_list resumed>) = 0 [pid 314] <... set_robust_list resumed>) = 0 [pid 311] mkdir("./0", 0777) = 0 [pid 311] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 315] chdir("./0" [pid 314] rt_sigprocmask(SIG_SETMASK, [], [pid 311] <... openat resumed>) = 3 [pid 311] ioctl(3, LOOP_CLR_FD [pid 315] <... chdir resumed>) = 0 ./strace-static-x86_64: Process 316 attached executing program [pid 314] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 315] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 311] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 310] <... mkdir resumed>) = 0 [pid 310] chmod("./syzkaller.ZKGEsY", 0777) = 0 [pid 310] chdir("./syzkaller.ZKGEsY") = 0 [pid 310] mkdir("./0", 0777) = 0 [pid 310] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 310] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 310] close(3) = 0 [pid 310] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 318 [pid 316] set_robust_list(0x55555b716760, 24) = 0 [pid 316] chdir("./0") = 0 [pid 316] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 316] setpgid(0, 0) = 0 [pid 316] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 316] write(3, "1000", 4) = 4 [pid 316] close(3) = 0 [pid 316] symlink("/dev/binderfs", "./binderfs") = 0 [pid 316] write(1, "executing program\n", 18) = 18 [pid 316] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 316] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 316] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 316] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 316] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 316] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 316] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[319]}, 88) = 319 [pid 316] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 316] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 316] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 314] memfd_create("syzkaller", 0) = 3 [pid 314] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 315] <... prctl resumed>) = 0 [pid 311] close(3 [pid 315] setpgid(0, 0 [pid 311] <... close resumed>) = 0 [pid 315] <... setpgid resumed>) = 0 [pid 315] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 319 attached ./strace-static-x86_64: Process 318 attached [pid 311] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 315] <... openat resumed>) = 3 [pid 315] write(3, "1000", 4) = 4 [pid 311] <... clone resumed>, child_tidptr=0x55555b716750) = 320 [pid 315] close(3) = 0 [pid 315] symlink("/dev/binderfs", "./binderfs" [pid 318] set_robust_list(0x55555b716760, 24 [pid 315] <... symlink resumed>) = 0 [pid 318] <... set_robust_list resumed>) = 0 [pid 319] set_robust_list(0x7f537f40c9a0, 24 [pid 315] write(1, "executing program\n", 18executing program ) = 18 [pid 315] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 315] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, ./strace-static-x86_64: Process 320 attached [pid 319] <... set_robust_list resumed>) = 0 [pid 318] chdir("./0" [pid 315] <... rt_sigaction resumed>NULL, 8) = 0 [pid 315] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 318] <... chdir resumed>) = 0 [pid 315] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 315] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 318] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 319] rt_sigprocmask(SIG_SETMASK, [], [pid 315] <... mmap resumed>) = 0x7f537f3ec000 [pid 318] <... prctl resumed>) = 0 [pid 319] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 320] set_robust_list(0x55555b716760, 24 [pid 318] setpgid(0, 0 [pid 315] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE [pid 319] memfd_create("syzkaller", 0 [pid 320] <... set_robust_list resumed>) = 0 [pid 318] <... setpgid resumed>) = 0 [pid 315] <... mprotect resumed>) = 0 [pid 320] chdir("./0" [pid 318] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 315] rt_sigprocmask(SIG_BLOCK, ~[], [pid 318] <... openat resumed>) = 3 [pid 315] <... rt_sigprocmask resumed>[], 8) = 0 [pid 320] <... chdir resumed>) = 0 [pid 319] <... memfd_create resumed>) = 3 [pid 318] write(3, "1000", 4 [pid 315] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} [pid 320] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 319] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 318] <... write resumed>) = 4 [pid 315] <... clone3 resumed> => {parent_tid=[321]}, 88) = 321 [pid 320] <... prctl resumed>) = 0 [pid 319] <... mmap resumed>) = 0x7f5376fec000 [pid 318] close(3 [pid 315] rt_sigprocmask(SIG_SETMASK, [], [pid 320] setpgid(0, 0) = 0 [pid 318] <... close resumed>) = 0 [pid 315] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 320] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 318] symlink("/dev/binderfs", "./binderfs" [pid 315] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 318] <... symlink resumed>) = 0 [pid 315] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 320] <... openat resumed>) = 3 [pid 318] write(1, "executing program\n", 18executing program [pid 320] write(3, "1000", 4 [pid 318] <... write resumed>) = 18 [pid 320] <... write resumed>) = 4 [pid 318] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 320] close(3) = 0 [pid 318] <... futex resumed>) = 0 [pid 320] symlink("/dev/binderfs", "./binderfs" [pid 318] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, [pid 320] <... symlink resumed>) = 0 [pid 318] <... rt_sigaction resumed>NULL, 8) = 0 executing program [pid 320] write(1, "executing program\n", 18 [pid 318] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 320] <... write resumed>) = 18 [pid 318] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 320] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 318] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 320] <... futex resumed>) = 0 ./strace-static-x86_64: Process 321 attached [pid 320] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, [pid 318] <... mmap resumed>) = 0x7f537f3ec000 [pid 321] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 321] rt_sigprocmask(SIG_SETMASK, [], [pid 320] <... rt_sigaction resumed>NULL, 8) = 0 [pid 318] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE [pid 321] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 320] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 318] <... mprotect resumed>) = 0 [pid 320] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 320] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 318] rt_sigprocmask(SIG_BLOCK, ~[], [pid 320] <... mmap resumed>) = 0x7f537f3ec000 [pid 320] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE [pid 318] <... rt_sigprocmask resumed>[], 8) = 0 [pid 320] <... mprotect resumed>) = 0 [pid 321] memfd_create("syzkaller", 0 [pid 320] rt_sigprocmask(SIG_BLOCK, ~[], [pid 318] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} [pid 320] <... rt_sigprocmask resumed>[], 8) = 0 [pid 320] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} [pid 318] <... clone3 resumed> => {parent_tid=[322]}, 88) = 322 [pid 321] <... memfd_create resumed>) = 3 [pid 318] rt_sigprocmask(SIG_SETMASK, [], [pid 320] <... clone3 resumed> => {parent_tid=[323]}, 88) = 323 [pid 318] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 321] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 320] rt_sigprocmask(SIG_SETMASK, [], [pid 318] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 320] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 318] <... futex resumed>) = 0 [pid 321] <... mmap resumed>) = 0x7f5376fec000 [pid 320] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 318] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 320] <... futex resumed>) = 0 [ 40.029677][ T24] audit: type=1400 audit(1743587961.470:67): avc: denied { read write } for pid=309 comm="syz-executor860" name="loop2" dev="devtmpfs" ino=113 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 40.062848][ T24] audit: type=1400 audit(1743587961.470:68): avc: denied { open } for pid=309 comm="syz-executor860" path="/dev/loop2" dev="devtmpfs" ino=113 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [pid 320] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 323 attached [pid 323] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 323] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 323] memfd_create("syzkaller", 0) = 3 [pid 323] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 ./strace-static-x86_64: Process 322 attached [pid 322] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 322] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 322] memfd_create("syzkaller", 0) = 3 [pid 322] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [ 40.116648][ T24] audit: type=1400 audit(1743587961.470:69): avc: denied { ioctl } for pid=309 comm="syz-executor860" path="/dev/loop2" dev="devtmpfs" ino=113 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [pid 314] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 319] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 323] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 322] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 321] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 314] <... write resumed>) = 20699119 [pid 314] munmap(0x7f5376fec000, 138412032) = 0 [pid 314] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 319] <... write resumed>) = 20699119 [pid 314] <... openat resumed>) = 4 [pid 314] ioctl(4, LOOP_SET_FD, 3 [pid 319] munmap(0x7f5376fec000, 138412032 [pid 314] <... ioctl resumed>) = 0 [pid 314] close(3) = 0 [pid 314] close(4) = 0 [pid 314] mkdir("./file0", 0777) = 0 [pid 314] mount("/dev/loop2", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 323] <... write resumed>) = 20699119 [pid 322] <... write resumed>) = 20699119 [pid 321] <... write resumed>) = 20699119 [pid 319] <... munmap resumed>) = 0 [pid 323] munmap(0x7f5376fec000, 138412032 [pid 321] munmap(0x7f5376fec000, 138412032 [pid 319] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 322] munmap(0x7f5376fec000, 138412032) = 0 [pid 322] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 322] ioctl(4, LOOP_SET_FD, 3 [pid 323] <... munmap resumed>) = 0 [pid 323] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 321] <... munmap resumed>) = 0 [pid 319] <... openat resumed>) = 4 [pid 322] <... ioctl resumed>) = 0 [pid 323] <... openat resumed>) = 4 [pid 321] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 319] ioctl(4, LOOP_SET_FD, 3 [pid 322] close(3) = 0 [pid 322] close(4) = 0 [pid 322] mkdir("./file0", 0777 [pid 323] ioctl(4, LOOP_SET_FD, 3 [pid 321] <... openat resumed>) = 4 [pid 322] <... mkdir resumed>) = 0 [pid 322] mount("/dev/loop3", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 321] ioctl(4, LOOP_SET_FD, 3 [pid 323] <... ioctl resumed>) = 0 [pid 323] close(3) = 0 [ 40.509069][ T24] audit: type=1400 audit(1743587961.940:70): avc: denied { mounton } for pid=313 comm="syz-executor860" path="/root/syzkaller.Jzdtcv/0/file0" dev="sda1" ino=1942 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 40.544246][ T314] F2FS-fs (loop2): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 40.556092][ T314] F2FS-fs (loop2): Found nat_bits in checkpoint [pid 323] close(4) = 0 [pid 323] mkdir("./file0", 0777) = 0 [pid 323] mount("/dev/loop4", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 319] <... ioctl resumed>) = 0 [pid 321] <... ioctl resumed>) = 0 [pid 321] close(3) = 0 [pid 321] close(4 [pid 319] close(3 [pid 314] <... mount resumed>) = 0 [pid 314] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 314] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 319] <... close resumed>) = 0 [ 40.587457][ T314] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0 [ 40.594196][ T314] F2FS-fs (loop2): Cannot turn on quotas: -2 on 1 [ 40.602198][ T314] F2FS-fs (loop2): Cannot turn on quotas: -2 on 2 [ 40.602467][ T322] F2FS-fs (loop3): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 40.614011][ T314] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 40.618581][ T322] F2FS-fs (loop3): Found nat_bits in checkpoint [ 40.628499][ T24] audit: type=1400 audit(1743587962.060:71): avc: denied { mount } for pid=313 comm="syz-executor860" name="/" dev="loop2" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 40.661111][ T323] F2FS-fs (loop4): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 40.672853][ T323] F2FS-fs (loop4): Found nat_bits in checkpoint [ 40.673161][ T322] F2FS-fs (loop3): Cannot turn on quotas: -2 on 0 [pid 319] close(4 [pid 321] <... close resumed>) = 0 [pid 321] mkdir("./file0", 0777) = 0 [pid 321] mount("/dev/loop1", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 322] <... mount resumed>) = 0 [pid 322] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [ 40.686049][ T322] F2FS-fs (loop3): Cannot turn on quotas: -2 on 1 [ 40.692612][ T322] F2FS-fs (loop3): Cannot turn on quotas: -2 on 2 [ 40.700045][ T322] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 40.715697][ T323] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0 [ 40.722328][ T323] F2FS-fs (loop4): Cannot turn on quotas: -2 on 1 [ 40.729147][ T323] F2FS-fs (loop4): Cannot turn on quotas: -2 on 2 [pid 322] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 314] <... openat resumed>) = 4 [pid 314] ioctl(4, LOOP_CLR_FD [pid 323] <... mount resumed>) = 0 [pid 323] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 323] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 319] <... close resumed>) = 0 [ 40.735880][ T323] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [pid 322] <... openat resumed>) = 4 [pid 319] mkdir("./file0", 0777 [pid 314] <... ioctl resumed>) = 0 [pid 314] close(4 [pid 319] <... mkdir resumed>) = 0 [pid 322] ioctl(4, LOOP_CLR_FD [pid 319] mount("/dev/loop0", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 314] <... close resumed>) = 0 [pid 314] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 314] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 313] <... futex resumed>) = 0 [pid 313] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 313] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 314] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 314] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 314] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 313] <... futex resumed>) = 0 [pid 313] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 314] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 313] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 322] <... ioctl resumed>) = 0 [pid 322] close(4) = 0 [pid 322] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 323] <... openat resumed>) = 4 [pid 322] <... futex resumed>) = 1 [pid 318] <... futex resumed>) = 0 [pid 323] ioctl(4, LOOP_CLR_FD [pid 322] fspick(AT_FDCWD, "./file0", 0 [pid 318] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 322] <... fspick resumed>) = 4 [pid 318] <... futex resumed>) = 0 [pid 318] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 322] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 318] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 322] <... futex resumed>) = 0 [pid 318] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 322] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 318] <... futex resumed>) = 0 [pid 318] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 314] <... fsconfig resumed>) = 0 [pid 314] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 313] <... futex resumed>) = 0 [pid 314] openat(AT_FDCWD, "./file0", O_RDONLY [pid 313] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 314] <... openat resumed>) = 5 [pid 313] <... futex resumed>) = 0 [pid 314] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 313] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 314] <... futex resumed>) = 0 [pid 313] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 314] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 313] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 313] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 314] <... ioctl resumed>) = 0 [pid 314] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 313] <... futex resumed>) = 0 [pid 314] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 313] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 314] <... prlimit64 resumed>NULL) = 0 [pid 313] <... futex resumed>) = 0 [pid 314] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 313] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 314] <... futex resumed>) = 0 [pid 313] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 314] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 313] exit_group(0 [pid 314] <... futex resumed>) = ? [pid 313] <... exit_group resumed>) = ? [pid 314] +++ exited with 0 +++ [pid 313] +++ exited with 0 +++ [pid 309] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=313, si_uid=0, si_status=0, si_utime=9, si_stime=14} --- [pid 322] <... fsconfig resumed>) = 0 [pid 322] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 322] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 309] restart_syscall(<... resuming interrupted clone ...> [pid 318] <... futex resumed>) = 0 [pid 318] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 322] <... futex resumed>) = 0 [pid 318] <... futex resumed>) = 1 [pid 322] openat(AT_FDCWD, "./file0", O_RDONLY [pid 318] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 322] <... openat resumed>) = 5 [pid 322] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 318] <... futex resumed>) = 0 [pid 322] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 318] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 318] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 322] <... ioctl resumed>) = 0 [pid 322] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 318] <... futex resumed>) = 0 [pid 322] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 318] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 322] <... prlimit64 resumed>NULL) = 0 [pid 318] <... futex resumed>) = 0 [pid 322] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 318] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 322] <... futex resumed>) = 0 [pid 318] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 322] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 318] exit_group(0 [pid 322] <... futex resumed>) = ? [pid 318] <... exit_group resumed>) = ? [pid 322] +++ exited with 0 +++ [pid 318] +++ exited with 0 +++ [pid 310] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=318, si_uid=0, si_status=0, si_utime=6, si_stime=17} --- [pid 310] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 310] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 309] <... restart_syscall resumed>) = 0 [pid 310] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 310] getdents64(3, [pid 309] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 310] <... getdents64 resumed>0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 309] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 310] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 309] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 310] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 309] <... openat resumed>) = 3 [pid 310] newfstatat(AT_FDCWD, "./0/binderfs", [pid 309] newfstatat(3, "", [pid 310] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 309] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 310] unlink("./0/binderfs" [pid 309] getdents64(3, [pid 310] <... unlink resumed>) = 0 [pid 309] <... getdents64 resumed>0x55555b7177f0 /* 4 entries */, 32768) = 112 [ 40.796232][ T321] F2FS-fs (loop1): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 40.822719][ T321] F2FS-fs (loop1): Found nat_bits in checkpoint [pid 310] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 309] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 323] <... ioctl resumed>) = 0 [pid 309] newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 309] unlink("./0/binderfs") = 0 [pid 309] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 323] close(4 [pid 310] <... umount2 resumed>) = 0 [pid 323] <... close resumed>) = 0 [ 40.833367][ T24] audit: type=1400 audit(1743587962.270:72): avc: denied { unmount } for pid=310 comm="syz-executor860" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 40.867129][ T321] F2FS-fs (loop1): Cannot turn on quotas: -2 on 0 [ 40.879566][ T319] F2FS-fs (loop0): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 40.889963][ T321] F2FS-fs (loop1): Cannot turn on quotas: -2 on 1 [pid 310] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 323] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 320] <... futex resumed>) = 0 [pid 310] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 310] newfstatat(AT_FDCWD, "./0/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 310] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 310] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 310] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 310] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 310] close(4) = 0 [pid 310] rmdir("./0/file0") = 0 [pid 310] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 310] close(3) = 0 [pid 323] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 310] rmdir("./0") = 0 [pid 310] mkdir("./1", 0777 [pid 323] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 320] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 323] fspick(AT_FDCWD, "./file0", 0 [pid 320] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 323] <... fspick resumed>) = 4 [pid 323] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 320] <... futex resumed>) = 0 [pid 309] <... umount2 resumed>) = 0 [pid 323] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 320] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 323] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 320] <... futex resumed>) = 0 [pid 323] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 320] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 309] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] newfstatat(AT_FDCWD, "./0/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 309] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 309] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 309] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 309] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 309] close(4) = 0 [pid 309] rmdir("./0/file0") = 0 [pid 310] <... mkdir resumed>) = 0 [pid 309] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 309] close(3) = 0 [pid 309] rmdir("./0") = 0 [pid 310] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 310] ioctl(3, LOOP_CLR_FD [pid 309] mkdir("./1", 0777) = 0 [pid 309] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 321] <... mount resumed>) = 0 [pid 323] <... fsconfig resumed>) = 0 [pid 321] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 323] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 321] <... openat resumed>) = 3 [pid 320] <... futex resumed>) = 0 [pid 323] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 321] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 320] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 323] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 320] <... futex resumed>) = 0 [pid 323] openat(AT_FDCWD, "./file0", O_RDONLY [pid 320] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 323] <... openat resumed>) = 5 [pid 323] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 323] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 320] <... futex resumed>) = 0 [pid 320] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 323] <... futex resumed>) = 0 [pid 320] <... futex resumed>) = 1 [pid 323] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 320] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 323] <... ioctl resumed>) = 0 [pid 323] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 320] <... futex resumed>) = 0 [pid 323] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 320] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 323] <... prlimit64 resumed>NULL) = 0 [pid 320] <... futex resumed>) = 0 [pid 323] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 320] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 323] <... futex resumed>) = 0 [pid 320] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 323] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 320] exit_group(0 [pid 323] <... futex resumed>) = ? [pid 320] <... exit_group resumed>) = ? [pid 323] +++ exited with 0 +++ [pid 320] +++ exited with 0 +++ [pid 311] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=320, si_uid=0, si_status=0, si_utime=2, si_stime=18} --- [pid 311] restart_syscall(<... resuming interrupted clone ...> [pid 309] <... openat resumed>) = 3 [pid 321] <... openat resumed>) = 4 [pid 321] ioctl(4, LOOP_CLR_FD) = 0 [pid 321] close(4) = 0 [pid 311] <... restart_syscall resumed>) = 0 [pid 309] ioctl(3, LOOP_CLR_FD [pid 321] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 315] <... futex resumed>) = 0 [pid 321] fspick(AT_FDCWD, "./file0", 0 [pid 315] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 311] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 321] <... fspick resumed>) = 4 [pid 315] <... futex resumed>) = 0 [pid 311] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 321] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 315] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 311] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 321] <... futex resumed>) = 0 [pid 315] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 311] <... openat resumed>) = 3 [pid 321] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 315] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 311] newfstatat(3, "", [pid 315] <... futex resumed>) = 0 [pid 311] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 315] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 311] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 311] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 311] unlink("./0/binderfs") = 0 [pid 311] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 321] <... fsconfig resumed>) = 0 [pid 321] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 315] <... futex resumed>) = 0 [pid 321] openat(AT_FDCWD, "./file0", O_RDONLY [pid 315] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 321] <... openat resumed>) = 5 [pid 315] <... futex resumed>) = 0 [pid 321] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 315] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 321] <... futex resumed>) = 0 [pid 315] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 321] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 315] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 315] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 321] <... ioctl resumed>) = 0 [pid 321] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 315] <... futex resumed>) = 0 [pid 321] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 315] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 321] <... prlimit64 resumed>NULL) = 0 [pid 315] <... futex resumed>) = 0 [pid 321] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 315] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 321] <... futex resumed>) = 0 [pid 315] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 321] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 315] exit_group(0 [pid 321] <... futex resumed>) = ? [pid 315] <... exit_group resumed>) = ? [pid 321] +++ exited with 0 +++ [pid 315] +++ exited with 0 +++ [pid 308] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=315, si_uid=0, si_status=0, si_utime=6, si_stime=15} --- [pid 308] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 308] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 308] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 308] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 308] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 308] unlink("./0/binderfs") = 0 [ 40.897382][ T319] F2FS-fs (loop0): Found nat_bits in checkpoint [ 40.909851][ T321] F2FS-fs (loop1): Cannot turn on quotas: -2 on 2 [ 40.919554][ T321] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [pid 308] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 310] <... ioctl resumed>) = 0 [pid 310] close(3 [pid 319] <... mount resumed>) = 0 [pid 319] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 319] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 309] <... ioctl resumed>) = 0 [ 40.991333][ T319] F2FS-fs (loop0): Cannot turn on quotas: -2 on 0 [ 40.997667][ T319] F2FS-fs (loop0): Cannot turn on quotas: -2 on 1 [ 41.004703][ T319] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2 [ 41.011576][ T319] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [pid 309] close(3 [pid 319] <... openat resumed>) = 4 [pid 319] ioctl(4, LOOP_CLR_FD) = 0 [pid 319] close(4) = 0 [pid 319] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 316] <... futex resumed>) = 0 [pid 316] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 316] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 319] <... futex resumed>) = 1 [pid 319] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 319] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 316] <... futex resumed>) = 0 [pid 316] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 316] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 319] <... futex resumed>) = 1 [pid 319] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 310] <... close resumed>) = 0 [pid 310] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 319] <... fsconfig resumed>) = 0 [pid 319] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 316] <... futex resumed>) = 0 [pid 310] <... clone resumed>, child_tidptr=0x55555b716750) = 352 [pid 319] openat(AT_FDCWD, "./file0", O_RDONLY [pid 316] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 319] <... openat resumed>) = 5 [pid 316] <... futex resumed>) = 0 [pid 319] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 316] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 319] <... futex resumed>) = 0 [pid 316] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 319] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 316] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 316] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 319] <... ioctl resumed>) = 0 [pid 319] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 316] <... futex resumed>) = 0 [pid 319] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 316] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 319] <... prlimit64 resumed>NULL) = 0 [pid 316] <... futex resumed>) = 0 [pid 319] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 316] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 319] <... futex resumed>) = 0 [pid 316] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 319] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 316] exit_group(0 [pid 319] <... futex resumed>) = ? [pid 316] <... exit_group resumed>) = ? [pid 319] +++ exited with 0 +++ [pid 316] +++ exited with 0 +++ ./strace-static-x86_64: Process 352 attached [pid 352] set_robust_list(0x55555b716760, 24) = 0 [pid 352] chdir("./1") = 0 [pid 352] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 352] setpgid(0, 0) = 0 [pid 352] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 352] write(3, "1000", 4) = 4 [pid 352] close(3) = 0 [pid 352] symlink("/dev/binderfs", "./binderfs") = 0 [pid 352] write(1, "executing program\n", 18executing program ) = 18 [pid 352] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 352] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 352] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 352] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 352] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 352] rt_sigprocmask(SIG_BLOCK, ~[], [pid 307] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=316, si_uid=0, si_status=0, si_utime=4, si_stime=18} --- [pid 307] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 352] <... rt_sigprocmask resumed>[], 8) = 0 [pid 352] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} [pid 307] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 307] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 307] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 307] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 307] unlink("./0/binderfs") = 0 [pid 307] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 352] <... clone3 resumed> => {parent_tid=[353]}, 88) = 353 [pid 352] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 352] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 352] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 353 attached [pid 353] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 353] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 353] memfd_create("syzkaller", 0) = 3 [pid 353] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 309] <... close resumed>) = 0 [pid 309] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 354 attached , child_tidptr=0x55555b716750) = 354 [pid 354] set_robust_list(0x55555b716760, 24) = 0 [pid 354] chdir("./1") = 0 [pid 354] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 354] setpgid(0, 0) = 0 [pid 354] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 354] write(3, "1000", 4) = 4 [pid 354] close(3) = 0 [pid 354] symlink("/dev/binderfs", "./binderfs") = 0 [pid 354] write(1, "executing program\n", 18executing program ) = 18 [pid 354] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 354] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 354] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 354] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 354] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 354] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 354] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[355]}, 88) = 355 [pid 354] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 354] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 354] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 355 attached [pid 355] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 355] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 355] memfd_create("syzkaller", 0) = 3 [pid 355] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 353] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 308] <... umount2 resumed>) = 0 [pid 311] <... umount2 resumed>) = 0 [pid 308] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 311] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 308] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 311] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 308] newfstatat(AT_FDCWD, "./0/file0", [pid 311] newfstatat(AT_FDCWD, "./0/file0", [pid 308] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 311] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 308] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 311] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 308] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 311] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 308] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 311] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 308] <... openat resumed>) = 4 [pid 311] <... openat resumed>) = 4 [pid 308] newfstatat(4, "", [pid 311] newfstatat(4, "", [pid 308] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 311] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 311] getdents64(4, [pid 308] getdents64(4, [pid 311] <... getdents64 resumed>0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 308] <... getdents64 resumed>0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 311] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 308] getdents64(4, [pid 311] close(4 [pid 308] <... getdents64 resumed>0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 311] <... close resumed>) = 0 [pid 308] close(4 [pid 311] rmdir("./0/file0" [pid 308] <... close resumed>) = 0 [pid 311] <... rmdir resumed>) = 0 [pid 308] rmdir("./0/file0" [pid 311] getdents64(3, [pid 308] <... rmdir resumed>) = 0 [pid 311] <... getdents64 resumed>0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 311] close(3 [pid 308] getdents64(3, [pid 311] <... close resumed>) = 0 [pid 308] <... getdents64 resumed>0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 311] rmdir("./0" [pid 308] close(3 [pid 311] <... rmdir resumed>) = 0 [pid 308] <... close resumed>) = 0 [pid 311] mkdir("./1", 0777 [pid 308] rmdir("./0" [pid 311] <... mkdir resumed>) = 0 [pid 308] <... rmdir resumed>) = 0 [pid 311] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 308] mkdir("./1", 0777 [pid 311] <... openat resumed>) = 3 [pid 311] ioctl(3, LOOP_CLR_FD [pid 308] <... mkdir resumed>) = 0 [pid 311] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 308] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 311] close(3 [pid 308] <... openat resumed>) = 3 [pid 311] <... close resumed>) = 0 [pid 308] ioctl(3, LOOP_CLR_FD [pid 311] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 308] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 308] close(3) = 0 [pid 311] <... clone resumed>, child_tidptr=0x55555b716750) = 356 [pid 308] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 357 ./strace-static-x86_64: Process 356 attached [pid 356] set_robust_list(0x55555b716760, 24) = 0 [pid 356] chdir("./1") = 0 [pid 356] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 357 attached ) = 0 [pid 357] set_robust_list(0x55555b716760, 24) = 0 [pid 357] chdir("./1" [pid 356] setpgid(0, 0) = 0 [pid 356] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 356] write(3, "1000", 4) = 4 [pid 356] close(3) = 0 [pid 356] symlink("/dev/binderfs", "./binderfs") = 0 [pid 356] write(1, "executing program\n", 18executing program ) = 18 [pid 356] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 356] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 356] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 356] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 356] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE [pid 357] <... chdir resumed>) = 0 [pid 357] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 357] setpgid(0, 0) = 0 [pid 356] <... mprotect resumed>) = 0 [pid 356] rt_sigprocmask(SIG_BLOCK, ~[], [pid 357] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 357] write(3, "1000", 4) = 4 [pid 357] close(3) = 0 [pid 357] symlink("/dev/binderfs", "./binderfs") = 0 [pid 357] write(1, "executing program\n", 18executing program ) = 18 [pid 357] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 357] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 357] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 357] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 357] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 356] <... rt_sigprocmask resumed>[], 8) = 0 [pid 356] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} [pid 357] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 357] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[358]}, 88) = 358 [pid 357] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 357] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 357] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 307] <... umount2 resumed>) = 0 [pid 307] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] newfstatat(AT_FDCWD, "./0/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 307] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 307] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 307] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 307] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 307] close(4) = 0 [pid 307] rmdir("./0/file0" [pid 356] <... clone3 resumed> => {parent_tid=[359]}, 88) = 359 [pid 356] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 356] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 356] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 307] <... rmdir resumed>) = 0 [pid 307] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 307] close(3) = 0 [pid 307] rmdir("./0") = 0 [pid 307] mkdir("./1", 0777./strace-static-x86_64: Process 358 attached [pid 358] set_robust_list(0x7f537f40c9a0, 24 [pid 307] <... mkdir resumed>) = 0 [pid 307] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 307] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 307] close(3) = 0 [pid 358] <... set_robust_list resumed>) = 0 [pid 358] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 358] memfd_create("syzkaller", 0) = 3 [pid 358] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 307] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 360 ./strace-static-x86_64: Process 359 attached [pid 359] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 359] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 359] memfd_create("syzkaller", 0) = 3 [pid 359] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 ./strace-static-x86_64: Process 360 attached [pid 360] set_robust_list(0x55555b716760, 24) = 0 [pid 360] chdir("./1") = 0 [pid 360] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 360] setpgid(0, 0) = 0 [pid 360] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 360] write(3, "1000", 4) = 4 [pid 360] close(3) = 0 [pid 360] symlink("/dev/binderfs", "./binderfs") = 0 [pid 360] write(1, "executing program\n", 18executing program ) = 18 [pid 360] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 360] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 360] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 360] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 360] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 360] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 360] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[361]}, 88) = 361 [pid 360] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 360] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 360] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 361 attached [pid 361] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 361] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 361] memfd_create("syzkaller", 0) = 3 [pid 361] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 355] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 353] <... write resumed>) = 20699119 [pid 353] munmap(0x7f5376fec000, 138412032) = 0 [pid 353] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 353] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 353] close(3) = 0 [pid 353] close(4) = 0 [pid 353] mkdir("./file0", 0777) = 0 [pid 353] mount("/dev/loop3", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 361] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [ 41.484215][ T353] F2FS-fs (loop3): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 41.519880][ T353] F2FS-fs (loop3): Found nat_bits in checkpoint [pid 359] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 355] <... write resumed>) = 20699119 [pid 355] munmap(0x7f5376fec000, 138412032) = 0 [pid 358] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 355] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 355] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 355] close(3) = 0 [pid 355] close(4) = 0 [pid 355] mkdir("./file0", 0777) = 0 [pid 355] mount("/dev/loop2", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 361] <... write resumed>) = 20699119 [ 41.605864][ T355] F2FS-fs (loop2): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 361] munmap(0x7f5376fec000, 138412032) = 0 [pid 361] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 361] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 361] close(3) = 0 [pid 361] close(4) = 0 [pid 361] mkdir("./file0", 0777) = 0 [pid 361] mount("/dev/loop0", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 358] <... write resumed>) = 20699119 [pid 358] munmap(0x7f5376fec000, 138412032) = 0 [pid 358] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 358] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 358] close(3) = 0 [pid 358] close(4) = 0 [pid 358] mkdir("./file0", 0777) = 0 [ 41.673556][ T355] F2FS-fs (loop2): Found nat_bits in checkpoint [ 41.685690][ T361] F2FS-fs (loop0): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 358] mount("/dev/loop1", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 359] <... write resumed>) = 20699119 [pid 359] munmap(0x7f5376fec000, 138412032) = 0 [pid 359] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 359] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 359] close(3) = 0 [pid 359] close(4) = 0 [pid 359] mkdir("./file0", 0777) = 0 [ 41.718638][ T353] F2FS-fs (loop3): Cannot turn on quotas: -2 on 0 [ 41.725555][ T358] F2FS-fs (loop1): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 41.739086][ T353] F2FS-fs (loop3): Cannot turn on quotas: -2 on 1 [ 41.747964][ T361] F2FS-fs (loop0): Found nat_bits in checkpoint [ 41.756127][ T358] F2FS-fs (loop1): Found nat_bits in checkpoint [pid 359] mount("/dev/loop4", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 353] <... mount resumed>) = 0 [pid 353] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 353] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 353] ioctl(4, LOOP_CLR_FD) = 0 [pid 353] close(4) = 0 [pid 353] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 353] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 352] <... futex resumed>) = 0 [pid 352] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 353] <... futex resumed>) = 0 [pid 353] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 352] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 353] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 353] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 352] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 352] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 353] <... futex resumed>) = 0 [pid 353] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [ 41.762222][ T353] F2FS-fs (loop3): Cannot turn on quotas: -2 on 2 [ 41.772232][ T359] F2FS-fs (loop4): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 41.782687][ T353] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 41.798671][ T359] F2FS-fs (loop4): Found nat_bits in checkpoint [pid 352] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 353] <... fsconfig resumed>) = 0 [pid 353] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 352] <... futex resumed>) = 0 [pid 352] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 352] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 353] <... futex resumed>) = 1 [pid 353] openat(AT_FDCWD, "./file0", O_RDONLY) = 5 [pid 353] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 352] <... futex resumed>) = 0 [pid 352] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 352] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 353] <... futex resumed>) = 1 [pid 353] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140) = 0 [pid 353] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 352] <... futex resumed>) = 0 [pid 352] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 352] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 353] prlimit64(0, RLIMIT_RTPRIO, NULL, NULL) = 0 [pid 353] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 352] <... futex resumed>) = 0 [pid 352] exit_group(0) = ? [pid 353] +++ exited with 0 +++ [pid 352] +++ exited with 0 +++ [pid 310] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=352, si_uid=0, si_status=0, si_utime=3, si_stime=23} --- [ 41.830763][ T355] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0 [ 41.837864][ T355] F2FS-fs (loop2): Cannot turn on quotas: -2 on 1 [ 41.839302][ T361] F2FS-fs (loop0): Cannot turn on quotas: -2 on 0 [ 41.853152][ T361] F2FS-fs (loop0): Cannot turn on quotas: -2 on 1 [ 41.860917][ T361] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2 [ 41.868899][ T361] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [pid 310] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 310] umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 310] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 310] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 310] umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 310] unlink("./1/binderfs") = 0 [pid 310] umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 361] <... mount resumed>) = 0 [pid 361] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 361] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 361] ioctl(4, LOOP_CLR_FD [pid 355] <... mount resumed>) = 0 [pid 355] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [ 41.877478][ T355] F2FS-fs (loop2): Cannot turn on quotas: -2 on 2 [ 41.885637][ T355] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 41.903677][ T358] F2FS-fs (loop1): Cannot turn on quotas: -2 on 0 [ 41.911626][ T358] F2FS-fs (loop1): Cannot turn on quotas: -2 on 1 [ 41.917523][ T359] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0 [pid 355] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 361] <... ioctl resumed>) = 0 [pid 355] <... openat resumed>) = 4 [pid 355] ioctl(4, LOOP_CLR_FD) = 0 [pid 355] close(4 [pid 361] close(4 [pid 355] <... close resumed>) = 0 [pid 361] <... close resumed>) = 0 [pid 355] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 361] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 360] <... futex resumed>) = 0 [pid 355] <... futex resumed>) = 1 [pid 354] <... futex resumed>) = 0 [pid 361] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 360] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 354] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 361] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 360] <... futex resumed>) = 0 [pid 354] <... futex resumed>) = 0 [pid 361] fspick(AT_FDCWD, "./file0", 0 [pid 360] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 354] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 361] <... fspick resumed>) = 4 [pid 361] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 355] fspick(AT_FDCWD, "./file0", 0 [pid 361] <... futex resumed>) = 1 [pid 360] <... futex resumed>) = 0 [pid 361] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 360] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 361] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 360] <... futex resumed>) = 0 [pid 361] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 360] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 355] <... fspick resumed>) = 4 [pid 355] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 354] <... futex resumed>) = 0 [pid 355] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 354] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 354] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 358] <... mount resumed>) = 0 [pid 358] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 358] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 358] ioctl(4, LOOP_CLR_FD) = 0 [pid 358] close(4) = 0 [pid 358] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 357] <... futex resumed>) = 0 [pid 357] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 357] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 358] <... futex resumed>) = 1 [pid 358] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 358] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 357] <... futex resumed>) = 0 [pid 357] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 357] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 358] <... futex resumed>) = 1 [pid 358] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 361] <... fsconfig resumed>) = 0 [pid 361] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 360] <... futex resumed>) = 0 [pid 361] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 360] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 361] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 360] <... futex resumed>) = 0 [pid 361] openat(AT_FDCWD, "./file0", O_RDONLY [pid 360] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 361] <... openat resumed>) = 5 [pid 361] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 360] <... futex resumed>) = 0 [pid 361] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 360] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 361] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 360] <... futex resumed>) = 0 [pid 361] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 360] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 361] <... ioctl resumed>) = 0 [pid 361] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 360] <... futex resumed>) = 0 [pid 361] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 360] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 361] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 360] <... futex resumed>) = 0 [pid 361] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 360] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 361] <... prlimit64 resumed>NULL) = 0 [pid 361] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 360] <... futex resumed>) = 0 [pid 361] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 360] exit_group(0 [pid 361] <... futex resumed>) = ? [pid 360] <... exit_group resumed>) = ? [pid 361] +++ exited with 0 +++ [pid 359] <... mount resumed>) = 0 [pid 360] +++ exited with 0 +++ [pid 307] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=360, si_uid=0, si_status=0, si_utime=4, si_stime=17} --- [pid 307] restart_syscall(<... resuming interrupted clone ...> [pid 359] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 359] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 359] ioctl(4, LOOP_CLR_FD) = 0 [pid 359] close(4) = 0 [pid 359] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 356] <... futex resumed>) = 0 [pid 358] <... fsconfig resumed>) = 0 [pid 358] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 356] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 358] <... futex resumed>) = 1 [pid 357] <... futex resumed>) = 0 [pid 356] <... futex resumed>) = 0 [pid 358] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 357] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 356] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 358] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 357] <... futex resumed>) = 0 [pid 358] openat(AT_FDCWD, "./file0", O_RDONLY [pid 357] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 358] <... openat resumed>) = 5 [pid 358] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 357] <... futex resumed>) = 0 [pid 358] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 357] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 358] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 357] <... futex resumed>) = 0 [pid 358] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 357] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 359] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 359] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 356] <... futex resumed>) = 0 [pid 358] <... ioctl resumed>) = 0 [pid 355] <... fsconfig resumed>) = 0 [pid 356] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 358] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 355] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 356] <... futex resumed>) = 0 [pid 358] <... futex resumed>) = 1 [pid 357] <... futex resumed>) = 0 [pid 356] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 355] <... futex resumed>) = 1 [pid 354] <... futex resumed>) = 0 [pid 358] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 357] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 355] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 354] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 358] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 357] <... futex resumed>) = 0 [pid 355] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 354] <... futex resumed>) = 0 [pid 307] <... restart_syscall resumed>) = 0 [pid 358] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 357] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 355] openat(AT_FDCWD, "./file0", O_RDONLY [pid 354] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 358] <... prlimit64 resumed>NULL) = 0 [pid 355] <... openat resumed>) = 5 [pid 358] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 355] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 307] umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 358] <... futex resumed>) = 1 [pid 357] <... futex resumed>) = 0 [pid 355] <... futex resumed>) = 1 [pid 354] <... futex resumed>) = 0 [pid 307] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 358] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 357] exit_group(0 [pid 355] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 354] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 307] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 358] <... futex resumed>) = ? [pid 357] <... exit_group resumed>) = ? [pid 355] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 354] <... futex resumed>) = 0 [pid 307] <... openat resumed>) = 3 [pid 358] +++ exited with 0 +++ [pid 357] +++ exited with 0 +++ [pid 355] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 354] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 307] newfstatat(3, "", [pid 308] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=357, si_uid=0, si_status=0, si_utime=3, si_stime=22} --- [pid 307] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 308] restart_syscall(<... resuming interrupted clone ...> [pid 307] getdents64(3, [pid 355] <... ioctl resumed>) = 0 [pid 307] <... getdents64 resumed>0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 355] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 307] umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 355] <... futex resumed>) = 1 [pid 354] <... futex resumed>) = 0 [pid 307] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 355] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 354] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 307] newfstatat(AT_FDCWD, "./1/binderfs", [pid 355] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 354] <... futex resumed>) = 0 [pid 307] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 359] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 355] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 354] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 307] unlink("./1/binderfs" [pid 355] <... prlimit64 resumed>NULL) = 0 [pid 307] <... unlink resumed>) = 0 [pid 355] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 307] umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 355] <... futex resumed>) = 1 [pid 354] <... futex resumed>) = 0 [pid 355] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 308] <... restart_syscall resumed>) = 0 [pid 354] exit_group(0 [pid 355] <... futex resumed>) = ? [pid 354] <... exit_group resumed>) = ? [pid 355] +++ exited with 0 +++ [pid 308] umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 354] +++ exited with 0 +++ [pid 308] <... openat resumed>) = 3 [pid 309] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=354, si_uid=0, si_status=0, si_utime=6, si_stime=18} --- [pid 308] newfstatat(3, "", [pid 309] restart_syscall(<... resuming interrupted clone ...> [pid 308] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 308] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 308] umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 41.918602][ T358] F2FS-fs (loop1): Cannot turn on quotas: -2 on 2 [ 41.926245][ T359] F2FS-fs (loop4): Cannot turn on quotas: -2 on 1 [ 41.934093][ T358] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 41.939509][ T359] F2FS-fs (loop4): Cannot turn on quotas: -2 on 2 [ 41.954195][ T359] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [pid 308] unlink("./1/binderfs") = 0 [pid 308] umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 309] <... restart_syscall resumed>) = 0 [pid 309] umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 309] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 309] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 309] umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 309] unlink("./1/binderfs") = 0 [pid 309] umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 359] <... fsconfig resumed>) = 0 [pid 359] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 356] <... futex resumed>) = 0 [pid 359] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 356] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 359] openat(AT_FDCWD, "./file0", O_RDONLY) = 5 [pid 356] <... futex resumed>) = 0 [pid 359] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 356] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 359] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 356] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 356] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 359] <... futex resumed>) = 0 [pid 356] <... futex resumed>) = 1 [pid 359] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 356] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 359] <... ioctl resumed>) = 0 [pid 359] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 356] <... futex resumed>) = 0 [pid 359] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 356] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 359] prlimit64(0, RLIMIT_RTPRIO, NULL, NULL) = 0 [pid 356] <... futex resumed>) = 0 [pid 359] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 356] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 359] <... futex resumed>) = 0 [pid 356] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 359] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 356] exit_group(0 [pid 359] <... futex resumed>) = ? [pid 356] <... exit_group resumed>) = ? [pid 359] +++ exited with 0 +++ [pid 356] +++ exited with 0 +++ [pid 311] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=356, si_uid=0, si_status=0, si_utime=5, si_stime=16} --- [pid 311] umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 311] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 311] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 311] umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 311] unlink("./1/binderfs") = 0 [pid 311] umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 310] <... umount2 resumed>) = 0 [pid 310] umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] newfstatat(AT_FDCWD, "./1/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 310] umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 310] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 310] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 310] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 310] close(4) = 0 [pid 310] rmdir("./1/file0") = 0 [pid 310] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 310] close(3) = 0 [pid 310] rmdir("./1") = 0 [pid 310] mkdir("./2", 0777) = 0 [pid 310] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 307] <... umount2 resumed>) = 0 [pid 307] umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] newfstatat(AT_FDCWD, "./1/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 307] umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 307] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 307] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 307] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 307] close(4) = 0 [pid 307] rmdir("./1/file0") = 0 [pid 307] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 307] close(3) = 0 [pid 307] rmdir("./1") = 0 [pid 307] mkdir("./2", 0777) = 0 [pid 307] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 307] ioctl(3, LOOP_CLR_FD [pid 310] <... openat resumed>) = 3 [pid 310] ioctl(3, LOOP_CLR_FD [pid 307] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 307] close(3 [pid 310] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 307] <... close resumed>) = 0 [pid 307] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 310] close(3 [pid 307] <... clone resumed>, child_tidptr=0x55555b716750) = 388 [pid 310] <... close resumed>) = 0 [pid 310] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 389 ./strace-static-x86_64: Process 388 attached [pid 388] set_robust_list(0x55555b716760, 24) = 0 [pid 388] chdir("./2") = 0 [pid 388] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 388] setpgid(0, 0) = 0 [pid 388] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 388] write(3, "1000", 4) = 4 [pid 388] close(3) = 0 [pid 388] symlink("/dev/binderfs", "./binderfs") = 0 [pid 388] write(1, "executing program\n", 18executing program ) = 18 [pid 388] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 388] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 388] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 388] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 388] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 388] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 388] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[390]}, 88) = 390 ./strace-static-x86_64: Process 389 attached [pid 388] rt_sigprocmask(SIG_SETMASK, [], [pid 389] set_robust_list(0x55555b716760, 24 [pid 388] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 389] <... set_robust_list resumed>) = 0 [pid 388] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 388] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 389] chdir("./2") = 0 ./strace-static-x86_64: Process 390 attached [pid 390] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 390] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 389] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 390] memfd_create("syzkaller", 0) = 3 [pid 389] <... prctl resumed>) = 0 [pid 390] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 389] setpgid(0, 0) = 0 [pid 389] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 389] write(3, "1000", 4) = 4 [pid 389] close(3) = 0 [pid 389] symlink("/dev/binderfs", "./binderfs") = 0 [pid 389] write(1, "executing program\n", 18executing program ) = 18 [pid 389] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 389] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 389] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 389] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 389] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 389] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 389] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[391]}, 88) = 391 [pid 389] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 389] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 389] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 309] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 391 attached [pid 391] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 391] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 391] memfd_create("syzkaller", 0) = 3 [pid 391] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 309] umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] newfstatat(AT_FDCWD, "./1/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 309] umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 309] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 309] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 309] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 309] close(4) = 0 [pid 309] rmdir("./1/file0") = 0 [pid 309] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 309] close(3) = 0 [pid 309] rmdir("./1") = 0 [pid 309] mkdir("./2", 0777) = 0 [pid 309] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 309] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 309] close(3 [pid 308] <... umount2 resumed>) = 0 [pid 308] umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] newfstatat(AT_FDCWD, "./1/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 308] umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 308] newfstatat(4, "", [pid 309] <... close resumed>) = 0 [pid 309] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 308] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 308] getdents64(4, [pid 309] <... clone resumed>, child_tidptr=0x55555b716750) = 392 [pid 308] <... getdents64 resumed>0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 308] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 308] close(4) = 0 [pid 308] rmdir("./1/file0") = 0 [pid 308] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 308] close(3) = 0 [pid 308] rmdir("./1") = 0 [pid 308] mkdir("./2", 0777) = 0 [pid 308] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 308] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 308] close(3) = 0 [pid 311] <... umount2 resumed>) = 0 [pid 308] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 392 attached , child_tidptr=0x55555b716750) = 393 [pid 392] set_robust_list(0x55555b716760, 24) = 0 [pid 311] umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 392] chdir("./2") = 0 [pid 311] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 392] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 311] newfstatat(AT_FDCWD, "./1/file0", [pid 392] <... prctl resumed>) = 0 [pid 392] setpgid(0, 0 [pid 311] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 ./strace-static-x86_64: Process 393 attached [pid 392] <... setpgid resumed>) = 0 [pid 311] umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 392] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 311] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 393] set_robust_list(0x55555b716760, 24 [pid 392] write(3, "1000", 4 [pid 311] openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 393] <... set_robust_list resumed>) = 0 [pid 392] <... write resumed>) = 4 [pid 393] chdir("./2" [pid 392] close(3 [pid 311] <... openat resumed>) = 4 [pid 392] <... close resumed>) = 0 [pid 311] newfstatat(4, "", [pid 393] <... chdir resumed>) = 0 [pid 392] symlink("/dev/binderfs", "./binderfs") = 0 [pid 311] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 393] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 392] write(1, "executing program\n", 18executing program [pid 311] getdents64(4, [pid 393] <... prctl resumed>) = 0 [pid 311] <... getdents64 resumed>0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 393] setpgid(0, 0 [pid 392] <... write resumed>) = 18 [pid 311] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 393] <... setpgid resumed>) = 0 [pid 392] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 311] close(4) = 0 [pid 393] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 392] <... futex resumed>) = 0 [pid 311] rmdir("./1/file0") = 0 [pid 393] <... openat resumed>) = 3 [pid 392] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, [pid 311] getdents64(3, [pid 392] <... rt_sigaction resumed>NULL, 8) = 0 [pid 393] write(3, "1000", 4 [pid 392] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 311] <... getdents64 resumed>0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 392] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 393] <... write resumed>) = 4 [pid 311] close(3 [pid 392] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 393] close(3 [pid 392] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE [pid 311] <... close resumed>) = 0 [pid 393] <... close resumed>) = 0 [pid 392] <... mprotect resumed>) = 0 [pid 393] symlink("/dev/binderfs", "./binderfs" [pid 311] rmdir("./1" [pid 393] <... symlink resumed>) = 0 [pid 392] rt_sigprocmask(SIG_BLOCK, ~[], [pid 311] <... rmdir resumed>) = 0 [pid 392] <... rt_sigprocmask resumed>[], 8) = 0 [pid 393] write(1, "executing program\n", 18executing program [pid 392] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} [pid 393] <... write resumed>) = 18 [pid 311] mkdir("./2", 0777 [pid 393] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 392] <... clone3 resumed> => {parent_tid=[394]}, 88) = 394 [pid 311] <... mkdir resumed>) = 0 [pid 393] <... futex resumed>) = 0 [pid 392] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 393] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, [pid 311] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 392] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 393] <... rt_sigaction resumed>NULL, 8) = 0 [pid 392] <... futex resumed>) = 0 [pid 311] <... openat resumed>) = 3 [pid 393] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 392] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 393] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 311] ioctl(3, LOOP_CLR_FD [pid 393] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 311] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 393] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 311] close(3 [pid 393] rt_sigprocmask(SIG_BLOCK, ~[], [pid 311] <... close resumed>) = 0 [pid 393] <... rt_sigprocmask resumed>[], 8) = 0 [pid 393] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} [pid 311] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 393] <... clone3 resumed> => {parent_tid=[395]}, 88) = 395 [pid 311] <... clone resumed>, child_tidptr=0x55555b716750) = 396 [pid 393] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 393] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 393] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 394 attached [pid 394] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 394] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 394] memfd_create("syzkaller", 0) = 3 [pid 394] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 ./strace-static-x86_64: Process 396 attached [pid 396] set_robust_list(0x55555b716760, 24./strace-static-x86_64: Process 395 attached [pid 395] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 395] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 395] memfd_create("syzkaller", 0 [pid 396] <... set_robust_list resumed>) = 0 [pid 395] <... memfd_create resumed>) = 3 [pid 395] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 396] chdir("./2" [pid 395] <... mmap resumed>) = 0x7f5376fec000 [pid 396] <... chdir resumed>) = 0 [pid 396] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 396] setpgid(0, 0) = 0 [pid 396] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 396] write(3, "1000", 4) = 4 [pid 396] close(3) = 0 [pid 396] symlink("/dev/binderfs", "./binderfs") = 0 [pid 396] write(1, "executing program\n", 18executing program ) = 18 [pid 396] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 396] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 396] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 396] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 396] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 396] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 396] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[397]}, 88) = 397 [pid 396] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 396] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 396] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 397 attached [pid 397] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 397] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 397] memfd_create("syzkaller", 0) = 3 [pid 397] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 390] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 391] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 395] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 390] <... write resumed>) = 20699119 [pid 390] munmap(0x7f5376fec000, 138412032) = 0 [pid 390] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 390] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 390] close(3) = 0 [pid 390] close(4) = 0 [pid 390] mkdir("./file0", 0777) = 0 [pid 390] mount("/dev/loop0", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [ 42.586242][ T390] F2FS-fs (loop0): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 394] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 395] <... write resumed>) = 20699119 [pid 395] munmap(0x7f5376fec000, 138412032 [pid 397] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 395] <... munmap resumed>) = 0 [pid 395] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 395] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 395] close(3) = 0 [pid 395] close(4) = 0 [pid 395] mkdir("./file0", 0777) = 0 [ 42.644885][ T390] F2FS-fs (loop0): Found nat_bits in checkpoint [ 42.685530][ T395] F2FS-fs (loop1): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 42.710632][ T395] F2FS-fs (loop1): Found nat_bits in checkpoint [pid 395] mount("/dev/loop1", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 391] <... write resumed>) = 20699119 [pid 391] munmap(0x7f5376fec000, 138412032 [pid 395] <... mount resumed>) = 0 [pid 394] <... write resumed>) = 20699119 [pid 391] <... munmap resumed>) = 0 [pid 395] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 394] munmap(0x7f5376fec000, 138412032 [pid 395] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 395] ioctl(4, LOOP_CLR_FD) = 0 [pid 395] close(4) = 0 [pid 394] <... munmap resumed>) = 0 [pid 395] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 394] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 395] <... futex resumed>) = 1 [pid 395] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 394] <... openat resumed>) = 4 [pid 393] <... futex resumed>) = 0 [pid 394] ioctl(4, LOOP_SET_FD, 3 [pid 393] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 395] <... futex resumed>) = 0 [pid 393] <... futex resumed>) = 1 [pid 395] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 393] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 395] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 393] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 395] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 393] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 395] <... futex resumed>) = 0 [pid 393] <... futex resumed>) = 1 [pid 395] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 393] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 42.784039][ T390] F2FS-fs (loop0): Cannot turn on quotas: -2 on 0 [ 42.787399][ T395] F2FS-fs (loop1): Cannot turn on quotas: -2 on 0 [ 42.798689][ T395] F2FS-fs (loop1): Cannot turn on quotas: -2 on 1 [ 42.805356][ T395] F2FS-fs (loop1): Cannot turn on quotas: -2 on 2 [ 42.813005][ T395] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 42.814467][ T390] F2FS-fs (loop0): Cannot turn on quotas: -2 on 1 [pid 391] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 395] <... fsconfig resumed>) = 0 [pid 395] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 394] <... ioctl resumed>) = 0 [pid 391] <... openat resumed>) = 4 [pid 395] <... futex resumed>) = 1 [pid 394] close(3 [pid 395] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 394] <... close resumed>) = 0 [pid 394] close(4 [pid 393] <... futex resumed>) = 0 [pid 391] ioctl(4, LOOP_SET_FD, 3 [pid 394] <... close resumed>) = 0 [pid 394] mkdir("./file0", 0777 [pid 393] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 393] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 395] <... futex resumed>) = 0 [pid 394] <... mkdir resumed>) = 0 [pid 395] openat(AT_FDCWD, "./file0", O_RDONLY [pid 394] mount("/dev/loop2", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 395] <... openat resumed>) = 5 [pid 395] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 393] <... futex resumed>) = 0 [pid 395] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 397] <... write resumed>) = 20699119 [pid 393] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 391] <... ioctl resumed>) = 0 [pid 395] <... futex resumed>) = 0 [pid 393] <... futex resumed>) = 1 [pid 391] close(3 [pid 393] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 391] <... close resumed>) = 0 [pid 395] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 397] munmap(0x7f5376fec000, 138412032 [pid 391] close(4) = 0 [pid 391] mkdir("./file0", 0777) = 0 [pid 391] mount("/dev/loop3", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 395] <... ioctl resumed>) = 0 [pid 395] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 393] <... futex resumed>) = 0 [pid 395] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 393] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 395] <... prlimit64 resumed>NULL) = 0 [pid 393] <... futex resumed>) = 0 [pid 395] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 393] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 395] <... futex resumed>) = 0 [pid 393] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 395] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 393] exit_group(0 [pid 395] <... futex resumed>) = ? [pid 393] <... exit_group resumed>) = ? [pid 395] +++ exited with 0 +++ [pid 393] +++ exited with 0 +++ [pid 308] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=393, si_uid=0, si_status=0, si_utime=5, si_stime=17} --- [pid 308] restart_syscall(<... resuming interrupted clone ...> [pid 397] <... munmap resumed>) = 0 [pid 397] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 308] <... restart_syscall resumed>) = 0 [pid 397] <... openat resumed>) = 4 [pid 397] ioctl(4, LOOP_SET_FD, 3 [pid 308] umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 42.841008][ T390] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2 [ 42.857460][ T394] F2FS-fs (loop2): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 42.861114][ T390] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 42.876116][ T394] F2FS-fs (loop2): Found nat_bits in checkpoint [pid 308] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 308] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 308] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 308] umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 308] unlink("./2/binderfs") = 0 [pid 308] umount2("./2/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 390] <... mount resumed>) = 0 [pid 397] <... ioctl resumed>) = 0 [pid 397] close(3) = 0 [pid 397] close(4 [pid 390] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [ 42.876363][ T391] F2FS-fs (loop3): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 42.905943][ T391] F2FS-fs (loop3): Found nat_bits in checkpoint [ 42.929941][ T394] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0 [pid 390] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 397] <... close resumed>) = 0 [pid 397] mkdir("./file0", 0777) = 0 [pid 397] mount("/dev/loop4", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 394] <... mount resumed>) = 0 [pid 394] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [ 42.937328][ T394] F2FS-fs (loop2): Cannot turn on quotas: -2 on 1 [ 42.944619][ T394] F2FS-fs (loop2): Cannot turn on quotas: -2 on 2 [ 42.951607][ T394] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 42.956467][ T391] F2FS-fs (loop3): Cannot turn on quotas: -2 on 0 [ 42.967110][ T391] F2FS-fs (loop3): Cannot turn on quotas: -2 on 1 [ 42.977634][ T391] F2FS-fs (loop3): Cannot turn on quotas: -2 on 2 [pid 394] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 391] <... mount resumed>) = 0 [pid 391] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 390] <... openat resumed>) = 4 [pid 390] ioctl(4, LOOP_CLR_FD [pid 394] <... openat resumed>) = 4 [pid 394] ioctl(4, LOOP_CLR_FD) = 0 [pid 394] close(4 [pid 390] <... ioctl resumed>) = 0 [pid 391] <... openat resumed>) = 3 [pid 390] close(4 [pid 391] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 390] <... close resumed>) = 0 [pid 391] <... openat resumed>) = 4 [pid 390] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 391] ioctl(4, LOOP_CLR_FD [pid 390] <... futex resumed>) = 1 [pid 388] <... futex resumed>) = 0 [pid 391] <... ioctl resumed>) = 0 [pid 390] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 388] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 391] close(4 [pid 390] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 388] <... futex resumed>) = 0 [pid 391] <... close resumed>) = 0 [pid 390] fspick(AT_FDCWD, "./file0", 0 [pid 388] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 391] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 390] <... fspick resumed>) = 4 [pid 391] <... futex resumed>) = 1 [pid 389] <... futex resumed>) = 0 [pid 391] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 390] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 389] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 391] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 390] <... futex resumed>) = 1 [pid 389] <... futex resumed>) = 0 [pid 388] <... futex resumed>) = 0 [pid 391] fspick(AT_FDCWD, "./file0", 0 [pid 390] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 389] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 388] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 391] <... fspick resumed>) = 4 [pid 390] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 388] <... futex resumed>) = 0 [pid 391] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 390] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 388] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 394] <... close resumed>) = 0 [pid 394] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 391] <... futex resumed>) = 1 [pid 389] <... futex resumed>) = 0 [pid 391] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 389] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 391] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 389] <... futex resumed>) = 0 [pid 391] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 389] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 394] <... futex resumed>) = 1 [pid 392] <... futex resumed>) = 0 [pid 392] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 392] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 394] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 394] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 392] <... futex resumed>) = 0 [pid 392] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 392] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 394] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = 0 [pid 390] <... fsconfig resumed>) = 0 [pid 390] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 388] <... futex resumed>) = 0 [pid 390] openat(AT_FDCWD, "./file0", O_RDONLY [pid 388] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 390] <... openat resumed>) = 5 [pid 388] <... futex resumed>) = 0 [pid 390] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 388] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 390] <... futex resumed>) = 0 [pid 388] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 390] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 388] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 390] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 388] <... futex resumed>) = 0 [pid 388] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 390] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 394] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 392] <... futex resumed>) = 0 [pid 392] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 392] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 394] openat(AT_FDCWD, "./file0", O_RDONLY) = 5 [pid 394] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 392] <... futex resumed>) = 0 [pid 392] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 392] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 394] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 391] <... fsconfig resumed>) = 0 [pid 391] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 389] <... futex resumed>) = 0 [pid 391] openat(AT_FDCWD, "./file0", O_RDONLY [pid 389] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 391] <... openat resumed>) = 5 [pid 389] <... futex resumed>) = 0 [pid 389] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 391] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 389] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 389] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 391] <... futex resumed>) = 0 [pid 389] <... futex resumed>) = 0 [pid 391] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 389] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 394] <... ioctl resumed>) = 0 [pid 394] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 392] <... futex resumed>) = 0 [pid 392] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 392] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 394] prlimit64(0, RLIMIT_RTPRIO, NULL, NULL) = 0 [pid 394] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 392] <... futex resumed>) = 0 [pid 392] exit_group(0) = ? [pid 394] +++ exited with 0 +++ [pid 392] +++ exited with 0 +++ [pid 309] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=392, si_uid=0, si_status=0, si_utime=3, si_stime=17} --- [pid 309] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 309] umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 309] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 309] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 309] umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 309] unlink("./2/binderfs") = 0 [pid 309] umount2("./2/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 391] <... ioctl resumed>) = 0 [pid 390] <... ioctl resumed>) = 0 [pid 391] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 390] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 391] <... futex resumed>) = 1 [pid 390] <... futex resumed>) = 1 [pid 389] <... futex resumed>) = 0 [pid 388] <... futex resumed>) = 0 [pid 391] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 390] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 389] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 388] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 391] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 390] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 389] <... futex resumed>) = 0 [pid 388] <... futex resumed>) = 0 [pid 391] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 390] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 389] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 388] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 391] <... prlimit64 resumed>NULL) = 0 [pid 390] <... prlimit64 resumed>NULL) = 0 [pid 391] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 390] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 391] <... futex resumed>) = 1 [pid 389] <... futex resumed>) = 0 [pid 388] <... futex resumed>) = 0 [pid 391] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 390] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 389] exit_group(0 [pid 388] exit_group(0 [pid 390] <... futex resumed>) = ? [pid 389] <... exit_group resumed>) = ? [pid 391] <... futex resumed>) = ? [pid 388] <... exit_group resumed>) = ? [pid 391] +++ exited with 0 +++ [pid 390] +++ exited with 0 +++ [pid 389] +++ exited with 0 +++ [pid 388] +++ exited with 0 +++ [pid 310] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=389, si_uid=0, si_status=0, si_utime=6, si_stime=17} --- [pid 307] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=388, si_uid=0, si_status=0, si_utime=5, si_stime=16} --- [pid 310] restart_syscall(<... resuming interrupted clone ...> [pid 307] restart_syscall(<... resuming interrupted clone ...> [pid 310] <... restart_syscall resumed>) = 0 [pid 307] <... restart_syscall resumed>) = 0 [ 42.985454][ T391] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 42.999018][ T397] F2FS-fs (loop4): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 43.025839][ T397] F2FS-fs (loop4): Found nat_bits in checkpoint [pid 310] umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW [pid 307] umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW [pid 310] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 307] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 310] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 307] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 310] <... openat resumed>) = 3 [pid 307] <... openat resumed>) = 3 [pid 310] newfstatat(3, "", [pid 307] newfstatat(3, "", [pid 310] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 307] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 310] getdents64(3, [pid 307] getdents64(3, [pid 310] <... getdents64 resumed>0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 307] <... getdents64 resumed>0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 310] umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 307] umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 310] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 307] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 310] newfstatat(AT_FDCWD, "./2/binderfs", [pid 307] newfstatat(AT_FDCWD, "./2/binderfs", [pid 310] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 307] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 310] unlink("./2/binderfs" [pid 307] unlink("./2/binderfs" [pid 310] <... unlink resumed>) = 0 [pid 307] <... unlink resumed>) = 0 [pid 310] umount2("./2/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 307] umount2("./2/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 397] <... mount resumed>) = 0 [pid 397] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 397] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 308] <... umount2 resumed>) = 0 [pid 308] umount2("./2/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] newfstatat(AT_FDCWD, "./2/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 308] umount2("./2/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 308] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 308] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 308] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 308] close(4) = 0 [pid 308] rmdir("./2/file0") = 0 [pid 308] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 308] close(3) = 0 [pid 308] rmdir("./2") = 0 [pid 308] mkdir("./3", 0777) = 0 [pid 308] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 310] <... umount2 resumed>) = 0 [pid 310] umount2("./2/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] newfstatat(AT_FDCWD, "./2/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 310] umount2("./2/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 310] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 310] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 310] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 310] close(4) = 0 [pid 310] rmdir("./2/file0") = 0 [pid 310] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 310] close(3) = 0 [pid 310] rmdir("./2") = 0 [pid 310] mkdir("./3", 0777) = 0 [ 43.086709][ T397] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0 [ 43.096002][ T397] F2FS-fs (loop4): Cannot turn on quotas: -2 on 1 [ 43.102692][ T397] F2FS-fs (loop4): Cannot turn on quotas: -2 on 2 [ 43.109629][ T397] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [pid 310] openat(AT_FDCWD, "/dev/loop3", O_RDWRexecuting program [pid 397] <... openat resumed>) = 4 [pid 308] <... openat resumed>) = 3 [pid 308] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 308] close(3) = 0 [pid 308] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 423 [pid 397] ioctl(4, LOOP_CLR_FD) = 0 [pid 397] close(4) = 0 [pid 397] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 396] <... futex resumed>) = 0 [pid 396] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 396] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 397] <... futex resumed>) = 1 [pid 397] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 397] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 396] <... futex resumed>) = 0 [pid 396] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 396] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 397] <... futex resumed>) = 1 [pid 397] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 310] <... openat resumed>) = 3 [pid 310] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 310] close(3) = 0 [pid 310] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 425 ./strace-static-x86_64: Process 425 attached [pid 425] set_robust_list(0x55555b716760, 24) = 0 [pid 425] chdir("./3") = 0 [pid 425] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 425] setpgid(0, 0) = 0 [pid 425] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 425] write(3, "1000", 4) = 4 [pid 425] close(3) = 0 [pid 425] symlink("/dev/binderfs", "./binderfs") = 0 [pid 425] write(1, "executing program\n", 18) = 18 [pid 425] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 425] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 425] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 425] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 425] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 425] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 425] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[426]}, 88) = 426 [pid 425] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 425] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 425] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 426 attached [pid 426] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 426] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 426] memfd_create("syzkaller", 0) = 3 [pid 426] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 ./strace-static-x86_64: Process 423 attached [pid 423] set_robust_list(0x55555b716760, 24) = 0 [pid 423] chdir("./3") = 0 [pid 423] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 423] setpgid(0, 0) = 0 [pid 423] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 423] write(3, "1000", 4) = 4 [pid 423] close(3) = 0 [pid 423] symlink("/dev/binderfs", "./binderfs") = 0 [pid 423] write(1, "executing program\n", 18executing program ) = 18 [pid 423] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 423] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 423] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 423] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 423] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 423] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 423] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} [pid 397] <... fsconfig resumed>) = 0 [pid 397] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 396] <... futex resumed>) = 0 [pid 397] openat(AT_FDCWD, "./file0", O_RDONLY [pid 396] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 397] <... openat resumed>) = 5 [pid 396] <... futex resumed>) = 0 [pid 397] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 396] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 423] <... clone3 resumed> => {parent_tid=[428]}, 88) = 428 [pid 397] <... futex resumed>) = 0 [pid 396] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 423] rt_sigprocmask(SIG_SETMASK, [], [pid 397] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 396] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 396] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 423] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 423] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 397] <... ioctl resumed>) = 0 [pid 397] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 423] <... futex resumed>) = 0 [pid 397] <... futex resumed>) = 1 [pid 397] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 396] <... futex resumed>) = 0 [pid 423] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 396] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 397] <... futex resumed>) = 0 [pid 396] <... futex resumed>) = 1 [pid 397] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 396] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 397] <... prlimit64 resumed>NULL) = 0 [pid 397] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 396] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 397] <... futex resumed>) = 0 [pid 397] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 396] exit_group(0 [pid 397] <... futex resumed>) = ? [pid 396] <... exit_group resumed>) = ? [pid 397] +++ exited with 0 +++ [pid 396] +++ exited with 0 +++ [pid 311] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=396, si_uid=0, si_status=0, si_utime=7, si_stime=19} --- [pid 311] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 311] umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 311] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 311] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 311] umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 311] unlink("./2/binderfs") = 0 [pid 311] umount2("./2/file0", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 428 attached [pid 428] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 428] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 428] memfd_create("syzkaller", 0) = 3 [pid 428] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 309] <... umount2 resumed>) = 0 [pid 309] umount2("./2/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] newfstatat(AT_FDCWD, "./2/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 309] umount2("./2/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 309] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 309] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 309] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 309] close(4) = 0 [pid 309] rmdir("./2/file0") = 0 [pid 309] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 309] close(3) = 0 [pid 309] rmdir("./2") = 0 [pid 309] mkdir("./3", 0777) = 0 [pid 309] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 309] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 309] close(3) = 0 [pid 309] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 429 ./strace-static-x86_64: Process 429 attached [pid 429] set_robust_list(0x55555b716760, 24) = 0 [pid 429] chdir("./3") = 0 [pid 429] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 429] setpgid(0, 0) = 0 [pid 429] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 429] write(3, "1000", 4) = 4 [pid 429] close(3) = 0 [pid 429] symlink("/dev/binderfs", "./binderfs") = 0 [pid 429] write(1, "executing program\n", 18executing program ) = 18 [pid 429] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 429] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 429] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 429] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 429] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 429] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 429] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[430]}, 88) = 430 [pid 429] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 429] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 429] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 430 attached [pid 430] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 430] rt_sigprocmask(SIG_SETMASK, [], [pid 307] <... umount2 resumed>) = 0 [pid 430] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 307] umount2("./2/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 430] memfd_create("syzkaller", 0) = 3 [pid 307] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 430] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 307] newfstatat(AT_FDCWD, "./2/file0", [pid 430] <... mmap resumed>) = 0x7f5376fec000 [pid 307] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 307] umount2("./2/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 307] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 307] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 307] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 307] close(4) = 0 [pid 307] rmdir("./2/file0") = 0 [pid 307] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 307] close(3) = 0 [pid 307] rmdir("./2") = 0 [pid 307] mkdir("./3", 0777) = 0 [pid 307] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 307] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 307] close(3) = 0 [pid 307] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 431 ./strace-static-x86_64: Process 431 attached [pid 431] set_robust_list(0x55555b716760, 24) = 0 [pid 431] chdir("./3") = 0 [pid 431] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 431] setpgid(0, 0) = 0 [pid 431] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 431] write(3, "1000", 4) = 4 [pid 431] close(3) = 0 [pid 431] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 431] write(1, "executing program\n", 18) = 18 [pid 431] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 431] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 431] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 431] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 431] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 431] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 431] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[432]}, 88) = 432 [pid 431] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 431] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 431] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 432 attached [pid 432] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 432] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 432] memfd_create("syzkaller", 0) = 3 [pid 432] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 311] <... umount2 resumed>) = 0 [pid 311] umount2("./2/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] newfstatat(AT_FDCWD, "./2/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 311] umount2("./2/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 311] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 311] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 311] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 311] close(4) = 0 [pid 311] rmdir("./2/file0") = 0 [pid 311] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 311] close(3) = 0 [pid 311] rmdir("./2") = 0 [pid 311] mkdir("./3", 0777) = 0 [pid 311] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 311] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 311] close(3) = 0 [pid 311] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 433 ./strace-static-x86_64: Process 433 attached [pid 433] set_robust_list(0x55555b716760, 24) = 0 [pid 433] chdir("./3") = 0 [pid 433] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 433] setpgid(0, 0) = 0 [pid 433] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 433] write(3, "1000", 4) = 4 [pid 433] close(3) = 0 [pid 433] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 433] write(1, "executing program\n", 18) = 18 [pid 433] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 433] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 433] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 433] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 433] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 433] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 433] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[434]}, 88) = 434 [pid 433] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 433] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 433] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 428] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119./strace-static-x86_64: Process 434 attached [pid 434] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 434] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 434] memfd_create("syzkaller", 0) = 3 [pid 434] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 426] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 430] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 428] <... write resumed>) = 20699119 [pid 428] munmap(0x7f5376fec000, 138412032) = 0 [pid 428] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 428] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 428] close(3) = 0 [pid 428] close(4) = 0 [pid 428] mkdir("./file0", 0777) = 0 [pid 428] mount("/dev/loop1", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 432] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 426] <... write resumed>) = 20699119 [pid 426] munmap(0x7f5376fec000, 138412032) = 0 [pid 426] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 426] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 426] close(3) = 0 [pid 426] close(4) = 0 [ 43.604084][ T428] F2FS-fs (loop1): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 426] mkdir("./file0", 0777) = 0 [pid 426] mount("/dev/loop3", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [ 43.659004][ T428] F2FS-fs (loop1): Found nat_bits in checkpoint [ 43.667870][ T426] F2FS-fs (loop3): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 434] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119 [pid 434] munmap(0x7f5376fec000, 138412032) = 0 [pid 434] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 434] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 434] close(3) = 0 [pid 434] close(4) = 0 [pid 434] mkdir("./file0", 0777) = 0 [ 43.730075][ T426] F2FS-fs (loop3): Found nat_bits in checkpoint [pid 434] mount("/dev/loop4", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 430] <... write resumed>) = 20699119 [pid 430] munmap(0x7f5376fec000, 138412032) = 0 [pid 430] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 430] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 430] close(3) = 0 [pid 430] close(4) = 0 [pid 430] mkdir("./file0", 0777) = 0 [ 43.787068][ T434] F2FS-fs (loop4): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 43.798775][ T428] F2FS-fs (loop1): Cannot turn on quotas: -2 on 0 [ 43.806414][ T428] F2FS-fs (loop1): Cannot turn on quotas: -2 on 1 [ 43.813640][ T428] F2FS-fs (loop1): Cannot turn on quotas: -2 on 2 [ 43.821429][ T434] F2FS-fs (loop4): Found nat_bits in checkpoint [ 43.823422][ T430] F2FS-fs (loop2): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 430] mount("/dev/loop2", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 428] <... mount resumed>) = 0 [pid 428] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 428] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 428] ioctl(4, LOOP_CLR_FD) = 0 [pid 428] close(4) = 0 [pid 428] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 423] <... futex resumed>) = 0 [pid 428] fspick(AT_FDCWD, "./file0", 0 [pid 423] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 423] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 428] <... fspick resumed>) = 4 [pid 428] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 423] <... futex resumed>) = 0 [pid 423] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 423] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 428] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 432] <... write resumed>) = 20699119 [pid 428] <... fsconfig resumed>) = 0 [pid 432] munmap(0x7f5376fec000, 138412032 [pid 428] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 423] <... futex resumed>) = 0 [pid 428] openat(AT_FDCWD, "./file0", O_RDONLY [pid 423] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 428] <... openat resumed>) = 5 [pid 423] <... futex resumed>) = 0 [pid 423] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 428] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 423] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 428] <... futex resumed>) = 0 [pid 428] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 423] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 423] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 428] <... ioctl resumed>) = 0 [pid 428] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 432] <... munmap resumed>) = 0 [pid 428] <... futex resumed>) = 1 [pid 423] <... futex resumed>) = 0 [pid 428] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 423] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 428] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 428] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 423] <... futex resumed>) = 0 [pid 428] <... prlimit64 resumed>NULL) = 0 [pid 423] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 428] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 423] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 428] <... futex resumed>) = 0 [pid 428] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 423] exit_group(0 [pid 428] <... futex resumed>) = ? [pid 423] <... exit_group resumed>) = ? [pid 428] +++ exited with 0 +++ [pid 423] +++ exited with 0 +++ [pid 308] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=423, si_uid=0, si_status=0, si_utime=3, si_stime=18} --- [pid 308] restart_syscall(<... resuming interrupted clone ...> [pid 432] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 43.837775][ T428] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [pid 432] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 432] close(3) = 0 [pid 432] close(4 [pid 308] <... restart_syscall resumed>) = 0 [pid 426] <... mount resumed>) = 0 [pid 308] umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 308] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 308] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 308] umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 308] unlink("./3/binderfs") = 0 [pid 308] umount2("./3/file0", MNT_FORCE|UMOUNT_NOFOLLOW [ 43.886542][ T426] F2FS-fs (loop3): Cannot turn on quotas: -2 on 0 [ 43.892784][ T434] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0 [ 43.894292][ T426] F2FS-fs (loop3): Cannot turn on quotas: -2 on 1 [ 43.900487][ T434] F2FS-fs (loop4): Cannot turn on quotas: -2 on 1 [ 43.906700][ T426] F2FS-fs (loop3): Cannot turn on quotas: -2 on 2 [ 43.913429][ T434] F2FS-fs (loop4): Cannot turn on quotas: -2 on 2 [ 43.919828][ T426] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [pid 426] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 426] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 434] <... mount resumed>) = 0 [pid 432] <... close resumed>) = 0 [pid 426] <... openat resumed>) = 4 [pid 432] mkdir("./file0", 0777) = 0 [pid 432] mount("/dev/loop0", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 434] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 426] ioctl(4, LOOP_CLR_FD [pid 434] <... openat resumed>) = 3 [pid 434] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 426] <... ioctl resumed>) = 0 [pid 434] <... openat resumed>) = 4 [pid 434] ioctl(4, LOOP_CLR_FD [pid 426] close(4 [pid 434] <... ioctl resumed>) = 0 [pid 426] <... close resumed>) = 0 [pid 434] close(4 [pid 426] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 434] <... close resumed>) = 0 [pid 426] <... futex resumed>) = 1 [pid 425] <... futex resumed>) = 0 [pid 426] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 425] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 434] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 425] <... futex resumed>) = 0 [pid 434] <... futex resumed>) = 1 [pid 433] <... futex resumed>) = 0 [pid 426] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 434] fspick(AT_FDCWD, "./file0", 0 [pid 433] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 426] fspick(AT_FDCWD, "./file0", 0 [pid 425] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 434] <... fspick resumed>) = 4 [pid 433] <... futex resumed>) = 0 [pid 434] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 426] <... fspick resumed>) = 4 [pid 434] <... futex resumed>) = 0 [pid 433] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 426] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 434] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 433] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 434] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 433] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 426] <... futex resumed>) = 1 [pid 425] <... futex resumed>) = 0 [pid 434] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 433] <... futex resumed>) = 0 [pid 426] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 425] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 433] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 43.926488][ T434] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 43.938107][ T430] F2FS-fs (loop2): Found nat_bits in checkpoint [ 43.952688][ T432] F2FS-fs (loop0): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 43.965028][ T432] F2FS-fs (loop0): Found nat_bits in checkpoint [pid 425] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 434] <... fsconfig resumed>) = 0 [pid 434] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 433] <... futex resumed>) = 0 [pid 434] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 433] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 434] openat(AT_FDCWD, "./file0", O_RDONLY [pid 433] <... futex resumed>) = 0 [pid 434] <... openat resumed>) = 5 [pid 433] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 434] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 433] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 434] <... futex resumed>) = 0 [pid 433] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 434] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 433] <... futex resumed>) = 0 [pid 433] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 434] <... ioctl resumed>) = 0 [pid 434] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 433] <... futex resumed>) = 0 [pid 434] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 433] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 434] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 434] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 433] <... futex resumed>) = 0 [pid 434] <... prlimit64 resumed>NULL) = 0 [pid 433] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 434] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 433] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 434] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 433] exit_group(0 [pid 434] <... futex resumed>) = 231 [pid 433] <... exit_group resumed>) = ? [pid 434] +++ exited with 0 +++ [pid 433] +++ exited with 0 +++ [pid 311] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=433, si_uid=0, si_status=0, si_utime=4, si_stime=20} --- [pid 311] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 311] umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 311] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 311] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 311] umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 311] unlink("./3/binderfs") = 0 [pid 311] umount2("./3/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 425] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 425] futex(0x7f537f4dd6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 425] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3cb000 [pid 425] mprotect(0x7f537f3cc000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 425] rt_sigprocmask(SIG_BLOCK, ~[], [pid 426] <... fsconfig resumed>) = 0 [pid 425] <... rt_sigprocmask resumed>[], 8) = 0 [pid 426] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 425] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f3eb990, parent_tid=0x7f537f3eb990, exit_signal=0, stack=0x7f537f3cb000, stack_size=0x20240, tls=0x7f537f3eb6c0} [pid 426] <... futex resumed>) = 0 [pid 426] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 425] <... clone3 resumed> => {parent_tid=[457]}, 88) = 457 [pid 425] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 425] futex(0x7f537f4dd6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 425] futex(0x7f537f4dd6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 457 attached [pid 308] <... umount2 resumed>) = 0 [pid 457] set_robust_list(0x7f537f3eb9a0, 24 [ 44.032736][ T430] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0 [ 44.058510][ T430] F2FS-fs (loop2): Cannot turn on quotas: -2 on 1 [ 44.063414][ T432] F2FS-fs (loop0): Cannot turn on quotas: -2 on 0 [ 44.066381][ T430] F2FS-fs (loop2): Cannot turn on quotas: -2 on 2 [pid 308] umount2("./3/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 457] <... set_robust_list resumed>) = 0 [pid 308] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 430] <... mount resumed>) = 0 [pid 430] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 430] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 457] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 457] openat(AT_FDCWD, "./file0", O_RDONLY) = 5 [pid 457] futex(0x7f537f4dd6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 457] futex(0x7f537f4dd6d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 308] newfstatat(AT_FDCWD, "./3/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 308] umount2("./3/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 308] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 308] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 308] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 308] close(4) = 0 [pid 308] rmdir("./3/file0") = 0 [pid 308] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 308] close(3) = 0 [pid 308] rmdir("./3" [pid 425] <... futex resumed>) = 0 [pid 308] <... rmdir resumed>) = 0 [pid 425] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 308] mkdir("./4", 0777 [pid 426] <... futex resumed>) = 0 [pid 425] <... futex resumed>) = 1 [pid 426] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 425] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 308] <... mkdir resumed>) = 0 [pid 308] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 308] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 308] close(3) = 0 [pid 308] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 458 [pid 430] <... openat resumed>) = 4 [pid 430] ioctl(4, LOOP_CLR_FD) = 0 [pid 430] close(4) = 0 [pid 430] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 429] <... futex resumed>) = 0 [pid 429] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 429] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 430] <... futex resumed>) = 1 [pid 430] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 430] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 429] <... futex resumed>) = 0 [pid 429] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 429] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 430] <... futex resumed>) = 1 [pid 430] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 426] <... ioctl resumed>) = 0 [pid 426] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 425] <... futex resumed>) = 0 [pid 426] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 425] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 426] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 425] <... futex resumed>) = 0 [pid 426] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 425] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 426] <... prlimit64 resumed>NULL) = 0 [pid 426] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 425] <... futex resumed>) = 0 [pid 426] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 425] exit_group(0 [pid 457] <... futex resumed>) = ? [pid 425] <... exit_group resumed>) = ? [pid 457] +++ exited with 0 +++ [pid 426] <... futex resumed>) = ? [pid 426] +++ exited with 0 +++ [pid 425] +++ exited with 0 +++ [pid 310] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=425, si_uid=0, si_status=0, si_utime=3, si_stime=16} --- [pid 310] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 310] umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 310] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 310] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 310] umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 310] unlink("./3/binderfs") = 0 [pid 310] umount2("./3/file0", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 458 attached [pid 432] <... mount resumed>) = 0 [pid 430] <... fsconfig resumed>) = 0 [pid 458] set_robust_list(0x55555b716760, 24 [pid 432] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 458] <... set_robust_list resumed>) = 0 [pid 458] chdir("./4" [pid 432] <... openat resumed>) = 3 [pid 430] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 458] <... chdir resumed>) = 0 [pid 432] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 458] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 432] <... openat resumed>) = 4 [pid 430] <... futex resumed>) = 1 [pid 429] <... futex resumed>) = 0 [pid 458] <... prctl resumed>) = 0 [pid 458] setpgid(0, 0 [pid 432] ioctl(4, LOOP_CLR_FD [pid 430] openat(AT_FDCWD, "./file0", O_RDONLY [pid 429] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 458] <... setpgid resumed>) = 0 [pid 458] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 432] <... ioctl resumed>) = 0 [pid 430] <... openat resumed>) = 5 [pid 429] <... futex resumed>) = 0 [pid 430] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 429] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 458] <... openat resumed>) = 3 [pid 432] close(4 [pid 458] write(3, "1000", 4 [pid 432] <... close resumed>) = 0 [pid 430] <... futex resumed>) = 0 [pid 429] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 430] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 429] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 430] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 429] <... futex resumed>) = 0 [pid 430] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 429] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 430] <... ioctl resumed>) = 0 [pid 458] <... write resumed>) = 4 [pid 458] close(3 [pid 432] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 430] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 458] <... close resumed>) = 0 [pid 432] <... futex resumed>) = 1 [pid 431] <... futex resumed>) = 0 [pid 430] <... futex resumed>) = 1 [pid 429] <... futex resumed>) = 0 [pid 458] symlink("/dev/binderfs", "./binderfs" [pid 432] fspick(AT_FDCWD, "./file0", 0 [pid 431] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 430] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 429] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 430] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 429] <... futex resumed>) = 0 [pid 458] <... symlink resumed>) = 0 [pid 432] <... fspick resumed>) = 4 [pid 431] <... futex resumed>) = 0 [pid 430] prlimit64(0, RLIMIT_RTPRIO, NULL, executing program [pid 429] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 458] write(1, "executing program\n", 18 [pid 432] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 431] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 430] <... prlimit64 resumed>NULL) = 0 [pid 458] <... write resumed>) = 18 [pid 432] <... futex resumed>) = 0 [pid 431] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 430] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 458] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 432] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 431] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 430] <... futex resumed>) = 1 [pid 429] <... futex resumed>) = 0 [pid 458] <... futex resumed>) = 0 [pid 431] <... futex resumed>) = 0 [pid 430] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 429] exit_group(0 [pid 458] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, [pid 431] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 430] <... futex resumed>) = ? [pid 429] <... exit_group resumed>) = ? [pid 458] <... rt_sigaction resumed>NULL, 8) = 0 [pid 430] +++ exited with 0 +++ [pid 429] +++ exited with 0 +++ [pid 458] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 309] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=429, si_uid=0, si_status=0, si_utime=5, si_stime=23} --- [pid 458] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 309] restart_syscall(<... resuming interrupted clone ...> [pid 458] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 458] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 458] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 432] <... fsconfig resumed>) = 0 [pid 458] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} [pid 432] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 458] <... clone3 resumed> => {parent_tid=[463]}, 88) = 463 [pid 431] <... futex resumed>) = 0 [pid 432] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 458] rt_sigprocmask(SIG_SETMASK, [], [pid 432] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 431] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 458] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 432] openat(AT_FDCWD, "./file0", O_RDONLY [pid 431] <... futex resumed>) = 0 [pid 458] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 432] <... openat resumed>) = 5 [pid 431] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 458] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 432] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 431] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 432] <... futex resumed>) = 0 [pid 431] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 432] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 431] <... futex resumed>) = 0 [pid 431] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 463 attached [pid 463] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 432] <... ioctl resumed>) = 0 [pid 432] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 431] <... futex resumed>) = 0 [pid 432] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 309] <... restart_syscall resumed>) = 0 [pid 431] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 432] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 432] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 431] <... futex resumed>) = 0 [pid 432] <... prlimit64 resumed>NULL) = 0 [pid 431] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 432] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 431] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 432] <... futex resumed>) = 0 [pid 432] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 431] exit_group(0) = ? [pid 432] <... futex resumed>) = -1 (errno 18446744073709551555) [pid 309] umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 432] +++ exited with 0 +++ [pid 431] +++ exited with 0 +++ [pid 309] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 307] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=431, si_uid=0, si_status=0, si_utime=2, si_stime=15} --- [pid 309] getdents64(3, [pid 307] restart_syscall(<... resuming interrupted clone ...> [pid 309] <... getdents64 resumed>0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 309] umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 309] unlink("./3/binderfs") = 0 [pid 309] umount2("./3/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 463] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 463] memfd_create("syzkaller", 0 [pid 307] <... restart_syscall resumed>) = 0 [pid 307] umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 307] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 307] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 307] umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 44.072548][ T432] F2FS-fs (loop0): Cannot turn on quotas: -2 on 1 [ 44.080110][ T430] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 44.085847][ T432] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2 [ 44.104605][ T432] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [pid 307] unlink("./3/binderfs") = 0 [pid 307] umount2("./3/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 463] <... memfd_create resumed>) = 3 [pid 463] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 311] <... umount2 resumed>) = 0 [pid 311] umount2("./3/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] newfstatat(AT_FDCWD, "./3/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 311] umount2("./3/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 311] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 311] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 311] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 311] close(4) = 0 [pid 311] rmdir("./3/file0") = 0 [pid 311] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 311] close(3) = 0 [pid 311] rmdir("./3") = 0 [pid 311] mkdir("./4", 0777) = 0 [pid 311] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 310] <... umount2 resumed>) = 0 [pid 310] umount2("./3/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] newfstatat(AT_FDCWD, "./3/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 310] umount2("./3/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 310] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 310] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 310] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 310] close(4) = 0 [pid 310] rmdir("./3/file0") = 0 [pid 310] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 310] close(3) = 0 [pid 310] rmdir("./3") = 0 [pid 310] mkdir("./4", 0777) = 0 [pid 310] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 463] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 311] <... openat resumed>) = 3 [pid 310] <... openat resumed>) = 3 [pid 310] ioctl(3, LOOP_CLR_FD [pid 311] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 310] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 310] close(3 [pid 311] close(3) = 0 [pid 310] <... close resumed>) = 0 [pid 463] <... write resumed>) = 20699119 [pid 310] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 311] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 465 [pid 310] <... clone resumed>, child_tidptr=0x55555b716750) = 464 ./strace-static-x86_64: Process 465 attached ./strace-static-x86_64: Process 464 attached [pid 463] munmap(0x7f5376fec000, 138412032 [pid 464] set_robust_list(0x55555b716760, 24 [pid 465] set_robust_list(0x55555b716760, 24) = 0 [pid 465] chdir("./4" [pid 464] <... set_robust_list resumed>) = 0 [pid 463] <... munmap resumed>) = 0 [pid 464] chdir("./4" [pid 463] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 464] <... chdir resumed>) = 0 [pid 463] <... openat resumed>) = 4 [pid 464] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 463] ioctl(4, LOOP_SET_FD, 3 [pid 464] <... prctl resumed>) = 0 [pid 464] setpgid(0, 0 [pid 465] <... chdir resumed>) = 0 [pid 465] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 464] <... setpgid resumed>) = 0 [pid 464] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 465] setpgid(0, 0 [pid 464] <... openat resumed>) = 3 [pid 464] write(3, "1000", 4) = 4 [pid 464] close(3) = 0 [pid 465] <... setpgid resumed>) = 0 [pid 464] symlink("/dev/binderfs", "./binderfs" [pid 465] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 464] <... symlink resumed>) = 0 executing program [pid 464] write(1, "executing program\n", 18) = 18 [pid 464] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 464] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 464] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 464] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 464] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 465] <... openat resumed>) = 3 [pid 464] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 464] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} [pid 465] write(3, "1000", 4 [pid 464] <... clone3 resumed> => {parent_tid=[467]}, 88) = 467 [pid 464] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 464] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 464] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 465] <... write resumed>) = 4 [pid 465] close(3) = 0 [pid 465] symlink("/dev/binderfs", "./binderfs") = 0 [pid 465] write(1, "executing program\n", 18executing program ) = 18 [pid 465] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 465] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 465] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 465] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 465] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 465] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 465] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[468]}, 88) = 468 [pid 465] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 465] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 465] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 468 attached [pid 468] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 468] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 468] memfd_create("syzkaller", 0) = 3 [pid 468] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 ./strace-static-x86_64: Process 467 attached [pid 463] <... ioctl resumed>) = 0 [pid 467] set_robust_list(0x7f537f40c9a0, 24 [pid 463] close(3 [pid 467] <... set_robust_list resumed>) = 0 [pid 463] <... close resumed>) = 0 [pid 467] rt_sigprocmask(SIG_SETMASK, [], [pid 463] close(4 [pid 467] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 467] memfd_create("syzkaller", 0) = 3 [pid 467] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 463] <... close resumed>) = 0 [pid 463] mkdir("./file0", 0777) = 0 [pid 463] mount("/dev/loop1", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 307] <... umount2 resumed>) = 0 [pid 307] umount2("./3/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] newfstatat(AT_FDCWD, "./3/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 307] umount2("./3/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 307] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 307] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 307] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 307] close(4) = 0 [pid 307] rmdir("./3/file0") = 0 [pid 307] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 307] close(3) = 0 [pid 307] rmdir("./3") = 0 [pid 307] mkdir("./4", 0777) = 0 [pid 307] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 307] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 307] close(3 [pid 467] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 307] <... close resumed>) = 0 [pid 307] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 471 [ 44.377822][ T463] F2FS-fs (loop1): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root ./strace-static-x86_64: Process 471 attached [pid 471] set_robust_list(0x55555b716760, 24) = 0 [pid 471] chdir("./4") = 0 [pid 471] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 471] setpgid(0, 0) = 0 [pid 471] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 471] write(3, "1000", 4) = 4 [pid 471] close(3) = 0 [pid 471] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 471] write(1, "executing program\n", 18) = 18 [pid 471] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 471] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 471] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 471] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 471] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 471] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 471] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[472]}, 88) = 472 [pid 471] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 471] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 471] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 472 attached [pid 472] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 472] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 472] memfd_create("syzkaller", 0) = 3 [pid 472] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 309] <... umount2 resumed>) = 0 [pid 309] umount2("./3/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] newfstatat(AT_FDCWD, "./3/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 309] umount2("./3/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 309] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 309] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 309] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 309] close(4) = 0 [pid 309] rmdir("./3/file0") = 0 [pid 309] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 309] close(3) = 0 [pid 309] rmdir("./3") = 0 [pid 309] mkdir("./4", 0777) = 0 [pid 309] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 309] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 309] close(3) = 0 [pid 309] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 473 ./strace-static-x86_64: Process 473 attached [pid 473] set_robust_list(0x55555b716760, 24) = 0 [ 44.448080][ T463] F2FS-fs (loop1): Found nat_bits in checkpoint [pid 473] chdir("./4") = 0 [pid 473] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 473] setpgid(0, 0) = 0 [pid 473] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 473] write(3, "1000", 4) = 4 [pid 473] close(3) = 0 [pid 473] symlink("/dev/binderfs", "./binderfs") = 0 [pid 473] write(1, "executing program\n", 18executing program ) = 18 [pid 473] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 473] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 473] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 473] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 473] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 473] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 473] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[474]}, 88) = 474 [pid 473] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 473] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 473] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 474 attached [pid 474] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 474] rt_sigprocmask(SIG_SETMASK, [], [pid 468] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 474] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 474] memfd_create("syzkaller", 0) = 3 [pid 474] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 463] <... mount resumed>) = 0 [pid 463] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 463] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 463] ioctl(4, LOOP_CLR_FD) = 0 [pid 463] close(4) = 0 [pid 463] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 458] <... futex resumed>) = 0 [pid 463] <... futex resumed>) = 1 [pid 458] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 463] fspick(AT_FDCWD, "./file0", 0 [pid 458] <... futex resumed>) = 0 [pid 463] <... fspick resumed>) = 4 [pid 458] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 463] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 458] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 463] <... futex resumed>) = 0 [pid 458] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 463] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 458] <... futex resumed>) = 0 [pid 458] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 463] <... fsconfig resumed>) = 0 [pid 463] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 458] <... futex resumed>) = 0 [pid 463] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 458] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 463] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 458] <... futex resumed>) = 0 [pid 463] openat(AT_FDCWD, "./file0", O_RDONLY [pid 458] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 463] <... openat resumed>) = 5 [pid 463] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 458] <... futex resumed>) = 0 [pid 463] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 458] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 463] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 458] <... futex resumed>) = 0 [pid 463] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [ 44.520180][ T463] F2FS-fs (loop1): Cannot turn on quotas: -2 on 0 [ 44.527137][ T463] F2FS-fs (loop1): Cannot turn on quotas: -2 on 1 [ 44.535421][ T463] F2FS-fs (loop1): Cannot turn on quotas: -2 on 2 [ 44.544383][ T463] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [pid 458] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 463] <... ioctl resumed>) = 0 [pid 463] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 458] <... futex resumed>) = 0 [pid 463] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 458] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 463] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 458] <... futex resumed>) = 0 [pid 463] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 458] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 463] <... prlimit64 resumed>NULL) = 0 [pid 463] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 458] <... futex resumed>) = 0 [pid 463] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 458] exit_group(0 [pid 463] <... futex resumed>) = ? [pid 458] <... exit_group resumed>) = ? [pid 463] +++ exited with 0 +++ [pid 458] +++ exited with 0 +++ [pid 308] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=458, si_uid=0, si_status=0, si_utime=4, si_stime=16} --- [pid 308] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 308] umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 308] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 308] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 308] umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 308] unlink("./4/binderfs") = 0 [pid 308] umount2("./4/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 474] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 472] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 467] <... write resumed>) = 20699119 [pid 467] munmap(0x7f5376fec000, 138412032) = 0 [pid 467] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 467] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 467] close(3) = 0 [pid 467] close(4) = 0 [pid 467] mkdir("./file0", 0777) = 0 [pid 467] mount("/dev/loop3", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 468] <... write resumed>) = 20699119 [pid 468] munmap(0x7f5376fec000, 138412032) = 0 [pid 468] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 468] ioctl(4, LOOP_SET_FD, 3 [pid 308] <... umount2 resumed>) = 0 [pid 308] umount2("./4/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] newfstatat(AT_FDCWD, "./4/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 308] umount2("./4/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 308] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 308] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 308] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 308] close(4) = 0 [pid 308] rmdir("./4/file0") = 0 [pid 308] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 308] close(3) = 0 [pid 308] rmdir("./4") = 0 [pid 308] mkdir("./5", 0777) = 0 [pid 308] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 472] <... write resumed>) = 20699119 [ 44.744407][ T467] F2FS-fs (loop3): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 472] munmap(0x7f5376fec000, 138412032 [pid 468] <... ioctl resumed>) = 0 [pid 472] <... munmap resumed>) = 0 [pid 472] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 468] close(3) = 0 [pid 472] <... openat resumed>) = 4 [pid 468] close(4) = 0 [pid 472] ioctl(4, LOOP_SET_FD, 3 [pid 468] mkdir("./file0", 0777) = 0 [pid 468] mount("/dev/loop4", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 474] <... write resumed>) = 20699119 [pid 474] munmap(0x7f5376fec000, 138412032 [pid 472] <... ioctl resumed>) = 0 [pid 472] close(3) = 0 [pid 472] close(4 [pid 308] <... openat resumed>) = 3 [pid 474] <... munmap resumed>) = 0 [pid 472] <... close resumed>) = 0 [pid 308] ioctl(3, LOOP_CLR_FD [pid 472] mkdir("./file0", 0777 [pid 474] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 472] <... mkdir resumed>) = 0 [pid 308] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 472] mount("/dev/loop0", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 474] <... openat resumed>) = 4 [pid 308] close(3) = 0 [pid 308] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 474] ioctl(4, LOOP_SET_FD, 3 [pid 308] <... clone resumed>, child_tidptr=0x55555b716750) = 482 ./strace-static-x86_64: Process 482 attached [pid 482] set_robust_list(0x55555b716760, 24) = 0 [pid 482] chdir("./5") = 0 [pid 482] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 482] setpgid(0, 0) = 0 [pid 482] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 482] write(3, "1000", 4) = 4 [pid 482] close(3) = 0 [pid 482] symlink("/dev/binderfs", "./binderfs") = 0 [pid 482] write(1, "executing program\n", 18executing program ) = 18 [pid 482] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 482] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 482] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 482] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 482] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 482] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 482] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[484]}, 88) = 484 [pid 482] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 482] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 482] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 484 attached [pid 474] <... ioctl resumed>) = 0 [pid 484] set_robust_list(0x7f537f40c9a0, 24 [pid 474] close(3 [pid 484] <... set_robust_list resumed>) = 0 [pid 474] <... close resumed>) = 0 [pid 484] rt_sigprocmask(SIG_SETMASK, [], [pid 474] close(4 [pid 484] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 474] <... close resumed>) = 0 [pid 474] mkdir("./file0", 0777 [pid 484] memfd_create("syzkaller", 0 [pid 474] <... mkdir resumed>) = 0 [pid 484] <... memfd_create resumed>) = 3 [ 44.799829][ T467] F2FS-fs (loop3): Found nat_bits in checkpoint [ 44.817601][ T468] F2FS-fs (loop4): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 44.829443][ T472] F2FS-fs (loop0): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 474] mount("/dev/loop2", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 484] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [ 44.848033][ T474] F2FS-fs (loop2): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 44.869707][ T472] F2FS-fs (loop0): Found nat_bits in checkpoint [ 44.876138][ T468] F2FS-fs (loop4): Found nat_bits in checkpoint [ 44.884177][ T474] F2FS-fs (loop2): Found nat_bits in checkpoint [pid 472] <... mount resumed>) = 0 [pid 472] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 472] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 472] ioctl(4, LOOP_CLR_FD) = 0 [pid 472] close(4) = 0 [pid 472] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 471] <... futex resumed>) = 0 [pid 472] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 471] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 472] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 471] <... futex resumed>) = 0 [pid 472] fspick(AT_FDCWD, "./file0", 0 [pid 471] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 472] <... fspick resumed>) = 4 [pid 472] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 471] <... futex resumed>) = 0 [pid 472] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 471] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 472] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 471] <... futex resumed>) = 0 [pid 472] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [ 44.922289][ T467] F2FS-fs (loop3): Cannot turn on quotas: -2 on 0 [ 44.925353][ T472] F2FS-fs (loop0): Cannot turn on quotas: -2 on 0 [ 44.935265][ T472] F2FS-fs (loop0): Cannot turn on quotas: -2 on 1 [ 44.941786][ T472] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2 [ 44.948869][ T472] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 44.957723][ T467] F2FS-fs (loop3): Cannot turn on quotas: -2 on 1 [ 44.964642][ T467] F2FS-fs (loop3): Cannot turn on quotas: -2 on 2 [pid 471] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 472] <... fsconfig resumed>) = 0 [pid 467] <... mount resumed>) = 0 [pid 467] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 472] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 471] <... futex resumed>) = 0 [pid 472] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 471] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 472] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 471] <... futex resumed>) = 0 [pid 472] openat(AT_FDCWD, "./file0", O_RDONLY [pid 471] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 472] <... openat resumed>) = 5 [pid 472] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 467] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 467] ioctl(4, LOOP_CLR_FD) = 0 [pid 467] close(4 [pid 474] <... mount resumed>) = 0 [pid 472] <... futex resumed>) = 1 [pid 471] <... futex resumed>) = 0 [pid 474] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 472] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 471] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 474] <... openat resumed>) = 3 [pid 472] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 471] <... futex resumed>) = 0 [pid 474] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 472] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 471] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 474] <... openat resumed>) = 4 [pid 474] ioctl(4, LOOP_CLR_FD) = 0 [pid 472] <... ioctl resumed>) = 0 [pid 474] close(4 [pid 472] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 474] <... close resumed>) = 0 [pid 472] <... futex resumed>) = 1 [pid 471] <... futex resumed>) = 0 [pid 474] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 472] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 471] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 474] <... futex resumed>) = 1 [pid 473] <... futex resumed>) = 0 [pid 472] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 471] <... futex resumed>) = 0 [pid 474] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 473] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 472] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 471] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 474] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 473] <... futex resumed>) = 0 [pid 472] <... prlimit64 resumed>NULL) = 0 [pid 474] fspick(AT_FDCWD, "./file0", 0 [pid 473] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 472] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 474] <... fspick resumed>) = 4 [pid 472] <... futex resumed>) = 1 [pid 471] <... futex resumed>) = 0 [pid 474] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 472] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 471] exit_group(0 [pid 474] <... futex resumed>) = 1 [pid 473] <... futex resumed>) = 0 [pid 474] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 473] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 472] <... futex resumed>) = ? [pid 471] <... exit_group resumed>) = ? [pid 474] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 473] <... futex resumed>) = 0 [pid 472] +++ exited with 0 +++ [pid 471] +++ exited with 0 +++ [pid 474] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 473] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 307] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=471, si_uid=0, si_status=0, si_utime=7, si_stime=16} --- [pid 307] umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 307] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 307] getdents64(3, [pid 474] <... fsconfig resumed>) = 0 [pid 307] <... getdents64 resumed>0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 474] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 307] umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 474] <... futex resumed>) = 1 [pid 473] <... futex resumed>) = 0 [pid 474] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 473] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 307] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 474] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 473] <... futex resumed>) = 0 [pid 307] newfstatat(AT_FDCWD, "./4/binderfs", [pid 474] openat(AT_FDCWD, "./file0", O_RDONLY [pid 473] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 307] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 474] <... openat resumed>) = 5 [pid 307] unlink("./4/binderfs" [pid 474] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 473] <... futex resumed>) = 0 [pid 307] <... unlink resumed>) = 0 [pid 474] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 473] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 307] umount2("./4/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 474] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 473] <... futex resumed>) = 0 [pid 467] <... close resumed>) = 0 [pid 473] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 467] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 464] <... futex resumed>) = 0 [pid 464] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 464] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 467] <... futex resumed>) = 1 [pid 467] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 467] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 464] <... futex resumed>) = 0 [pid 467] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 464] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 464] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 474] <... ioctl resumed>) = 0 [pid 474] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 473] <... futex resumed>) = 0 [pid 474] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 473] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 474] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 473] <... futex resumed>) = 0 [pid 474] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 473] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 474] <... prlimit64 resumed>NULL) = 0 [pid 474] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 473] <... futex resumed>) = 0 [pid 474] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 473] exit_group(0 [pid 474] <... futex resumed>) = ? [pid 473] <... exit_group resumed>) = ? [pid 474] +++ exited with 0 +++ [pid 473] +++ exited with 0 +++ [pid 309] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=473, si_uid=0, si_status=0, si_utime=4, si_stime=18} --- [pid 309] restart_syscall(<... resuming interrupted clone ...>) = 0 [ 44.982923][ T467] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 44.987905][ T474] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0 [ 44.998845][ T474] F2FS-fs (loop2): Cannot turn on quotas: -2 on 1 [ 45.006789][ T474] F2FS-fs (loop2): Cannot turn on quotas: -2 on 2 [ 45.014056][ T474] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [pid 309] umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 309] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 309] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 484] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 467] <... fsconfig resumed>) = 0 [pid 309] umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 467] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 309] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 467] <... futex resumed>) = 1 [pid 464] <... futex resumed>) = 0 [pid 309] newfstatat(AT_FDCWD, "./4/binderfs", [pid 467] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 464] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 309] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 467] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 464] <... futex resumed>) = 0 [pid 309] unlink("./4/binderfs" [pid 467] openat(AT_FDCWD, "./file0", O_RDONLY [pid 464] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 309] <... unlink resumed>) = 0 [pid 467] <... openat resumed>) = 5 [pid 309] umount2("./4/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 467] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 464] <... futex resumed>) = 0 [pid 467] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 464] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 467] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 464] <... futex resumed>) = 0 [pid 467] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 464] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 467] <... ioctl resumed>) = 0 [pid 467] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 464] <... futex resumed>) = 0 [pid 467] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 464] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 467] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 464] <... futex resumed>) = 0 [pid 467] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 464] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 467] <... prlimit64 resumed>NULL) = 0 [pid 467] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 464] <... futex resumed>) = 0 [pid 467] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 464] exit_group(0 [pid 467] <... futex resumed>) = ? [pid 464] <... exit_group resumed>) = ? [pid 467] +++ exited with 0 +++ [pid 464] +++ exited with 0 +++ [pid 310] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=464, si_uid=0, si_status=0, si_utime=2, si_stime=22} --- [pid 310] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 310] umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 310] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 310] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 310] umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 310] unlink("./4/binderfs") = 0 [ 45.080984][ T468] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0 [ 45.089860][ T468] F2FS-fs (loop4): Cannot turn on quotas: -2 on 1 [ 45.097398][ T468] F2FS-fs (loop4): Cannot turn on quotas: -2 on 2 [pid 310] umount2("./4/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 468] <... mount resumed>) = 0 [pid 468] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 468] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 307] <... umount2 resumed>) = 0 [pid 307] umount2("./4/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] newfstatat(AT_FDCWD, "./4/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 307] umount2("./4/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 307] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 307] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 307] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 307] close(4) = 0 [pid 307] rmdir("./4/file0") = 0 [pid 307] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 307] close(3) = 0 [pid 307] rmdir("./4") = 0 [pid 307] mkdir("./5", 0777) = 0 [ 45.129723][ T468] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [pid 307] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 468] <... openat resumed>) = 4 [pid 468] ioctl(4, LOOP_CLR_FD) = 0 [pid 468] close(4 [pid 307] <... openat resumed>) = 3 [pid 468] <... close resumed>) = 0 [pid 307] ioctl(3, LOOP_CLR_FD [pid 468] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 307] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 468] <... futex resumed>) = 1 [pid 465] <... futex resumed>) = 0 [pid 307] close(3 [pid 468] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 465] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 468] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 465] <... futex resumed>) = 0 [pid 307] <... close resumed>) = 0 [pid 468] fspick(AT_FDCWD, "./file0", 0 [pid 465] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 307] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 468] <... fspick resumed>) = 4 [pid 468] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 465] <... futex resumed>) = 0 [pid 307] <... clone resumed>, child_tidptr=0x55555b716750) = 498 [pid 468] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 465] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 468] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 465] <... futex resumed>) = 0 [pid 468] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 465] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 498 attached [pid 498] set_robust_list(0x55555b716760, 24) = 0 [pid 498] chdir("./5") = 0 [pid 498] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 498] setpgid(0, 0) = 0 [pid 498] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 498] write(3, "1000", 4) = 4 [pid 498] close(3) = 0 [pid 498] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 498] write(1, "executing program\n", 18) = 18 [pid 498] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 498] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, [pid 484] <... write resumed>) = 20699119 [pid 498] <... rt_sigaction resumed>NULL, 8) = 0 [pid 468] <... fsconfig resumed>) = 0 [pid 498] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 468] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 498] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 468] <... futex resumed>) = 1 [pid 498] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 468] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 465] <... futex resumed>) = 0 [pid 498] <... mmap resumed>) = 0x7f537f3ec000 [pid 465] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 498] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE [pid 468] <... futex resumed>) = 0 [pid 465] <... futex resumed>) = 1 [pid 498] <... mprotect resumed>) = 0 [pid 468] openat(AT_FDCWD, "./file0", O_RDONLY [pid 465] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 498] rt_sigprocmask(SIG_BLOCK, ~[], [pid 484] munmap(0x7f5376fec000, 138412032 [pid 468] <... openat resumed>) = 5 [pid 498] <... rt_sigprocmask resumed>[], 8) = 0 [pid 468] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 498] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} [pid 468] <... futex resumed>) = 1 [pid 465] <... futex resumed>) = 0 [pid 484] <... munmap resumed>) = 0 [pid 468] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 465] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 498] <... clone3 resumed> => {parent_tid=[501]}, 88) = 501 [pid 468] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 465] <... futex resumed>) = 0 [pid 498] rt_sigprocmask(SIG_SETMASK, [], [pid 468] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 465] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 498] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 498] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 484] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 498] <... futex resumed>) = 0 [pid 498] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 484] <... openat resumed>) = 4 [pid 468] <... ioctl resumed>) = 0 [pid 484] ioctl(4, LOOP_SET_FD, 3 [pid 468] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 501 attached ) = 1 [pid 465] <... futex resumed>) = 0 [pid 468] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 465] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 501] set_robust_list(0x7f537f40c9a0, 24 [pid 468] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 465] <... futex resumed>) = 0 [pid 468] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 465] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 468] <... prlimit64 resumed>NULL) = 0 [pid 501] <... set_robust_list resumed>) = 0 [pid 468] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 501] rt_sigprocmask(SIG_SETMASK, [], [pid 309] <... umount2 resumed>) = 0 [pid 468] <... futex resumed>) = 1 [pid 465] <... futex resumed>) = 0 [pid 501] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 484] <... ioctl resumed>) = 0 [pid 468] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 465] exit_group(0 [pid 309] umount2("./4/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 501] memfd_create("syzkaller", 0 [pid 484] close(3 [pid 468] <... futex resumed>) = ? [pid 465] <... exit_group resumed>) = ? [pid 309] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 501] <... memfd_create resumed>) = 3 [pid 468] +++ exited with 0 +++ [pid 484] <... close resumed>) = 0 [pid 484] close(4 [pid 501] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 484] <... close resumed>) = 0 [pid 465] +++ exited with 0 +++ [pid 309] newfstatat(AT_FDCWD, "./4/file0", [pid 501] <... mmap resumed>) = 0x7f5376fec000 [pid 311] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=465, si_uid=0, si_status=0, si_utime=4, si_stime=13} --- [pid 484] mkdir("./file0", 0777 [pid 311] restart_syscall(<... resuming interrupted clone ...> [pid 309] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 484] <... mkdir resumed>) = 0 [pid 484] mount("/dev/loop1", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 311] <... restart_syscall resumed>) = 0 [pid 309] umount2("./4/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 309] openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 311] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 311] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 309] <... openat resumed>) = 4 [pid 311] <... openat resumed>) = 3 [pid 309] newfstatat(4, "", [pid 311] newfstatat(3, "", [pid 309] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 311] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 309] getdents64(4, [pid 311] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 309] <... getdents64 resumed>0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 311] umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 309] getdents64(4, [pid 311] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 309] <... getdents64 resumed>0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 311] newfstatat(AT_FDCWD, "./4/binderfs", [pid 309] close(4 [pid 311] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 309] <... close resumed>) = 0 [pid 311] unlink("./4/binderfs" [pid 309] rmdir("./4/file0" [pid 311] <... unlink resumed>) = 0 [pid 309] <... rmdir resumed>) = 0 [pid 311] umount2("./4/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 309] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 309] close(3) = 0 [pid 309] rmdir("./4") = 0 [pid 309] mkdir("./5", 0777) = 0 [pid 309] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 309] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 309] close(3) = 0 [pid 309] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 503 ./strace-static-x86_64: Process 503 attached [pid 503] set_robust_list(0x55555b716760, 24) = 0 [pid 503] chdir("./5") = 0 [pid 503] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 503] setpgid(0, 0) = 0 [pid 503] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 503] write(3, "1000", 4) = 4 [pid 503] close(3) = 0 [pid 503] symlink("/dev/binderfs", "./binderfs") = 0 [pid 503] write(1, "executing program\n", 18executing program ) = 18 [pid 503] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 310] <... umount2 resumed>) = 0 [ 45.240286][ T484] F2FS-fs (loop1): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 310] umount2("./4/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] newfstatat(AT_FDCWD, "./4/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 310] umount2("./4/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 310] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 310] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 310] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 310] close(4) = 0 [pid 310] rmdir("./4/file0" [pid 503] <... futex resumed>) = 0 [pid 310] <... rmdir resumed>) = 0 [pid 310] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 310] close(3) = 0 [pid 310] rmdir("./4" [pid 503] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, [pid 310] <... rmdir resumed>) = 0 [pid 310] mkdir("./5", 0777 [pid 503] <... rt_sigaction resumed>NULL, 8) = 0 [pid 503] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 310] <... mkdir resumed>) = 0 [pid 310] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 503] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 503] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 503] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 503] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 503] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[505]}, 88) = 505 [pid 503] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 503] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 503] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 505 attached [pid 505] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 505] rt_sigprocmask(SIG_SETMASK, [], [pid 310] <... openat resumed>) = 3 [pid 310] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 310] close(3) = 0 [pid 310] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 507 [pid 505] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 505] memfd_create("syzkaller", 0) = 3 [pid 505] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 ./strace-static-x86_64: Process 507 attached [pid 507] set_robust_list(0x55555b716760, 24) = 0 [pid 507] chdir("./5") = 0 [pid 507] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 507] setpgid(0, 0) = 0 [pid 507] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 507] write(3, "1000", 4) = 4 [pid 507] close(3) = 0 [pid 507] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 507] write(1, "executing program\n", 18) = 18 [pid 507] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 507] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 507] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 507] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 507] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 507] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 507] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[508]}, 88) = 508 [pid 507] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 507] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 507] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 508 attached [pid 508] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 508] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 508] memfd_create("syzkaller", 0) = 3 [pid 508] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 311] <... umount2 resumed>) = 0 [ 45.294759][ T484] F2FS-fs (loop1): Found nat_bits in checkpoint [pid 311] umount2("./4/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] newfstatat(AT_FDCWD, "./4/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 311] umount2("./4/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 311] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 311] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 311] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 311] close(4) = 0 [pid 311] rmdir("./4/file0") = 0 [pid 311] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 311] close(3) = 0 [pid 311] rmdir("./4") = 0 [pid 311] mkdir("./5", 0777) = 0 [pid 311] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 311] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 311] close(3) = 0 [pid 311] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 509 [pid 501] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119./strace-static-x86_64: Process 509 attached [pid 509] set_robust_list(0x55555b716760, 24) = 0 [pid 509] chdir("./5") = 0 [pid 509] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 509] setpgid(0, 0) = 0 [pid 509] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 509] write(3, "1000", 4) = 4 [pid 509] close(3) = 0 [pid 509] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 509] write(1, "executing program\n", 18) = 18 [pid 509] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 509] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 509] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 509] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 509] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 509] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 509] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[510]}, 88) = 510 [pid 509] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 509] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 509] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 510 attached [pid 510] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 510] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 510] memfd_create("syzkaller", 0) = 3 [pid 510] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 501] <... write resumed>) = 20699119 [pid 501] munmap(0x7f5376fec000, 138412032) = 0 [pid 501] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 501] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 501] close(3) = 0 [pid 501] close(4) = 0 [pid 510] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 501] mkdir("./file0", 0777) = 0 [ 45.480514][ T484] F2FS-fs (loop1): Cannot turn on quotas: -2 on 0 [ 45.507992][ T484] F2FS-fs (loop1): Cannot turn on quotas: -2 on 1 [ 45.519947][ T484] F2FS-fs (loop1): Cannot turn on quotas: -2 on 2 [pid 501] mount("/dev/loop0", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 484] <... mount resumed>) = 0 [pid 484] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 484] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 505] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 508] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 484] <... openat resumed>) = 4 [ 45.528273][ T484] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [pid 484] ioctl(4, LOOP_CLR_FD) = 0 [pid 484] close(4) = 0 [pid 484] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 482] <... futex resumed>) = 0 [pid 484] fspick(AT_FDCWD, "./file0", 0 [pid 482] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 510] <... write resumed>) = 20699119 [pid 484] <... fspick resumed>) = 4 [pid 482] <... futex resumed>) = 0 [pid 484] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 482] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 510] munmap(0x7f5376fec000, 138412032 [pid 484] <... futex resumed>) = 0 [pid 482] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 510] <... munmap resumed>) = 0 [pid 484] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 482] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 510] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 482] <... futex resumed>) = 0 [pid 510] ioctl(4, LOOP_SET_FD, 3 [pid 482] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 510] <... ioctl resumed>) = 0 [pid 510] close(3) = 0 [pid 510] close(4 [pid 484] <... fsconfig resumed>) = 0 [pid 484] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 482] <... futex resumed>) = 0 [pid 484] openat(AT_FDCWD, "./file0", O_RDONLY [pid 482] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 484] <... openat resumed>) = 5 [pid 482] <... futex resumed>) = 0 [pid 484] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 482] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 484] <... futex resumed>) = 0 [pid 482] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 484] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 482] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 484] <... ioctl resumed>) = 0 [pid 482] <... futex resumed>) = 0 [pid 484] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 482] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 484] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 482] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 482] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 484] <... futex resumed>) = 0 [pid 482] <... futex resumed>) = 1 [pid 484] prlimit64(0, RLIMIT_RTPRIO, NULL, NULL) = 0 [pid 482] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 484] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 482] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 484] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 482] exit_group(0 [pid 484] <... futex resumed>) = ? [pid 482] <... exit_group resumed>) = ? [pid 484] +++ exited with 0 +++ [pid 482] +++ exited with 0 +++ [pid 308] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=482, si_uid=0, si_status=0, si_utime=6, si_stime=19} --- [pid 308] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 308] umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 308] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 308] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 308] umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 308] unlink("./5/binderfs") = 0 [pid 308] umount2("./5/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 510] <... close resumed>) = 0 [pid 510] mkdir("./file0", 0777) = 0 [ 45.601800][ T501] F2FS-fs (loop0): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 45.630278][ T501] F2FS-fs (loop0): Found nat_bits in checkpoint [pid 510] mount("/dev/loop4", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 508] <... write resumed>) = 20699119 [pid 508] munmap(0x7f5376fec000, 138412032) = 0 [pid 508] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 505] <... write resumed>) = 20699119 [pid 505] munmap(0x7f5376fec000, 138412032) = 0 [pid 505] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 501] <... mount resumed>) = 0 [pid 501] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 501] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 501] ioctl(4, LOOP_CLR_FD) = 0 [pid 501] close(4) = 0 [pid 501] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 498] <... futex resumed>) = 0 [pid 501] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 508] <... openat resumed>) = 4 [pid 498] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 508] ioctl(4, LOOP_SET_FD, 3 [pid 498] <... futex resumed>) = 1 [pid 501] <... futex resumed>) = 0 [pid 498] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 501] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 501] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 508] <... ioctl resumed>) = 0 [pid 508] close(3 [pid 498] <... futex resumed>) = 0 [pid 498] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 498] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 501] <... futex resumed>) = 1 [pid 501] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 508] <... close resumed>) = 0 [ 45.714499][ T501] F2FS-fs (loop0): Cannot turn on quotas: -2 on 0 [ 45.722285][ T501] F2FS-fs (loop0): Cannot turn on quotas: -2 on 1 [ 45.728770][ T501] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2 [ 45.735546][ T501] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [pid 508] close(4) = 0 [pid 508] mkdir("./file0", 0777 [pid 501] <... fsconfig resumed>) = 0 [pid 501] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 498] <... futex resumed>) = 0 [pid 501] openat(AT_FDCWD, "./file0", O_RDONLY [pid 498] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 501] <... openat resumed>) = 5 [pid 498] <... futex resumed>) = 0 [pid 501] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 498] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 501] <... futex resumed>) = 0 [pid 498] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 501] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 498] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 498] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 501] <... ioctl resumed>) = 0 [pid 508] <... mkdir resumed>) = 0 [pid 501] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 508] mount("/dev/loop3", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 501] <... futex resumed>) = 1 [pid 498] <... futex resumed>) = 0 [pid 501] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 498] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 501] <... prlimit64 resumed>NULL) = 0 [pid 498] <... futex resumed>) = 0 [pid 501] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 498] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 501] <... futex resumed>) = 0 [pid 498] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 501] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 498] exit_group(0 [pid 501] <... futex resumed>) = ? [pid 498] <... exit_group resumed>) = ? [pid 501] +++ exited with 0 +++ [pid 498] +++ exited with 0 +++ [pid 307] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=498, si_uid=0, si_status=0, si_utime=6, si_stime=13} --- [pid 307] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 307] umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 307] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 307] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 307] umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 307] unlink("./5/binderfs") = 0 [pid 307] umount2("./5/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 505] <... openat resumed>) = 4 [pid 505] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 505] close(3) = 0 [pid 505] close(4 [pid 308] <... umount2 resumed>) = 0 [pid 308] umount2("./5/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] newfstatat(AT_FDCWD, "./5/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 308] umount2("./5/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 308] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 308] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 308] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 308] close(4) = 0 [pid 308] rmdir("./5/file0") = 0 [pid 308] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 308] close(3) = 0 [pid 308] rmdir("./5") = 0 [pid 308] mkdir("./6", 0777) = 0 [ 45.757814][ T510] F2FS-fs (loop4): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 45.776899][ T508] F2FS-fs (loop3): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 45.797984][ T510] F2FS-fs (loop4): Found nat_bits in checkpoint [pid 308] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 505] <... close resumed>) = 0 [pid 505] mkdir("./file0", 0777 [pid 308] <... openat resumed>) = 3 [pid 505] <... mkdir resumed>) = 0 [pid 308] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 505] mount("/dev/loop2", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 308] close(3) = 0 [pid 308] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 525 ./strace-static-x86_64: Process 525 attached [pid 525] set_robust_list(0x55555b716760, 24) = 0 [pid 525] chdir("./6") = 0 [ 45.816457][ T508] F2FS-fs (loop3): Found nat_bits in checkpoint [pid 525] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 525] setpgid(0, 0) = 0 [pid 525] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 525] write(3, "1000", 4) = 4 [pid 525] close(3) = 0 [pid 525] symlink("/dev/binderfs", "./binderfs") = 0 [pid 525] write(1, "executing program\n", 18executing program ) = 18 [pid 525] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 525] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 525] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 525] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 525] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 525] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 525] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[526]}, 88) = 526 [pid 525] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 525] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 525] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 526 attached [pid 526] set_robust_list(0x7f537f40c9a0, 24 [pid 508] <... mount resumed>) = 0 [pid 526] <... set_robust_list resumed>) = 0 [pid 508] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 526] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 508] <... openat resumed>) = 3 [pid 526] memfd_create("syzkaller", 0 [pid 508] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 526] <... memfd_create resumed>) = 3 [pid 508] <... openat resumed>) = 4 [pid 526] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 508] ioctl(4, LOOP_CLR_FD [pid 526] <... mmap resumed>) = 0x7f5376fec000 [pid 508] <... ioctl resumed>) = 0 [ 45.867536][ T508] F2FS-fs (loop3): Cannot turn on quotas: -2 on 0 [ 45.874014][ T508] F2FS-fs (loop3): Cannot turn on quotas: -2 on 1 [ 45.881500][ T508] F2FS-fs (loop3): Cannot turn on quotas: -2 on 2 [ 45.882065][ T510] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0 [ 45.888110][ T508] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 45.902975][ T510] F2FS-fs (loop4): Cannot turn on quotas: -2 on 1 [ 45.910215][ T510] F2FS-fs (loop4): Cannot turn on quotas: -2 on 2 [pid 508] close(4) = 0 [pid 508] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 507] <... futex resumed>) = 0 [pid 508] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 507] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 508] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 507] <... futex resumed>) = 0 [pid 508] fspick(AT_FDCWD, "./file0", 0 [pid 507] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 508] <... fspick resumed>) = 4 [pid 508] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 507] <... futex resumed>) = 0 [pid 508] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 507] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 508] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 507] <... futex resumed>) = 0 [pid 508] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 507] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 508] <... fsconfig resumed>) = 0 [pid 508] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 507] <... futex resumed>) = 0 [pid 508] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 507] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 508] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 507] <... futex resumed>) = 0 [pid 508] openat(AT_FDCWD, "./file0", O_RDONLY [pid 507] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 508] <... openat resumed>) = 5 [pid 508] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 507] <... futex resumed>) = 0 [pid 508] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 507] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 508] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 507] <... futex resumed>) = 0 [pid 508] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 507] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 508] <... ioctl resumed>) = 0 [pid 508] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 507] <... futex resumed>) = 0 [pid 508] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 507] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 508] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 507] <... futex resumed>) = 0 [pid 508] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 507] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 508] <... prlimit64 resumed>NULL) = 0 [pid 508] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 507] <... futex resumed>) = 0 [pid 508] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 507] exit_group(0 [pid 508] <... futex resumed>) = ? [pid 507] <... exit_group resumed>) = ? [pid 508] +++ exited with 0 +++ [pid 507] +++ exited with 0 +++ [pid 310] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=507, si_uid=0, si_status=0, si_utime=4, si_stime=21} --- [pid 310] umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 310] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 310] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 310] umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 310] unlink("./5/binderfs") = 0 [ 45.918216][ T510] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 45.929529][ T505] F2FS-fs (loop2): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 310] umount2("./5/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 510] <... mount resumed>) = 0 [pid 510] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 510] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 307] <... umount2 resumed>) = 0 [pid 526] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 307] umount2("./5/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 510] <... openat resumed>) = 4 [ 45.959455][ T505] F2FS-fs (loop2): Found nat_bits in checkpoint [pid 510] ioctl(4, LOOP_CLR_FD) = 0 [pid 510] close(4) = 0 [pid 510] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 510] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 509] <... futex resumed>) = 0 [pid 509] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 510] <... futex resumed>) = 0 [pid 509] <... futex resumed>) = 1 [pid 510] fspick(AT_FDCWD, "./file0", 0 [pid 509] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 510] <... fspick resumed>) = 4 [pid 510] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 509] <... futex resumed>) = 0 [pid 510] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 509] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 509] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 307] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 307] newfstatat(AT_FDCWD, "./5/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 307] umount2("./5/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 307] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 307] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 307] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 307] close(4) = 0 [pid 307] rmdir("./5/file0") = 0 [pid 307] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 307] close(3) = 0 [pid 307] rmdir("./5") = 0 [pid 307] mkdir("./6", 0777) = 0 [pid 307] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 307] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 307] close(3) = 0 [pid 307] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 534 [pid 510] <... fsconfig resumed>) = 0 [pid 510] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 509] <... futex resumed>) = 0 [pid 510] openat(AT_FDCWD, "./file0", O_RDONLY [pid 509] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 510] <... openat resumed>) = 5 [pid 509] <... futex resumed>) = 0 [pid 510] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 509] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 510] <... futex resumed>) = 0 [pid 509] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 510] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 509] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 509] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 534 attached [pid 510] <... ioctl resumed>) = 0 [pid 510] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 509] <... futex resumed>) = 0 [pid 510] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 509] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 510] <... prlimit64 resumed>NULL) = 0 [pid 509] <... futex resumed>) = 0 [pid 510] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 509] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 510] <... futex resumed>) = 0 [pid 509] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 510] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 509] exit_group(0 [pid 510] <... futex resumed>) = ? [pid 509] <... exit_group resumed>) = ? [pid 510] +++ exited with 0 +++ [pid 534] set_robust_list(0x55555b716760, 24) = 0 [pid 509] +++ exited with 0 +++ [pid 311] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=509, si_uid=0, si_status=0, si_utime=4, si_stime=17} --- [pid 311] restart_syscall(<... resuming interrupted clone ...> [pid 534] chdir("./6") = 0 [pid 534] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 534] setpgid(0, 0) = 0 [pid 534] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 534] write(3, "1000", 4) = 4 [pid 534] close(3) = 0 [pid 534] symlink("/dev/binderfs", "./binderfs" [pid 311] <... restart_syscall resumed>) = 0 [pid 311] umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 311] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 311] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 311] umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 311] unlink("./5/binderfs") = 0 [pid 311] umount2("./5/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 534] <... symlink resumed>) = 0 [ 46.023407][ T505] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0 [ 46.039329][ T505] F2FS-fs (loop2): Cannot turn on quotas: -2 on 1 [ 46.046298][ T505] F2FS-fs (loop2): Cannot turn on quotas: -2 on 2 [pid 534] write(1, "executing program\n", 18executing program ) = 18 [pid 534] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 534] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 534] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 505] <... mount resumed>) = 0 [pid 534] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 534] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 534] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 534] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 534] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[535]}, 88) = 535 [pid 534] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 534] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 534] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 535 attached [pid 505] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 535] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 505] <... openat resumed>) = 3 [pid 535] rt_sigprocmask(SIG_SETMASK, [], [pid 505] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 535] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 535] memfd_create("syzkaller", 0) = 3 [pid 535] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 505] <... openat resumed>) = 4 [ 46.069458][ T505] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [pid 505] ioctl(4, LOOP_CLR_FD) = 0 [pid 505] close(4) = 0 [pid 505] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 503] <... futex resumed>) = 0 [pid 505] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 503] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 505] <... futex resumed>) = 0 [pid 503] <... futex resumed>) = 1 [pid 505] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 503] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 505] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 503] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 505] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 503] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 505] <... futex resumed>) = 0 [pid 503] <... futex resumed>) = 1 [pid 505] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 503] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 505] <... fsconfig resumed>) = 0 [pid 505] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 503] <... futex resumed>) = 0 [pid 505] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 503] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 505] <... futex resumed>) = 0 [pid 503] <... futex resumed>) = 1 [pid 505] openat(AT_FDCWD, "./file0", O_RDONLY) = 5 [pid 503] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 505] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 503] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 505] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 503] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 505] <... futex resumed>) = 0 [pid 503] <... futex resumed>) = 1 [pid 505] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 503] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 505] <... ioctl resumed>) = 0 [pid 505] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 503] <... futex resumed>) = 0 [pid 505] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 503] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 505] <... futex resumed>) = 0 [pid 503] <... futex resumed>) = 1 [pid 505] prlimit64(0, RLIMIT_RTPRIO, NULL, NULL) = 0 [pid 503] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 505] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 503] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 505] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 503] exit_group(0 [pid 505] <... futex resumed>) = ? [pid 503] <... exit_group resumed>) = ? [pid 505] +++ exited with 0 +++ [pid 503] +++ exited with 0 +++ [pid 309] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=503, si_uid=0, si_status=0, si_utime=6, si_stime=18} --- [pid 309] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 309] umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 309] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 309] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 309] umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 309] unlink("./5/binderfs") = 0 [pid 309] umount2("./5/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 526] <... write resumed>) = 20699119 [pid 526] munmap(0x7f5376fec000, 138412032) = 0 [pid 526] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 310] <... umount2 resumed>) = 0 [pid 310] umount2("./5/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] newfstatat(AT_FDCWD, "./5/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 310] umount2("./5/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 310] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 310] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 310] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 310] close(4) = 0 [pid 310] rmdir("./5/file0") = 0 [pid 310] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 310] close(3) = 0 [pid 310] rmdir("./5") = 0 [pid 310] mkdir("./6", 0777) = 0 [pid 310] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 535] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 526] <... openat resumed>) = 4 [pid 310] <... openat resumed>) = 3 [pid 526] ioctl(4, LOOP_SET_FD, 3 [pid 310] ioctl(3, LOOP_CLR_FD [pid 311] <... umount2 resumed>) = 0 [pid 526] <... ioctl resumed>) = 0 [pid 311] umount2("./5/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 310] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 526] close(3 [pid 311] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 526] <... close resumed>) = 0 [pid 311] newfstatat(AT_FDCWD, "./5/file0", [pid 526] close(4 [pid 311] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 526] <... close resumed>) = 0 [pid 311] umount2("./5/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 526] mkdir("./file0", 0777 [pid 311] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 310] close(3 [pid 526] <... mkdir resumed>) = 0 [pid 311] openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 310] <... close resumed>) = 0 [pid 526] mount("/dev/loop1", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 311] <... openat resumed>) = 4 [pid 310] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 311] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 311] getdents64(4, [pid 310] <... clone resumed>, child_tidptr=0x55555b716750) = 539 [pid 311] <... getdents64 resumed>0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 311] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 311] close(4) = 0 [pid 311] rmdir("./5/file0") = 0 [pid 311] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 311] close(3) = 0 [pid 311] rmdir("./5"./strace-static-x86_64: Process 539 attached ) = 0 [pid 311] mkdir("./6", 0777) = 0 [pid 311] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 539] set_robust_list(0x55555b716760, 24 [pid 311] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 311] close(3) = 0 [pid 311] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 540 [pid 539] <... set_robust_list resumed>) = 0 [pid 539] chdir("./6") = 0 [pid 539] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 539] setpgid(0, 0) = 0 [pid 539] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXECexecuting program ) = 3 [pid 539] write(3, "1000", 4) = 4 [pid 539] close(3) = 0 [pid 539] symlink("/dev/binderfs", "./binderfs") = 0 [pid 539] write(1, "executing program\n", 18) = 18 [pid 539] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 539] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 539] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 539] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 539] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 539] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 539] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[543]}, 88) = 543 [pid 539] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 539] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 539] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 540 attached [pid 540] set_robust_list(0x55555b716760, 24) = 0 [pid 540] chdir("./6") = 0 [pid 540] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 540] setpgid(0, 0) = 0 [pid 540] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 540] write(3, "1000", 4) = 4 [pid 540] close(3) = 0 ./strace-static-x86_64: Process 543 attached [pid 543] set_robust_list(0x7f537f40c9a0, 24 [pid 540] symlink("/dev/binderfs", "./binderfs" [pid 543] <... set_robust_list resumed>) = 0 [pid 540] <... symlink resumed>) = 0 [pid 543] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 543] memfd_create("syzkaller", 0) = 3 [pid 540] write(1, "executing program\n", 18executing program ) = 18 [pid 543] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 540] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 540] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 540] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 540] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 540] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 540] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 540] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[544]}, 88) = 544 [pid 540] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 540] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 540] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 544 attached [pid 544] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 544] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 544] memfd_create("syzkaller", 0) = 3 [pid 544] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [ 46.227009][ T526] F2FS-fs (loop1): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 46.260222][ T526] F2FS-fs (loop1): Found nat_bits in checkpoint [pid 526] <... mount resumed>) = 0 [pid 526] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 526] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 526] ioctl(4, LOOP_CLR_FD) = 0 [pid 526] close(4) = 0 [pid 526] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 525] <... futex resumed>) = 0 [pid 526] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 525] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 526] <... futex resumed>) = 0 [pid 525] <... futex resumed>) = 1 [pid 526] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 525] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 526] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 525] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 526] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 525] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 526] <... futex resumed>) = 0 [pid 525] <... futex resumed>) = 1 [pid 526] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 525] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 526] <... fsconfig resumed>) = 0 [pid 526] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 526] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 525] <... futex resumed>) = 0 [pid 525] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 526] <... futex resumed>) = 0 [pid 525] <... futex resumed>) = 1 [pid 526] openat(AT_FDCWD, "./file0", O_RDONLY) = 5 [pid 525] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 526] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 525] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 526] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 525] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 526] <... futex resumed>) = 0 [pid 525] <... futex resumed>) = 1 [pid 526] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 525] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 526] <... ioctl resumed>) = 0 [pid 526] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 525] <... futex resumed>) = 0 [pid 526] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 525] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 526] prlimit64(0, RLIMIT_RTPRIO, NULL, NULL) = 0 [pid 525] <... futex resumed>) = 0 [pid 526] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 525] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 526] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 525] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 525] exit_group(0) = ? [pid 526] <... futex resumed>) = ? [pid 526] +++ exited with 0 +++ [pid 525] +++ exited with 0 +++ [pid 308] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=525, si_uid=0, si_status=0, si_utime=6, si_stime=16} --- [pid 308] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 308] umount2("./6", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 308] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 308] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 308] umount2("./6/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] newfstatat(AT_FDCWD, "./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 308] unlink("./6/binderfs") = 0 [ 46.302476][ T526] F2FS-fs (loop1): Cannot turn on quotas: -2 on 0 [ 46.310138][ T526] F2FS-fs (loop1): Cannot turn on quotas: -2 on 1 [ 46.316848][ T526] F2FS-fs (loop1): Cannot turn on quotas: -2 on 2 [ 46.323563][ T526] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [pid 308] umount2("./6/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 543] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 309] <... umount2 resumed>) = 0 [pid 309] umount2("./5/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] newfstatat(AT_FDCWD, "./5/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 535] <... write resumed>) = 20699119 [pid 309] umount2("./5/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 309] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 309] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 309] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 309] close(4) = 0 [pid 309] rmdir("./5/file0") = 0 [pid 309] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 309] close(3) = 0 [pid 309] rmdir("./5") = 0 [pid 309] mkdir("./6", 0777 [pid 535] munmap(0x7f5376fec000, 138412032 [pid 309] <... mkdir resumed>) = 0 [pid 309] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 535] <... munmap resumed>) = 0 [pid 535] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 309] <... openat resumed>) = 3 [pid 535] ioctl(4, LOOP_SET_FD, 3 [pid 309] ioctl(3, LOOP_CLR_FD [pid 535] <... ioctl resumed>) = 0 [pid 535] close(3) = 0 [pid 535] close(4 [pid 543] <... write resumed>) = 20699119 [pid 543] munmap(0x7f5376fec000, 138412032) = 0 [pid 543] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 544] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 535] <... close resumed>) = 0 [pid 309] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 535] mkdir("./file0", 0777 [pid 543] <... openat resumed>) = 4 [pid 535] <... mkdir resumed>) = 0 [pid 309] close(3 [pid 535] mount("/dev/loop0", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 543] ioctl(4, LOOP_SET_FD, 3 [pid 309] <... close resumed>) = 0 [pid 309] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 549 ./strace-static-x86_64: Process 549 attached [pid 549] set_robust_list(0x55555b716760, 24) = 0 [pid 549] chdir("./6") = 0 [pid 549] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 549] setpgid(0, 0) = 0 [pid 549] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 543] <... ioctl resumed>) = 0 [pid 543] close(3) = 0 [pid 543] close(4 [pid 549] <... openat resumed>) = 3 [pid 549] write(3, "1000", 4 [pid 308] <... umount2 resumed>) = 0 [pid 308] umount2("./6/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] newfstatat(AT_FDCWD, "./6/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 308] umount2("./6/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 308] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 308] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 308] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 308] close(4) = 0 [pid 308] rmdir("./6/file0") = 0 [pid 308] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 308] close(3) = 0 [pid 308] rmdir("./6" [pid 549] <... write resumed>) = 4 [pid 308] <... rmdir resumed>) = 0 [pid 308] mkdir("./7", 0777 [pid 549] close(3 [pid 308] <... mkdir resumed>) = 0 [pid 308] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 549] <... close resumed>) = 0 executing program [pid 549] symlink("/dev/binderfs", "./binderfs") = 0 [pid 549] write(1, "executing program\n", 18) = 18 [pid 549] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 549] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 549] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 549] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 549] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 549] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 549] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[552]}, 88) = 552 [pid 549] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 549] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 549] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 552 attached [pid 552] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 552] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 552] memfd_create("syzkaller", 0) = 3 [pid 552] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 543] <... close resumed>) = 0 [pid 543] mkdir("./file0", 0777 [pid 308] <... openat resumed>) = 3 [ 46.505866][ T535] F2FS-fs (loop0): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 46.537939][ T535] F2FS-fs (loop0): Found nat_bits in checkpoint [pid 543] <... mkdir resumed>) = 0 [pid 308] ioctl(3, LOOP_CLR_FD [pid 543] mount("/dev/loop3", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 308] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 308] close(3) = 0 [pid 308] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 553 ./strace-static-x86_64: Process 553 attached [pid 553] set_robust_list(0x55555b716760, 24) = 0 [pid 553] chdir("./7") = 0 [pid 553] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 553] setpgid(0, 0 [pid 544] <... write resumed>) = 20699119 [pid 553] <... setpgid resumed>) = 0 [pid 553] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 544] munmap(0x7f5376fec000, 138412032 [pid 553] <... openat resumed>) = 3 [pid 553] write(3, "1000", 4) = 4 [pid 553] close(3) = 0 [pid 553] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 553] write(1, "executing program\n", 18) = 18 [pid 553] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 544] <... munmap resumed>) = 0 [pid 553] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 544] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 553] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 544] <... openat resumed>) = 4 [pid 553] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 544] ioctl(4, LOOP_SET_FD, 3 [pid 553] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 553] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 553] rt_sigprocmask(SIG_BLOCK, ~[], [pid 544] <... ioctl resumed>) = 0 [pid 553] <... rt_sigprocmask resumed>[], 8) = 0 [pid 544] close(3 [pid 553] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} [pid 544] <... close resumed>) = 0 [pid 544] close(4 [pid 553] <... clone3 resumed> => {parent_tid=[555]}, 88) = 555 [pid 553] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 553] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 553] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 555 attached [pid 555] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 555] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 555] memfd_create("syzkaller", 0) = 3 [pid 555] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [ 46.594512][ T543] F2FS-fs (loop3): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 552] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 544] <... close resumed>) = 0 [pid 544] mkdir("./file0", 0777) = 0 [ 46.646717][ T543] F2FS-fs (loop3): Found nat_bits in checkpoint [ 46.681452][ T535] F2FS-fs (loop0): Cannot turn on quotas: -2 on 0 [ 46.688749][ T535] F2FS-fs (loop0): Cannot turn on quotas: -2 on 1 [ 46.696782][ T544] F2FS-fs (loop4): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 46.736807][ T544] F2FS-fs (loop4): Found nat_bits in checkpoint [pid 544] mount("/dev/loop4", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 552] <... write resumed>) = 20699119 [pid 552] munmap(0x7f5376fec000, 138412032) = 0 [pid 552] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 552] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 552] close(3) = 0 [pid 552] close(4) = 0 [pid 552] mkdir("./file0", 0777) = 0 [ 46.755146][ T535] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2 [ 46.770439][ T543] F2FS-fs (loop3): Cannot turn on quotas: -2 on 0 [ 46.777374][ T543] F2FS-fs (loop3): Cannot turn on quotas: -2 on 1 [ 46.784323][ T543] F2FS-fs (loop3): Cannot turn on quotas: -2 on 2 [ 46.791278][ T535] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [pid 552] mount("/dev/loop2", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 543] <... mount resumed>) = 0 [pid 535] <... mount resumed>) = 0 [pid 535] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 535] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 535] ioctl(4, LOOP_CLR_FD) = 0 [pid 535] close(4 [pid 543] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 543] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 543] ioctl(4, LOOP_CLR_FD) = 0 [pid 543] close(4) = 0 [pid 543] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 539] <... futex resumed>) = 0 [pid 543] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 539] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 543] <... futex resumed>) = 0 [pid 539] <... futex resumed>) = 1 [pid 543] fspick(AT_FDCWD, "./file0", 0 [pid 539] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 543] <... fspick resumed>) = 4 [pid 543] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 539] <... futex resumed>) = 0 [pid 543] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 539] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 543] <... futex resumed>) = 0 [pid 539] <... futex resumed>) = 1 [pid 543] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 539] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 555] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 535] <... close resumed>) = 0 [pid 535] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 534] <... futex resumed>) = 0 [pid 534] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 534] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 535] <... futex resumed>) = 1 [pid 535] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 535] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 534] <... futex resumed>) = 0 [pid 534] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 534] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 535] <... futex resumed>) = 1 [pid 535] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = 0 [pid 535] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 534] <... futex resumed>) = 0 [pid 534] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 534] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 535] <... futex resumed>) = 1 [ 46.791817][ T543] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 46.808030][ T552] F2FS-fs (loop2): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 535] openat(AT_FDCWD, "./file0", O_RDONLY) = 5 [pid 535] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 534] <... futex resumed>) = 0 [pid 534] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 534] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 535] <... futex resumed>) = 1 [pid 535] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140) = 0 [pid 535] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 534] <... futex resumed>) = 0 [pid 534] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 534] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 535] <... futex resumed>) = 1 [pid 535] prlimit64(0, RLIMIT_RTPRIO, NULL, NULL) = 0 [pid 535] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 534] <... futex resumed>) = 0 [pid 534] exit_group(0) = ? [pid 535] <... futex resumed>) = ? [pid 535] +++ exited with 0 +++ [pid 534] +++ exited with 0 +++ [pid 307] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=534, si_uid=0, si_status=0, si_utime=4, si_stime=20} --- [pid 307] restart_syscall(<... resuming interrupted clone ...> [pid 543] <... fsconfig resumed>) = 0 [pid 543] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 539] <... futex resumed>) = 0 [pid 543] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 539] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 543] <... futex resumed>) = 0 [pid 539] <... futex resumed>) = 1 [pid 543] openat(AT_FDCWD, "./file0", O_RDONLY [pid 539] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 543] <... openat resumed>) = 5 [pid 543] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 539] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 543] <... futex resumed>) = 0 [pid 543] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 539] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 543] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 543] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 539] <... futex resumed>) = 0 [pid 539] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 543] <... ioctl resumed>) = 0 [pid 543] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 539] <... futex resumed>) = 0 [pid 543] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 539] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 543] <... prlimit64 resumed>NULL) = 0 [pid 539] <... futex resumed>) = 0 [pid 539] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 543] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 539] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 543] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 539] exit_group(0) = ? [pid 543] <... futex resumed>) = ? [pid 543] +++ exited with 0 +++ [pid 539] +++ exited with 0 +++ [pid 310] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=539, si_uid=0, si_status=0, si_utime=5, si_stime=18} --- [pid 310] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 307] <... restart_syscall resumed>) = 0 [pid 310] umount2("./6", MNT_FORCE|UMOUNT_NOFOLLOW [pid 307] umount2("./6", MNT_FORCE|UMOUNT_NOFOLLOW [pid 310] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 307] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 310] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 307] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 310] <... openat resumed>) = 3 [pid 307] <... openat resumed>) = 3 [pid 310] newfstatat(3, "", [pid 307] newfstatat(3, "", [pid 310] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 307] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 310] getdents64(3, [pid 307] getdents64(3, [pid 310] <... getdents64 resumed>0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 307] <... getdents64 resumed>0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 310] umount2("./6/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 307] umount2("./6/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 310] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 307] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 310] newfstatat(AT_FDCWD, "./6/binderfs", [pid 307] newfstatat(AT_FDCWD, "./6/binderfs", [pid 310] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 307] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 310] unlink("./6/binderfs" [pid 307] unlink("./6/binderfs" [pid 310] <... unlink resumed>) = 0 [pid 307] <... unlink resumed>) = 0 [pid 310] umount2("./6/file0", MNT_FORCE|UMOUNT_NOFOLLOW [ 46.846640][ T552] F2FS-fs (loop2): Found nat_bits in checkpoint [ 46.873194][ T544] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0 [ 46.882982][ T544] F2FS-fs (loop4): Cannot turn on quotas: -2 on 1 [pid 307] umount2("./6/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 544] <... mount resumed>) = 0 [pid 544] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [ 46.890536][ T544] F2FS-fs (loop4): Cannot turn on quotas: -2 on 2 [ 46.897589][ T544] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [pid 544] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 555] <... write resumed>) = 20699119 [pid 555] munmap(0x7f5376fec000, 138412032) = 0 [pid 544] <... openat resumed>) = 4 [pid 310] <... umount2 resumed>) = 0 [pid 555] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 544] ioctl(4, LOOP_CLR_FD [pid 310] umount2("./6/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 552] <... mount resumed>) = 0 [pid 555] <... openat resumed>) = 4 [pid 544] <... ioctl resumed>) = 0 [pid 555] ioctl(4, LOOP_SET_FD, 3 [pid 552] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 544] close(4 [pid 310] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 552] <... openat resumed>) = 3 [pid 310] newfstatat(AT_FDCWD, "./6/file0", [pid 552] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 310] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 310] umount2("./6/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 310] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 310] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 310] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 310] close(4 [pid 555] <... ioctl resumed>) = 0 [pid 544] <... close resumed>) = 0 [pid 555] close(3 [pid 552] <... openat resumed>) = 4 [pid 544] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 310] <... close resumed>) = 0 [pid 555] <... close resumed>) = 0 [pid 552] ioctl(4, LOOP_CLR_FD [pid 544] <... futex resumed>) = 1 [pid 310] rmdir("./6/file0" [pid 555] close(4 [pid 552] <... ioctl resumed>) = 0 [pid 544] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 552] close(4 [pid 540] <... futex resumed>) = 0 [pid 310] <... rmdir resumed>) = 0 [pid 540] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 310] getdents64(3, [pid 544] <... futex resumed>) = 0 [pid 540] <... futex resumed>) = 1 [pid 310] <... getdents64 resumed>0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 544] fspick(AT_FDCWD, "./file0", 0 [pid 540] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 544] <... fspick resumed>) = 4 [pid 310] close(3 [pid 544] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 310] <... close resumed>) = 0 [pid 544] <... futex resumed>) = 1 [pid 540] <... futex resumed>) = 0 [pid 310] rmdir("./6" [pid 544] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 540] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 544] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 540] <... futex resumed>) = 0 [pid 310] <... rmdir resumed>) = 0 [pid 544] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 540] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 310] mkdir("./7", 0777) = 0 [pid 310] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 544] <... fsconfig resumed>) = 0 [pid 544] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 544] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 540] <... futex resumed>) = 0 [pid 540] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 544] <... futex resumed>) = 0 [pid 540] <... futex resumed>) = 1 [pid 544] openat(AT_FDCWD, "./file0", O_RDONLY [pid 540] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 544] <... openat resumed>) = 5 [pid 544] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 540] <... futex resumed>) = 0 [pid 544] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 540] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 544] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 540] <... futex resumed>) = 0 [pid 544] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 540] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 544] <... ioctl resumed>) = 0 [pid 544] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 540] <... futex resumed>) = 0 [pid 544] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 540] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 544] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 540] <... futex resumed>) = 0 [pid 544] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 540] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 544] <... prlimit64 resumed>NULL) = 0 [pid 544] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 540] <... futex resumed>) = 0 [pid 544] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 540] exit_group(0 [pid 544] <... futex resumed>) = ? [pid 540] <... exit_group resumed>) = ? [pid 544] +++ exited with 0 +++ [pid 540] +++ exited with 0 +++ [pid 311] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=540, si_uid=0, si_status=0, si_utime=6, si_stime=15} --- [pid 311] umount2("./6", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 311] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 311] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 311] umount2("./6/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] newfstatat(AT_FDCWD, "./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 311] unlink("./6/binderfs") = 0 [pid 311] umount2("./6/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 307] <... umount2 resumed>) = 0 [pid 555] <... close resumed>) = 0 [pid 552] <... close resumed>) = 0 [pid 310] <... openat resumed>) = 3 [pid 307] umount2("./6/file0", MNT_FORCE|UMOUNT_NOFOLLOW [ 46.962123][ T552] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0 [ 46.972041][ T552] F2FS-fs (loop2): Cannot turn on quotas: -2 on 1 [ 46.990855][ T552] F2FS-fs (loop2): Cannot turn on quotas: -2 on 2 [ 46.998065][ T552] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [pid 555] mkdir("./file0", 0777 [pid 552] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 310] ioctl(3, LOOP_CLR_FD [pid 555] <... mkdir resumed>) = 0 [pid 552] <... futex resumed>) = 1 [pid 310] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 555] mount("/dev/loop1", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 552] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 310] close(3 [pid 549] <... futex resumed>) = 0 [pid 549] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 549] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 552] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 310] <... close resumed>) = 0 [pid 552] fspick(AT_FDCWD, "./file0", 0 [pid 310] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 307] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 552] <... fspick resumed>) = 4 [pid 552] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 310] <... clone resumed>, child_tidptr=0x55555b716750) = 573 [pid 307] newfstatat(AT_FDCWD, "./6/file0", [pid 552] <... futex resumed>) = 1 [pid 552] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 549] <... futex resumed>) = 0 [pid 307] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 307] umount2("./6/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 549] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 552] <... futex resumed>) = 0 [pid 549] <... futex resumed>) = 1 [pid 307] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 552] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 549] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 307] openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 307] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 307] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 307] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 307] close(4) = 0 [pid 307] rmdir("./6/file0") = 0 [pid 307] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 307] close(3) = 0 [pid 307] rmdir("./6") = 0 [pid 307] mkdir("./7", 0777) = 0 [pid 307] openat(AT_FDCWD, "/dev/loop0", O_RDWR./strace-static-x86_64: Process 573 attached [pid 552] <... fsconfig resumed>) = 0 [pid 573] set_robust_list(0x55555b716760, 24 [pid 552] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 573] <... set_robust_list resumed>) = 0 [pid 573] chdir("./7") = 0 [pid 573] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 573] setpgid(0, 0) = 0 [pid 573] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 573] write(3, "1000", 4) = 4 [pid 573] close(3) = 0 [pid 573] symlink("/dev/binderfs", "./binderfs") = 0 [pid 573] write(1, "executing program\n", 18executing program ) = 18 [pid 552] <... futex resumed>) = 1 [pid 549] <... futex resumed>) = 0 [pid 552] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 549] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 552] <... futex resumed>) = 0 [pid 549] <... futex resumed>) = 1 [pid 552] openat(AT_FDCWD, "./file0", O_RDONLY [pid 549] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 552] <... openat resumed>) = 5 [pid 552] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 549] <... futex resumed>) = 0 [pid 552] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 549] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 552] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 549] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 552] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 573] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 552] <... ioctl resumed>) = 0 [pid 552] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 549] <... futex resumed>) = 0 [pid 552] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 549] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 552] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 549] <... futex resumed>) = 0 [pid 552] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 549] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 552] <... prlimit64 resumed>NULL) = 0 [pid 552] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 549] <... futex resumed>) = 0 [pid 552] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 549] exit_group(0) = ? [pid 552] <... futex resumed>) = ? [pid 573] <... futex resumed>) = 0 [pid 573] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, [pid 552] +++ exited with 0 +++ [pid 549] +++ exited with 0 +++ [pid 309] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=549, si_uid=0, si_status=0, si_utime=7, si_stime=16} --- [pid 309] restart_syscall(<... resuming interrupted clone ...> [pid 573] <... rt_sigaction resumed>NULL, 8) = 0 [pid 573] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 573] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 573] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 573] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 573] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[576]}, 88) = 576 [pid 573] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 573] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 573] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 576 attached [pid 576] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 576] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 576] memfd_create("syzkaller", 0) = 3 [pid 576] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 309] <... restart_syscall resumed>) = 0 [pid 309] umount2("./6", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 309] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 309] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 309] umount2("./6/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] newfstatat(AT_FDCWD, "./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 309] unlink("./6/binderfs") = 0 [ 47.045454][ T555] F2FS-fs (loop1): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 47.063403][ T555] F2FS-fs (loop1): Found nat_bits in checkpoint [pid 309] umount2("./6/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 307] <... openat resumed>) = 3 [ 47.106664][ T555] F2FS-fs (loop1): Cannot turn on quotas: -2 on 0 [ 47.127582][ T555] F2FS-fs (loop1): Cannot turn on quotas: -2 on 1 [ 47.139366][ T555] F2FS-fs (loop1): Cannot turn on quotas: -2 on 2 [pid 307] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 307] close(3) = 0 [pid 307] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 577 [pid 311] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 577 attached [pid 311] umount2("./6/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 577] set_robust_list(0x55555b716760, 24 [pid 311] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 577] <... set_robust_list resumed>) = 0 [pid 311] newfstatat(AT_FDCWD, "./6/file0", [pid 577] chdir("./7" [pid 311] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 577] <... chdir resumed>) = 0 [pid 311] umount2("./6/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 577] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 311] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 577] setpgid(0, 0 [pid 311] openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 577] <... setpgid resumed>) = 0 [pid 577] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 311] <... openat resumed>) = 4 [pid 577] <... openat resumed>) = 3 [pid 311] newfstatat(4, "", [pid 577] write(3, "1000", 4 [pid 311] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 577] <... write resumed>) = 4 [pid 311] getdents64(4, [pid 577] close(3) = 0 [pid 311] <... getdents64 resumed>0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 577] symlink("/dev/binderfs", "./binderfs" [pid 311] getdents64(4, executing program [pid 577] <... symlink resumed>) = 0 [pid 311] <... getdents64 resumed>0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 577] write(1, "executing program\n", 18 [pid 311] close(4 [pid 577] <... write resumed>) = 18 [pid 311] <... close resumed>) = 0 [pid 577] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 311] rmdir("./6/file0" [pid 577] <... futex resumed>) = 0 [pid 555] <... mount resumed>) = 0 [pid 311] <... rmdir resumed>) = 0 [pid 577] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, [pid 311] getdents64(3, [pid 577] <... rt_sigaction resumed>NULL, 8) = 0 [pid 577] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 311] <... getdents64 resumed>0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 577] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 311] close(3 [pid 577] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 311] <... close resumed>) = 0 [pid 577] <... mmap resumed>) = 0x7f537f3ec000 [pid 311] rmdir("./6" [pid 577] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE [pid 555] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 577] <... mprotect resumed>) = 0 [pid 311] <... rmdir resumed>) = 0 [pid 577] rt_sigprocmask(SIG_BLOCK, ~[], [pid 311] mkdir("./7", 0777 [pid 577] <... rt_sigprocmask resumed>[], 8) = 0 [pid 555] <... openat resumed>) = 3 [pid 577] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} [pid 311] <... mkdir resumed>) = 0 [pid 311] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 577] <... clone3 resumed> => {parent_tid=[578]}, 88) = 578 [pid 311] <... openat resumed>) = 3 [pid 577] rt_sigprocmask(SIG_SETMASK, [], [pid 311] ioctl(3, LOOP_CLR_FD [pid 577] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 311] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 577] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 311] close(3 [pid 577] <... futex resumed>) = 0 [pid 577] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 311] <... close resumed>) = 0 [pid 311] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 579 [pid 555] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 555] ioctl(4, LOOP_CLR_FD) = 0 [pid 555] close(4) = 0 [pid 576] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 555] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 553] <... futex resumed>) = 0 [pid 553] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 553] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 555] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 555] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 553] <... futex resumed>) = 0 [pid 553] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 553] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 555] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0./strace-static-x86_64: Process 578 attached ./strace-static-x86_64: Process 579 attached [pid 578] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 579] set_robust_list(0x55555b716760, 24 [pid 578] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 578] memfd_create("syzkaller", 0 [pid 579] <... set_robust_list resumed>) = 0 [pid 579] chdir("./7") = 0 [pid 578] <... memfd_create resumed>) = 3 [pid 579] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 579] setpgid(0, 0 [pid 578] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 579] <... setpgid resumed>) = 0 [pid 579] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 579] write(3, "1000", 4) = 4 [pid 579] close(3) = 0 [ 47.156760][ T555] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [pid 579] symlink("/dev/binderfs", "./binderfs") = 0 [pid 555] <... fsconfig resumed>) = 0 [pid 555] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 553] <... futex resumed>) = 0 [pid 555] openat(AT_FDCWD, "./file0", O_RDONLY [pid 553] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 555] <... openat resumed>) = 5 [pid 553] <... futex resumed>) = 0 [pid 555] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 553] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 555] <... futex resumed>) = 0 [pid 553] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 555] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 553] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 553] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 555] <... ioctl resumed>) = 0 [pid 555] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 553] <... futex resumed>) = 0 [pid 553] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 555] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 553] <... futex resumed>) = 0 [pid 555] <... prlimit64 resumed>NULL) = 0 [pid 553] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 555] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 553] <... futex resumed>) = 0 [pid 555] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 553] exit_group(0 [pid 555] <... futex resumed>) = ? [pid 553] <... exit_group resumed>) = ? [pid 555] +++ exited with 0 +++ [pid 579] write(1, "executing program\n", 18executing program ) = 18 [pid 553] +++ exited with 0 +++ [pid 308] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=553, si_uid=0, si_status=0, si_utime=4, si_stime=16} --- [pid 308] restart_syscall(<... resuming interrupted clone ...> [pid 579] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 579] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 579] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 308] <... restart_syscall resumed>) = 0 [pid 308] umount2("./7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 308] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 308] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 308] umount2("./7/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] newfstatat(AT_FDCWD, "./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 308] unlink("./7/binderfs") = 0 [pid 308] umount2("./7/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 579] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 579] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 579] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 579] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[582]}, 88) = 582 [pid 579] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 579] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 579] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 582 attached [pid 582] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 582] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 582] memfd_create("syzkaller", 0) = 3 [pid 582] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 309] <... umount2 resumed>) = 0 [pid 309] umount2("./6/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] newfstatat(AT_FDCWD, "./6/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 309] umount2("./6/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 309] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 309] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 309] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 309] close(4) = 0 [pid 309] rmdir("./6/file0") = 0 [pid 309] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 309] close(3) = 0 [pid 309] rmdir("./6") = 0 [pid 309] mkdir("./7", 0777) = 0 [pid 309] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 309] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 309] close(3) = 0 [pid 309] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 583 ./strace-static-x86_64: Process 583 attached [pid 583] set_robust_list(0x55555b716760, 24) = 0 [pid 583] chdir("./7") = 0 [pid 583] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 583] setpgid(0, 0) = 0 [pid 583] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 583] write(3, "1000", 4) = 4 [pid 583] close(3) = 0 [pid 583] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 583] write(1, "executing program\n", 18) = 18 [pid 583] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 583] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 583] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 583] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 583] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 583] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 583] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[584]}, 88) = 584 [pid 583] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 583] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 583] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 584 attached [pid 584] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 584] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 584] memfd_create("syzkaller", 0) = 3 [pid 584] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 576] <... write resumed>) = 20699119 [pid 576] munmap(0x7f5376fec000, 138412032) = 0 [pid 576] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 576] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 576] close(3) = 0 [pid 576] close(4 [pid 578] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 576] <... close resumed>) = 0 [pid 576] mkdir("./file0", 0777) = 0 [pid 576] mount("/dev/loop3", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 308] <... umount2 resumed>) = 0 [pid 308] umount2("./7/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] newfstatat(AT_FDCWD, "./7/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 308] umount2("./7/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 308] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 308] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 308] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 308] close(4) = 0 [pid 308] rmdir("./7/file0") = 0 [pid 308] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 308] close(3) = 0 [pid 308] rmdir("./7") = 0 [pid 308] mkdir("./8", 0777) = 0 [pid 308] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 308] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 308] close(3) = 0 [ 47.396859][ T576] F2FS-fs (loop3): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 308] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 588 [pid 578] <... write resumed>) = 20699119 ./strace-static-x86_64: Process 588 attached [pid 588] set_robust_list(0x55555b716760, 24 [pid 578] munmap(0x7f5376fec000, 138412032 [pid 588] <... set_robust_list resumed>) = 0 [pid 578] <... munmap resumed>) = 0 [pid 588] chdir("./8" [pid 578] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 588] <... chdir resumed>) = 0 [pid 588] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 578] <... openat resumed>) = 4 [pid 588] <... prctl resumed>) = 0 [pid 578] ioctl(4, LOOP_SET_FD, 3 [pid 588] setpgid(0, 0) = 0 [pid 588] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 588] write(3, "1000", 4) = 4 [pid 588] close(3) = 0 [pid 588] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 588] write(1, "executing program\n", 18) = 18 [pid 588] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 578] <... ioctl resumed>) = 0 [pid 588] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, [pid 578] close(3 [pid 588] <... rt_sigaction resumed>NULL, 8) = 0 [pid 578] <... close resumed>) = 0 [pid 588] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 578] close(4 [pid 588] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 588] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 588] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 588] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 588] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[590]}, 88) = 590 [pid 588] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 588] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 588] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 590 attached [pid 590] set_robust_list(0x7f537f40c9a0, 24 [pid 582] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 590] <... set_robust_list resumed>) = 0 [pid 590] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 590] memfd_create("syzkaller", 0) = 3 [pid 590] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 578] <... close resumed>) = 0 [pid 578] mkdir("./file0", 0777) = 0 [ 47.451392][ T576] F2FS-fs (loop3): Found nat_bits in checkpoint [pid 578] mount("/dev/loop0", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 582] <... write resumed>) = 20699119 [pid 582] munmap(0x7f5376fec000, 138412032) = 0 [pid 582] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 582] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 582] close(3) = 0 [pid 582] close(4) = 0 [pid 582] mkdir("./file0", 0777) = 0 [pid 582] mount("/dev/loop4", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [ 47.554487][ T578] F2FS-fs (loop0): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 47.574041][ T576] F2FS-fs (loop3): Cannot turn on quotas: -2 on 0 [ 47.581425][ T576] F2FS-fs (loop3): Cannot turn on quotas: -2 on 1 [ 47.589691][ T582] F2FS-fs (loop4): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 584] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 576] <... mount resumed>) = 0 [pid 576] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 576] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 576] ioctl(4, LOOP_CLR_FD) = 0 [pid 576] close(4 [pid 590] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 576] <... close resumed>) = 0 [pid 576] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 573] <... futex resumed>) = 0 [pid 573] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 573] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 576] <... futex resumed>) = 1 [pid 576] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 576] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 573] <... futex resumed>) = 0 [pid 573] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 573] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 576] <... futex resumed>) = 1 [ 47.593674][ T576] F2FS-fs (loop3): Cannot turn on quotas: -2 on 2 [ 47.607923][ T578] F2FS-fs (loop0): Found nat_bits in checkpoint [ 47.629066][ T576] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 47.629167][ T582] F2FS-fs (loop4): Found nat_bits in checkpoint [pid 576] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = 0 [pid 576] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 573] <... futex resumed>) = 0 [pid 573] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 573] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 576] <... futex resumed>) = 1 [pid 576] openat(AT_FDCWD, "./file0", O_RDONLY) = 5 [pid 576] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 573] <... futex resumed>) = 0 [pid 573] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 573] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 576] <... futex resumed>) = 1 [pid 576] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140) = 0 [pid 576] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 573] <... futex resumed>) = 0 [pid 573] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 573] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 576] <... futex resumed>) = 1 [pid 576] prlimit64(0, RLIMIT_RTPRIO, NULL, NULL) = 0 [pid 576] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 573] <... futex resumed>) = 0 [pid 573] exit_group(0) = ? [pid 576] <... futex resumed>) = ? [pid 576] +++ exited with 0 +++ [pid 573] +++ exited with 0 +++ [pid 310] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=573, si_uid=0, si_status=0, si_utime=6, si_stime=17} --- [pid 310] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 310] umount2("./7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 310] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 310] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 310] umount2("./7/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] newfstatat(AT_FDCWD, "./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 310] unlink("./7/binderfs") = 0 [pid 310] umount2("./7/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 582] <... mount resumed>) = 0 [pid 582] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 582] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 582] ioctl(4, LOOP_CLR_FD) = 0 [pid 582] close(4) = 0 [pid 582] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 579] <... futex resumed>) = 0 [pid 582] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 579] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 582] <... futex resumed>) = 0 [pid 579] <... futex resumed>) = 1 [pid 582] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 579] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 582] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 579] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 582] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 579] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 582] <... futex resumed>) = 0 [pid 579] <... futex resumed>) = 1 [pid 582] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 579] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 582] <... fsconfig resumed>) = 0 [pid 582] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 582] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 579] <... futex resumed>) = 0 [pid 579] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 582] <... futex resumed>) = 0 [pid 579] <... futex resumed>) = 1 [pid 582] openat(AT_FDCWD, "./file0", O_RDONLY [pid 579] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 582] <... openat resumed>) = 5 [pid 582] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 579] <... futex resumed>) = 0 [pid 582] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 579] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 582] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 579] <... futex resumed>) = 0 [pid 582] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 579] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 582] <... ioctl resumed>) = 0 [pid 582] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 579] <... futex resumed>) = 0 [pid 582] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 579] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 582] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 579] <... futex resumed>) = 0 [pid 582] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 579] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 582] <... prlimit64 resumed>NULL) = 0 [pid 582] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 579] <... futex resumed>) = 0 [pid 582] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 579] exit_group(0 [pid 582] <... futex resumed>) = ? [pid 579] <... exit_group resumed>) = ? [pid 582] +++ exited with 0 +++ [pid 579] +++ exited with 0 +++ [pid 311] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=579, si_uid=0, si_status=0, si_utime=8, si_stime=18} --- [pid 311] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 311] umount2("./7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 311] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 311] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 311] umount2("./7/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] newfstatat(AT_FDCWD, "./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 311] unlink("./7/binderfs") = 0 [ 47.742492][ T582] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0 [ 47.750097][ T582] F2FS-fs (loop4): Cannot turn on quotas: -2 on 1 [ 47.757352][ T582] F2FS-fs (loop4): Cannot turn on quotas: -2 on 2 [ 47.758152][ T578] F2FS-fs (loop0): Cannot turn on quotas: -2 on 0 [ 47.764670][ T582] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [pid 311] umount2("./7/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 310] <... umount2 resumed>) = 0 [pid 310] umount2("./7/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] newfstatat(AT_FDCWD, "./7/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 310] umount2("./7/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 310] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 310] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 310] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 310] close(4) = 0 [pid 310] rmdir("./7/file0") = 0 [pid 310] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 310] close(3) = 0 [pid 310] rmdir("./7") = 0 [pid 310] mkdir("./8", 0777) = 0 [pid 310] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 310] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 310] close(3) = 0 [pid 310] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 600 ./strace-static-x86_64: Process 600 attached [pid 600] set_robust_list(0x55555b716760, 24 [pid 578] <... mount resumed>) = 0 [pid 600] <... set_robust_list resumed>) = 0 [pid 578] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 600] chdir("./8" [pid 578] <... openat resumed>) = 3 [pid 600] <... chdir resumed>) = 0 [pid 578] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 600] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 578] <... openat resumed>) = 4 [pid 600] setpgid(0, 0) = 0 [pid 578] ioctl(4, LOOP_CLR_FD [pid 600] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 578] <... ioctl resumed>) = 0 [pid 600] <... openat resumed>) = 3 [pid 578] close(4 [pid 600] write(3, "1000", 4 [pid 578] <... close resumed>) = 0 [pid 600] <... write resumed>) = 4 [pid 578] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 600] close(3 [pid 578] <... futex resumed>) = 1 [pid 577] <... futex resumed>) = 0 [pid 600] <... close resumed>) = 0 [pid 578] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 600] symlink("/dev/binderfs", "./binderfs" [pid 577] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 578] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [ 47.825448][ T578] F2FS-fs (loop0): Cannot turn on quotas: -2 on 1 [ 47.853138][ T578] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2 [ 47.861285][ T578] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 executing program [pid 600] <... symlink resumed>) = 0 [pid 578] fspick(AT_FDCWD, "./file0", 0 [pid 577] <... futex resumed>) = 0 [pid 600] write(1, "executing program\n", 18 [pid 578] <... fspick resumed>) = 4 [pid 577] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 600] <... write resumed>) = 18 [pid 578] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 577] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 600] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 578] <... futex resumed>) = 0 [pid 577] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 600] <... futex resumed>) = 0 [pid 578] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 577] <... futex resumed>) = 0 [pid 600] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, [pid 577] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 600] <... rt_sigaction resumed>NULL, 8) = 0 [pid 600] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 600] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 600] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 600] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 600] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[603]}, 88) = 603 [pid 600] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 600] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 600] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 603 attached [pid 578] <... fsconfig resumed>) = 0 [pid 578] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 577] <... futex resumed>) = 0 [pid 578] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 577] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 578] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 577] <... futex resumed>) = 0 [pid 578] openat(AT_FDCWD, "./file0", O_RDONLY [pid 577] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 578] <... openat resumed>) = 5 [pid 578] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 577] <... futex resumed>) = 0 [pid 578] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 577] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 578] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 577] <... futex resumed>) = 0 [pid 578] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 577] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 603] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 578] <... ioctl resumed>) = 0 [pid 578] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 577] <... futex resumed>) = 0 [pid 578] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 577] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 578] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 577] <... futex resumed>) = 0 [pid 578] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 577] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 578] <... prlimit64 resumed>NULL) = 0 [pid 578] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 577] <... futex resumed>) = 0 [pid 578] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 577] exit_group(0 [pid 578] <... futex resumed>) = ? [pid 577] <... exit_group resumed>) = ? [pid 578] +++ exited with 0 +++ [pid 603] rt_sigprocmask(SIG_SETMASK, [], [pid 577] +++ exited with 0 +++ [pid 603] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 307] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=577, si_uid=0, si_status=0, si_utime=5, si_stime=17} --- [pid 307] restart_syscall(<... resuming interrupted clone ...> [pid 603] memfd_create("syzkaller", 0) = 3 [pid 603] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 311] <... umount2 resumed>) = 0 [pid 311] umount2("./7/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] newfstatat(AT_FDCWD, "./7/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 311] umount2("./7/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] <... restart_syscall resumed>) = 0 [pid 311] openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 307] umount2("./7", MNT_FORCE|UMOUNT_NOFOLLOW [pid 311] newfstatat(4, "", [pid 307] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 311] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 307] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 311] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 307] <... openat resumed>) = 3 [pid 584] <... write resumed>) = 20699119 [pid 311] getdents64(4, [pid 307] newfstatat(3, "", [pid 584] munmap(0x7f5376fec000, 138412032 [pid 311] <... getdents64 resumed>0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 307] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 311] close(4 [pid 307] getdents64(3, [pid 311] <... close resumed>) = 0 [pid 307] <... getdents64 resumed>0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 311] rmdir("./7/file0" [pid 307] umount2("./7/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] <... rmdir resumed>) = 0 [pid 307] newfstatat(AT_FDCWD, "./7/binderfs", [pid 311] getdents64(3, [pid 307] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 311] <... getdents64 resumed>0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 307] unlink("./7/binderfs" [pid 311] close(3) = 0 [pid 307] <... unlink resumed>) = 0 [pid 311] rmdir("./7" [pid 307] umount2("./7/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 311] <... rmdir resumed>) = 0 [pid 311] mkdir("./8", 0777) = 0 [pid 590] <... write resumed>) = 20699119 [pid 311] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 311] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 311] close(3) = 0 [pid 311] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 590] munmap(0x7f5376fec000, 138412032 [pid 584] <... munmap resumed>) = 0 [pid 311] <... clone resumed>, child_tidptr=0x55555b716750) = 604 [pid 584] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 590] <... munmap resumed>) = 0 [pid 590] openat(AT_FDCWD, "/dev/loop1", O_RDWR./strace-static-x86_64: Process 604 attached [pid 604] set_robust_list(0x55555b716760, 24) = 0 [pid 604] chdir("./8") = 0 [pid 604] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 604] setpgid(0, 0) = 0 [pid 604] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 604] write(3, "1000", 4) = 4 [pid 604] close(3) = 0 [pid 604] symlink("/dev/binderfs", "./binderfs") = 0 [pid 604] write(1, "executing program\n", 18executing program ) = 18 [pid 604] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 604] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 604] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 604] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 604] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 604] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 604] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[605]}, 88) = 605 [pid 604] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 604] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 604] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 605 attached [pid 605] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 605] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 605] memfd_create("syzkaller", 0) = 3 [pid 605] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 584] <... openat resumed>) = 4 [pid 584] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 590] <... openat resumed>) = 4 [pid 584] close(3 [pid 590] ioctl(4, LOOP_SET_FD, 3 [pid 584] <... close resumed>) = 0 [pid 584] close(4 [pid 590] <... ioctl resumed>) = 0 [pid 590] close(3 [pid 584] <... close resumed>) = 0 [pid 590] <... close resumed>) = 0 [pid 584] mkdir("./file0", 0777 [pid 590] close(4 [pid 584] <... mkdir resumed>) = 0 [pid 590] <... close resumed>) = 0 [pid 584] mount("/dev/loop2", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 590] mkdir("./file0", 0777) = 0 [pid 590] mount("/dev/loop1", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 603] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 605] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 307] <... umount2 resumed>) = 0 [pid 307] umount2("./7/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] newfstatat(AT_FDCWD, "./7/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 307] umount2("./7/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 307] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 307] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 307] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 307] close(4) = 0 [pid 307] rmdir("./7/file0") = 0 [pid 307] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 307] close(3) = 0 [pid 307] rmdir("./7") = 0 [pid 307] mkdir("./8", 0777) = 0 [pid 307] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 307] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 307] close(3) = 0 [pid 307] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 611 ./strace-static-x86_64: Process 611 attached [pid 611] set_robust_list(0x55555b716760, 24) = 0 [pid 611] chdir("./8") = 0 [pid 611] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 611] setpgid(0, 0) = 0 [pid 611] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 611] write(3, "1000", 4) = 4 [pid 611] close(3) = 0 [pid 611] symlink("/dev/binderfs", "./binderfs") = 0 [pid 611] write(1, "executing program\n", 18executing program ) = 18 [pid 611] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 611] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 611] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 611] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 611] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 611] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 611] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[613]}, 88) = 613 [pid 611] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 611] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 48.081546][ T590] F2FS-fs (loop1): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 48.090051][ T584] F2FS-fs (loop2): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 48.120451][ T584] F2FS-fs (loop2): Found nat_bits in checkpoint [pid 611] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 613 attached [pid 613] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 613] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 613] memfd_create("syzkaller", 0) = 3 [pid 613] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [ 48.153291][ T590] F2FS-fs (loop1): Found nat_bits in checkpoint [ 48.175111][ T584] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0 [ 48.195305][ T584] F2FS-fs (loop2): Cannot turn on quotas: -2 on 1 [pid 603] <... write resumed>) = 20699119 [pid 603] munmap(0x7f5376fec000, 138412032) = 0 [pid 603] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 603] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 603] close(3) = 0 [pid 603] close(4) = 0 [pid 603] mkdir("./file0", 0777) = 0 [pid 603] mount("/dev/loop3", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 584] <... mount resumed>) = 0 [ 48.202642][ T584] F2FS-fs (loop2): Cannot turn on quotas: -2 on 2 [ 48.232212][ T584] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 48.245795][ T590] F2FS-fs (loop1): Cannot turn on quotas: -2 on 0 [pid 584] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 584] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 584] ioctl(4, LOOP_CLR_FD) = 0 [pid 584] close(4) = 0 [pid 590] <... mount resumed>) = 0 [pid 584] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 590] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 584] <... futex resumed>) = 1 [pid 583] <... futex resumed>) = 0 [pid 590] <... openat resumed>) = 3 [pid 584] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 583] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 590] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 584] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 583] <... futex resumed>) = 0 [pid 590] <... openat resumed>) = 4 [pid 584] fspick(AT_FDCWD, "./file0", 0 [pid 583] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 590] ioctl(4, LOOP_CLR_FD [pid 584] <... fspick resumed>) = 4 [pid 584] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 590] <... ioctl resumed>) = 0 [pid 590] close(4 [pid 584] <... futex resumed>) = 1 [pid 583] <... futex resumed>) = 0 [pid 584] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 583] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 590] <... close resumed>) = 0 [pid 584] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 583] <... futex resumed>) = 0 [pid 590] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 584] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 583] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 590] <... futex resumed>) = 1 [pid 588] <... futex resumed>) = 0 [pid 590] fspick(AT_FDCWD, "./file0", 0 [pid 588] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 590] <... fspick resumed>) = 4 [pid 588] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 590] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 588] <... futex resumed>) = 0 [pid 590] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 588] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 588] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 605] <... write resumed>) = 20699119 [pid 605] munmap(0x7f5376fec000, 138412032) = 0 [pid 605] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 605] ioctl(4, LOOP_SET_FD, 3 [pid 584] <... fsconfig resumed>) = 0 [pid 590] <... fsconfig resumed>) = 0 [pid 590] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 584] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 590] <... futex resumed>) = 1 [pid 588] <... futex resumed>) = 0 [pid 584] <... futex resumed>) = 1 [pid 583] <... futex resumed>) = 0 [pid 590] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 588] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 584] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 583] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 590] openat(AT_FDCWD, "./file0", O_RDONLY [pid 588] <... futex resumed>) = 0 [pid 584] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 583] <... futex resumed>) = 0 [pid 605] <... ioctl resumed>) = 0 [pid 590] <... openat resumed>) = 5 [pid 588] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 584] openat(AT_FDCWD, "./file0", O_RDONLY [pid 583] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 605] close(3) = 0 [pid 605] close(4) = 0 [pid 590] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 588] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 584] <... openat resumed>) = 5 [pid 605] mkdir("./file0", 0777) = 0 [pid 590] <... futex resumed>) = 0 [pid 588] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 584] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 605] mount("/dev/loop4", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 590] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 588] <... futex resumed>) = 0 [pid 584] <... futex resumed>) = 1 [pid 583] <... futex resumed>) = 0 [pid 588] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 584] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 583] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 584] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 583] <... futex resumed>) = 0 [pid 584] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 583] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 590] <... ioctl resumed>) = 0 [pid 584] <... ioctl resumed>) = 0 [pid 590] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 584] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 590] <... futex resumed>) = 1 [pid 588] <... futex resumed>) = 0 [pid 590] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 588] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 584] <... futex resumed>) = 1 [pid 583] <... futex resumed>) = 0 [ 48.253410][ T590] F2FS-fs (loop1): Cannot turn on quotas: -2 on 1 [ 48.263900][ T590] F2FS-fs (loop1): Cannot turn on quotas: -2 on 2 [ 48.264354][ T603] F2FS-fs (loop3): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 48.271190][ T590] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [pid 590] <... prlimit64 resumed>NULL) = 0 [pid 588] <... futex resumed>) = 0 [pid 584] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 583] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 590] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 588] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 584] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 583] <... futex resumed>) = 0 [pid 584] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 590] <... futex resumed>) = 0 [pid 588] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 583] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 590] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 588] exit_group(0 [pid 584] <... prlimit64 resumed>NULL) = 0 [pid 590] <... futex resumed>) = ? [pid 588] <... exit_group resumed>) = ? [pid 584] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 590] +++ exited with 0 +++ [pid 588] +++ exited with 0 +++ [pid 584] <... futex resumed>) = 1 [pid 583] <... futex resumed>) = 0 [pid 583] exit_group(0 [pid 308] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=588, si_uid=0, si_status=0, si_utime=4, si_stime=20} --- [pid 583] <... exit_group resumed>) = ? [pid 584] exit_group(0) = ? [pid 308] restart_syscall(<... resuming interrupted clone ...> [pid 584] +++ exited with 0 +++ [pid 583] +++ exited with 0 +++ [pid 309] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=583, si_uid=0, si_status=0, si_utime=4, si_stime=19} --- [pid 309] restart_syscall(<... resuming interrupted clone ...> [pid 308] <... restart_syscall resumed>) = 0 [pid 309] <... restart_syscall resumed>) = 0 [pid 308] umount2("./8", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 309] umount2("./7", MNT_FORCE|UMOUNT_NOFOLLOW [pid 308] <... openat resumed>) = 3 [pid 309] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 308] newfstatat(3, "", [pid 309] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 308] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 309] <... openat resumed>) = 3 [pid 308] getdents64(3, [pid 309] newfstatat(3, "", [pid 308] <... getdents64 resumed>0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 309] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 308] umount2("./8/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 309] getdents64(3, [pid 308] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 308] newfstatat(AT_FDCWD, "./8/binderfs", [pid 309] <... getdents64 resumed>0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 308] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 308] unlink("./8/binderfs" [pid 309] umount2("./7/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 308] <... unlink resumed>) = 0 [pid 309] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 309] newfstatat(AT_FDCWD, "./7/binderfs", [pid 308] umount2("./8/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 309] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 309] unlink("./7/binderfs") = 0 [pid 309] umount2("./7/file0", MNT_FORCE|UMOUNT_NOFOLLOW [ 48.321661][ T603] F2FS-fs (loop3): Found nat_bits in checkpoint [ 48.330605][ T605] F2FS-fs (loop4): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 48.388260][ T605] F2FS-fs (loop4): Found nat_bits in checkpoint [ 48.398752][ T603] F2FS-fs (loop3): Cannot turn on quotas: -2 on 0 [pid 613] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 605] <... mount resumed>) = 0 [pid 605] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 605] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 605] ioctl(4, LOOP_CLR_FD) = 0 [pid 605] close(4) = 0 [pid 605] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 604] <... futex resumed>) = 0 [pid 604] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 605] fspick(AT_FDCWD, "./file0", 0 [pid 604] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 605] <... fspick resumed>) = 4 [pid 605] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 604] <... futex resumed>) = 0 [pid 604] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 604] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 605] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = 0 [pid 605] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 604] <... futex resumed>) = 0 [pid 604] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 604] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 605] openat(AT_FDCWD, "./file0", O_RDONLY) = 5 [ 48.429365][ T603] F2FS-fs (loop3): Cannot turn on quotas: -2 on 1 [ 48.436519][ T605] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0 [ 48.443810][ T605] F2FS-fs (loop4): Cannot turn on quotas: -2 on 1 [ 48.446808][ T603] F2FS-fs (loop3): Cannot turn on quotas: -2 on 2 [ 48.450427][ T605] F2FS-fs (loop4): Cannot turn on quotas: -2 on 2 [ 48.464397][ T605] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [pid 605] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 604] <... futex resumed>) = 0 [pid 604] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 604] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 605] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140) = 0 [pid 605] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 604] <... futex resumed>) = 0 [pid 604] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 604] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 605] prlimit64(0, RLIMIT_RTPRIO, NULL, NULL) = 0 [pid 605] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 604] <... futex resumed>) = 0 [pid 604] exit_group(0) = ? [pid 605] +++ exited with 0 +++ [pid 604] +++ exited with 0 +++ [pid 311] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=604, si_uid=0, si_status=0, si_utime=6, si_stime=19} --- [pid 311] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 311] umount2("./8", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 311] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 311] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 311] umount2("./8/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] newfstatat(AT_FDCWD, "./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 311] unlink("./8/binderfs") = 0 [pid 311] umount2("./8/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 613] <... write resumed>) = 20699119 [pid 613] munmap(0x7f5376fec000, 138412032 [pid 603] <... mount resumed>) = 0 [pid 613] <... munmap resumed>) = 0 [pid 603] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 613] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 603] <... openat resumed>) = 3 [pid 603] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 308] <... umount2 resumed>) = 0 [pid 308] umount2("./8/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] newfstatat(AT_FDCWD, "./8/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 308] umount2("./8/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 308] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 308] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 308] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 308] close(4) = 0 [pid 308] rmdir("./8/file0") = 0 [pid 308] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 308] close(3) = 0 [pid 308] rmdir("./8") = 0 [pid 308] mkdir("./9", 0777) = 0 [ 48.501088][ T603] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [pid 308] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 309] <... umount2 resumed>) = 0 [pid 309] umount2("./7/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] newfstatat(AT_FDCWD, "./7/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 309] umount2("./7/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 613] <... openat resumed>) = 4 [pid 309] <... openat resumed>) = 4 [pid 613] ioctl(4, LOOP_SET_FD, 3 [pid 603] <... openat resumed>) = 4 [pid 309] newfstatat(4, "", [pid 308] <... openat resumed>) = 3 [pid 603] ioctl(4, LOOP_CLR_FD [pid 309] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 308] ioctl(3, LOOP_CLR_FD [pid 309] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 309] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 309] close(4) = 0 [pid 309] rmdir("./7/file0" [pid 613] <... ioctl resumed>) = 0 [pid 309] <... rmdir resumed>) = 0 [pid 308] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 309] getdents64(3, [pid 308] close(3 [pid 309] <... getdents64 resumed>0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 613] close(3 [pid 603] <... ioctl resumed>) = 0 [pid 308] <... close resumed>) = 0 [pid 613] <... close resumed>) = 0 [pid 603] close(4 [pid 613] close(4 [pid 603] <... close resumed>) = 0 [pid 613] <... close resumed>) = 0 [pid 603] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 613] mkdir("./file0", 0777 [pid 603] <... futex resumed>) = 1 [pid 600] <... futex resumed>) = 0 [pid 613] <... mkdir resumed>) = 0 [pid 603] fspick(AT_FDCWD, "./file0", 0 [pid 600] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 613] mount("/dev/loop0", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 603] <... fspick resumed>) = 4 [pid 600] <... futex resumed>) = 0 [pid 603] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 600] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 603] <... futex resumed>) = 0 [pid 600] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 603] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 600] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 600] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 309] close(3 [pid 308] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 309] <... close resumed>) = 0 [pid 309] rmdir("./7" [pid 308] <... clone resumed>, child_tidptr=0x55555b716750) = 629 [pid 309] <... rmdir resumed>) = 0 [pid 309] mkdir("./8", 0777) = 0 [pid 309] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 309] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 309] close(3) = 0 [pid 309] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 630 ./strace-static-x86_64: Process 630 attached ./strace-static-x86_64: Process 629 attached [pid 629] set_robust_list(0x55555b716760, 24 [pid 630] set_robust_list(0x55555b716760, 24) = 0 [pid 629] <... set_robust_list resumed>) = 0 [pid 629] chdir("./9" [pid 630] chdir("./8" [pid 629] <... chdir resumed>) = 0 [pid 629] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 630] <... chdir resumed>) = 0 [pid 629] <... prctl resumed>) = 0 [pid 630] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 629] setpgid(0, 0 [pid 630] <... prctl resumed>) = 0 [pid 629] <... setpgid resumed>) = 0 [pid 630] setpgid(0, 0) = 0 [pid 629] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 630] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 629] write(3, "1000", 4 [pid 630] <... openat resumed>) = 3 [pid 629] <... write resumed>) = 4 [pid 629] close(3 [pid 630] write(3, "1000", 4) = 4 [pid 629] <... close resumed>) = 0 [pid 629] symlink("/dev/binderfs", "./binderfs" [pid 630] close(3) = 0 [pid 629] <... symlink resumed>) = 0 [pid 630] symlink("/dev/binderfs", "./binderfs" [pid 629] write(1, "executing program\n", 18executing program ) = 18 [pid 630] <... symlink resumed>) = 0 [pid 629] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000executing program ) = 0 [pid 629] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 603] <... fsconfig resumed>) = 0 [pid 630] write(1, "executing program\n", 18 [pid 629] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 630] <... write resumed>) = 18 [pid 603] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 629] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 630] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 603] <... futex resumed>) = 1 [pid 600] <... futex resumed>) = 0 [pid 629] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 630] <... futex resumed>) = 0 [pid 600] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 603] openat(AT_FDCWD, "./file0", O_RDONLY [pid 630] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, [pid 629] <... mmap resumed>) = 0x7f537f3ec000 [pid 600] <... futex resumed>) = 0 [pid 603] <... openat resumed>) = 5 [pid 600] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 630] <... rt_sigaction resumed>NULL, 8) = 0 [pid 629] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE [pid 603] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 600] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 630] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 629] <... mprotect resumed>) = 0 [pid 600] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 603] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 600] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 629] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 630] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 629] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} [pid 603] <... ioctl resumed>) = 0 [pid 630] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 603] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 630] <... mmap resumed>) = 0x7f537f3ec000 [pid 629] <... clone3 resumed> => {parent_tid=[634]}, 88) = 634 [pid 603] <... futex resumed>) = 1 [pid 600] <... futex resumed>) = 0 [pid 630] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE [pid 629] rt_sigprocmask(SIG_SETMASK, [], [pid 603] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 600] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 630] <... mprotect resumed>) = 0 [pid 629] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 603] <... prlimit64 resumed>NULL) = 0 [pid 600] <... futex resumed>) = 0 [pid 630] rt_sigprocmask(SIG_BLOCK, ~[], [pid 629] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 603] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 600] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 630] <... rt_sigprocmask resumed>[], 8) = 0 [pid 629] <... futex resumed>) = 0 [pid 603] <... futex resumed>) = 0 [pid 600] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 630] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} [pid 629] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 603] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 600] exit_group(0 [pid 603] <... futex resumed>) = ? [pid 600] <... exit_group resumed>) = ? [pid 630] <... clone3 resumed> => {parent_tid=[635]}, 88) = 635 [pid 603] +++ exited with 0 +++ [pid 600] +++ exited with 0 +++ ./strace-static-x86_64: Process 634 attached [pid 634] set_robust_list(0x7f537f40c9a0, 24 [pid 630] rt_sigprocmask(SIG_SETMASK, [], [pid 310] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=600, si_uid=0, si_status=0, si_utime=6, si_stime=15} --- [pid 634] <... set_robust_list resumed>) = 0 [pid 310] restart_syscall(<... resuming interrupted clone ...> [pid 634] rt_sigprocmask(SIG_SETMASK, [], [pid 630] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 634] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 630] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 634] memfd_create("syzkaller", 0 [pid 630] <... futex resumed>) = 0 [pid 634] <... memfd_create resumed>) = 3 [pid 630] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 634] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 310] <... restart_syscall resumed>) = 0 ./strace-static-x86_64: Process 635 attached [pid 635] set_robust_list(0x7f537f40c9a0, 24 [pid 310] umount2("./8", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 310] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 310] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 310] umount2("./8/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] newfstatat(AT_FDCWD, "./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 310] unlink("./8/binderfs" [pid 635] <... set_robust_list resumed>) = 0 [pid 310] <... unlink resumed>) = 0 [pid 310] umount2("./8/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 635] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 635] memfd_create("syzkaller", 0) = 3 [pid 635] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 311] <... umount2 resumed>) = 0 [ 48.585966][ T613] F2FS-fs (loop0): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 48.612459][ T613] F2FS-fs (loop0): Found nat_bits in checkpoint [pid 311] umount2("./8/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] newfstatat(AT_FDCWD, "./8/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 311] umount2("./8/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 311] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 311] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 311] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 311] close(4) = 0 [pid 311] rmdir("./8/file0") = 0 [pid 311] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 311] close(3) = 0 [pid 311] rmdir("./8") = 0 [pid 311] mkdir("./9", 0777) = 0 [pid 311] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 311] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 311] close(3) = 0 [pid 311] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 636 [pid 613] <... mount resumed>) = 0 [pid 613] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 613] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 613] ioctl(4, LOOP_CLR_FD) = 0 [pid 613] close(4) = 0 [pid 613] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 611] <... futex resumed>) = 0 [pid 613] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 611] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 613] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 611] <... futex resumed>) = 0 [pid 613] fspick(AT_FDCWD, "./file0", 0 [pid 611] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 613] <... fspick resumed>) = 4 [pid 613] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 611] <... futex resumed>) = 0 [pid 613] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 611] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 613] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 611] <... futex resumed>) = 0 [pid 613] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 611] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 636 attached [pid 636] set_robust_list(0x55555b716760, 24) = 0 [pid 636] chdir("./9") = 0 [pid 636] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 636] setpgid(0, 0) = 0 [pid 636] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 636] write(3, "1000", 4) = 4 [pid 636] close(3) = 0 [pid 636] symlink("/dev/binderfs", "./binderfs") = 0 [pid 636] write(1, "executing program\n", 18executing program ) = 18 [pid 636] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 636] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 636] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 636] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 636] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 636] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 636] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[639]}, 88) = 639 [pid 636] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 613] <... fsconfig resumed>) = 0 [pid 613] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 611] <... futex resumed>) = 0 [pid 613] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 611] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 613] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 611] <... futex resumed>) = 0 [pid 613] openat(AT_FDCWD, "./file0", O_RDONLY [pid 611] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 613] <... openat resumed>) = 5 [pid 613] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 611] <... futex resumed>) = 0 [pid 613] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 611] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 613] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 611] <... futex resumed>) = 0 [pid 613] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 611] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 636] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 613] <... ioctl resumed>) = 0 [pid 613] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 611] <... futex resumed>) = 0 [pid 613] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 611] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 613] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 611] <... futex resumed>) = 0 [pid 613] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 611] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 613] <... prlimit64 resumed>NULL) = 0 [pid 613] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 611] <... futex resumed>) = 0 [pid 613] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 611] exit_group(0 [pid 613] <... futex resumed>) = ? [pid 611] <... exit_group resumed>) = ? [pid 613] +++ exited with 0 +++ [pid 636] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 611] +++ exited with 0 +++ [pid 307] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=611, si_uid=0, si_status=0, si_utime=3, si_stime=15} --- [ 48.667699][ T613] F2FS-fs (loop0): Cannot turn on quotas: -2 on 0 [ 48.674495][ T613] F2FS-fs (loop0): Cannot turn on quotas: -2 on 1 [ 48.681889][ T613] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2 [ 48.688671][ T613] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [pid 307] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 307] umount2("./8", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 307] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 307] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 307] umount2("./8/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] newfstatat(AT_FDCWD, "./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 307] unlink("./8/binderfs") = 0 [pid 307] umount2("./8/file0", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 639 attached [pid 639] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 639] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 639] memfd_create("syzkaller", 0) = 3 [pid 639] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 310] <... umount2 resumed>) = 0 [pid 310] umount2("./8/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] newfstatat(AT_FDCWD, "./8/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 310] umount2("./8/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 310] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 310] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 310] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 310] close(4) = 0 [pid 310] rmdir("./8/file0") = 0 [pid 310] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 310] close(3) = 0 [pid 310] rmdir("./8") = 0 [pid 310] mkdir("./9", 0777) = 0 [pid 310] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 310] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 310] close(3) = 0 [pid 310] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 640 ./strace-static-x86_64: Process 640 attached [pid 640] set_robust_list(0x55555b716760, 24) = 0 [pid 640] chdir("./9") = 0 [pid 640] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 640] setpgid(0, 0) = 0 [pid 640] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 640] write(3, "1000", 4) = 4 [pid 640] close(3) = 0 [pid 640] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 640] write(1, "executing program\n", 18) = 18 [pid 640] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 640] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 640] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 640] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 640] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 640] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 640] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[641]}, 88) = 641 [pid 640] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 640] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 640] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 639] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119./strace-static-x86_64: Process 641 attached [pid 641] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 641] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 641] memfd_create("syzkaller", 0) = 3 [pid 641] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 634] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 635] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 307] <... umount2 resumed>) = 0 [pid 307] umount2("./8/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] newfstatat(AT_FDCWD, "./8/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 307] umount2("./8/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 307] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 307] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 307] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 307] close(4) = 0 [pid 307] rmdir("./8/file0") = 0 [pid 307] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 307] close(3) = 0 [pid 307] rmdir("./8") = 0 [pid 307] mkdir("./9", 0777) = 0 [pid 307] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 307] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 307] close(3) = 0 [pid 307] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 642 ./strace-static-x86_64: Process 642 attached [pid 642] set_robust_list(0x55555b716760, 24) = 0 [pid 642] chdir("./9") = 0 [pid 642] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 642] setpgid(0, 0) = 0 [pid 642] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 642] write(3, "1000", 4) = 4 [pid 642] close(3) = 0 [pid 642] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 642] write(1, "executing program\n", 18) = 18 [pid 642] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 642] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 642] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 642] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 642] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 642] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 642] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[643]}, 88) = 643 [pid 642] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 642] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 642] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 643 attached [pid 643] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 643] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 643] memfd_create("syzkaller", 0) = 3 [pid 643] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 641] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 639] <... write resumed>) = 20699119 [pid 639] munmap(0x7f5376fec000, 138412032) = 0 [pid 639] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 639] ioctl(4, LOOP_SET_FD, 3 [pid 634] <... write resumed>) = 20699119 [pid 634] munmap(0x7f5376fec000, 138412032) = 0 [pid 639] <... ioctl resumed>) = 0 [pid 639] close(3) = 0 [pid 639] close(4) = 0 [pid 639] mkdir("./file0", 0777) = 0 [pid 639] mount("/dev/loop4", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 635] <... write resumed>) = 20699119 [pid 635] munmap(0x7f5376fec000, 138412032) = 0 [pid 634] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 643] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 634] <... openat resumed>) = 4 [pid 634] ioctl(4, LOOP_SET_FD, 3 [pid 635] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 634] <... ioctl resumed>) = 0 [pid 634] close(3) = 0 [pid 634] close(4) = 0 [pid 634] mkdir("./file0", 0777) = 0 [pid 634] mount("/dev/loop1", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 635] <... openat resumed>) = 4 [pid 635] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 635] close(3) = 0 [pid 635] close(4) = 0 [pid 635] mkdir("./file0", 0777) = 0 [pid 635] mount("/dev/loop2", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 641] <... write resumed>) = 20699119 [pid 641] munmap(0x7f5376fec000, 138412032) = 0 [ 49.099563][ T639] F2FS-fs (loop4): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 49.139421][ T634] F2FS-fs (loop1): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 641] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 641] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 641] close(3) = 0 [pid 641] close(4) = 0 [pid 641] mkdir("./file0", 0777) = 0 [ 49.164043][ T634] F2FS-fs (loop1): Found nat_bits in checkpoint [ 49.171532][ T639] F2FS-fs (loop4): Found nat_bits in checkpoint [ 49.178867][ T635] F2FS-fs (loop2): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 641] mount("/dev/loop3", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 643] <... write resumed>) = 20699119 [pid 643] munmap(0x7f5376fec000, 138412032) = 0 [pid 643] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 49.220130][ T635] F2FS-fs (loop2): Found nat_bits in checkpoint [ 49.242464][ T641] F2FS-fs (loop3): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 49.254229][ T639] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0 [pid 643] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 643] close(3) = 0 [pid 643] close(4) = 0 [pid 643] mkdir("./file0", 0777) = 0 [ 49.264325][ T634] F2FS-fs (loop1): Cannot turn on quotas: -2 on 0 [ 49.269387][ T639] F2FS-fs (loop4): Cannot turn on quotas: -2 on 1 [ 49.284494][ T643] F2FS-fs (loop0): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 49.288078][ T639] F2FS-fs (loop4): Cannot turn on quotas: -2 on 2 [ 49.293556][ T634] F2FS-fs (loop1): Cannot turn on quotas: -2 on 1 [ 49.306238][ T641] F2FS-fs (loop3): Found nat_bits in checkpoint [ 49.307052][ T634] F2FS-fs (loop1): Cannot turn on quotas: -2 on 2 [pid 643] mount("/dev/loop0", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 639] <... mount resumed>) = 0 [pid 639] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 639] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 639] ioctl(4, LOOP_CLR_FD) = 0 [pid 639] close(4 [pid 634] <... mount resumed>) = 0 [ 49.313661][ T639] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 49.320275][ T634] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 49.335996][ T643] F2FS-fs (loop0): Found nat_bits in checkpoint [pid 639] <... close resumed>) = 0 [pid 639] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 636] <... futex resumed>) = 0 [pid 636] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 636] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 639] <... futex resumed>) = 1 [pid 639] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 639] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 636] <... futex resumed>) = 0 [pid 636] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 636] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 639] <... futex resumed>) = 1 [pid 639] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = 0 [pid 639] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 636] <... futex resumed>) = 0 [pid 636] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 636] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 639] openat(AT_FDCWD, "./file0", O_RDONLY) = 5 [pid 639] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 636] <... futex resumed>) = 0 [pid 636] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 636] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 634] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 634] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 634] ioctl(4, LOOP_CLR_FD) = 0 [pid 634] close(4 [pid 639] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140) = 0 [pid 639] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 636] <... futex resumed>) = 0 [pid 636] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 636] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 639] prlimit64(0, RLIMIT_RTPRIO, NULL, NULL) = 0 [pid 639] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 636] <... futex resumed>) = 0 [pid 636] exit_group(0) = ? [pid 639] +++ exited with 0 +++ [pid 636] +++ exited with 0 +++ [pid 634] <... close resumed>) = 0 [pid 311] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=636, si_uid=0, si_status=0, si_utime=6, si_stime=15} --- [pid 634] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 311] restart_syscall(<... resuming interrupted clone ...> [pid 634] <... futex resumed>) = 1 [pid 629] <... futex resumed>) = 0 [pid 311] <... restart_syscall resumed>) = 0 [pid 634] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 629] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 629] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 311] umount2("./9", MNT_FORCE|UMOUNT_NOFOLLOW [pid 634] <... futex resumed>) = 0 [pid 634] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 634] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 629] <... futex resumed>) = 0 [pid 634] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 629] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 629] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 311] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 49.371763][ T641] F2FS-fs (loop3): Cannot turn on quotas: -2 on 0 [ 49.379029][ T641] F2FS-fs (loop3): Cannot turn on quotas: -2 on 1 [ 49.387793][ T635] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0 [ 49.394994][ T635] F2FS-fs (loop2): Cannot turn on quotas: -2 on 1 [ 49.402439][ T641] F2FS-fs (loop3): Cannot turn on quotas: -2 on 2 [ 49.410033][ T635] F2FS-fs (loop2): Cannot turn on quotas: -2 on 2 [pid 311] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 311] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 311] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 311] umount2("./9/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 635] <... mount resumed>) = 0 [pid 635] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 311] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 311] newfstatat(AT_FDCWD, "./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 311] unlink("./9/binderfs") = 0 [pid 311] umount2("./9/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 634] <... fsconfig resumed>) = 0 [pid 634] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 629] <... futex resumed>) = 0 [pid 634] openat(AT_FDCWD, "./file0", O_RDONLY [pid 629] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 634] <... openat resumed>) = 5 [pid 629] <... futex resumed>) = 0 [pid 634] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 629] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 634] <... futex resumed>) = 0 [pid 629] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 634] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 629] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 629] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 635] <... openat resumed>) = 3 [pid 641] <... mount resumed>) = 0 [pid 635] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 641] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 635] <... openat resumed>) = 4 [pid 641] <... openat resumed>) = 3 [pid 635] ioctl(4, LOOP_CLR_FD [pid 641] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 635] <... ioctl resumed>) = 0 [pid 641] <... openat resumed>) = 4 [pid 635] close(4 [pid 641] ioctl(4, LOOP_CLR_FD [pid 635] <... close resumed>) = 0 [pid 641] <... ioctl resumed>) = 0 [pid 635] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 634] <... ioctl resumed>) = 0 [pid 634] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 629] <... futex resumed>) = 0 [pid 634] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 629] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 634] <... prlimit64 resumed>NULL) = 0 [pid 629] <... futex resumed>) = 0 [pid 634] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 629] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 634] <... futex resumed>) = 0 [pid 629] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 634] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 629] exit_group(0 [pid 634] <... futex resumed>) = ? [pid 629] <... exit_group resumed>) = ? [pid 634] +++ exited with 0 +++ [pid 629] +++ exited with 0 +++ [pid 308] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=629, si_uid=0, si_status=0, si_utime=5, si_stime=14} --- [pid 308] restart_syscall(<... resuming interrupted clone ...> [pid 641] close(4 [pid 635] <... futex resumed>) = 1 [pid 630] <... futex resumed>) = 0 [pid 641] <... close resumed>) = 0 [pid 635] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 641] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 640] <... futex resumed>) = 0 [pid 630] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 630] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 308] <... restart_syscall resumed>) = 0 [pid 641] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 640] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 635] <... futex resumed>) = 0 [pid 308] umount2("./9", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 308] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 308] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 308] umount2("./9/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] newfstatat(AT_FDCWD, "./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 308] unlink("./9/binderfs") = 0 [pid 308] umount2("./9/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 641] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 640] <... futex resumed>) = 0 [ 49.418569][ T635] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 49.427553][ T641] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 49.448004][ T643] F2FS-fs (loop0): Cannot turn on quotas: -2 on 0 [ 49.454708][ T643] F2FS-fs (loop0): Cannot turn on quotas: -2 on 1 [ 49.461639][ T643] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2 [pid 635] fspick(AT_FDCWD, "./file0", 0 [pid 643] <... mount resumed>) = 0 [pid 641] fspick(AT_FDCWD, "./file0", 0 [pid 640] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 635] <... fspick resumed>) = 4 [pid 641] <... fspick resumed>) = 4 [pid 635] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 641] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 635] <... futex resumed>) = 1 [pid 630] <... futex resumed>) = 0 [pid 641] <... futex resumed>) = 1 [pid 640] <... futex resumed>) = 0 [pid 635] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 630] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 641] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 640] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 635] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 641] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 640] <... futex resumed>) = 0 [pid 635] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 630] <... futex resumed>) = 0 [pid 641] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 640] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 630] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 643] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 635] <... fsconfig resumed>) = 0 [pid 635] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 635] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 630] <... futex resumed>) = 0 [pid 630] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 635] <... futex resumed>) = 0 [pid 630] <... futex resumed>) = 1 [pid 635] openat(AT_FDCWD, "./file0", O_RDONLY) = 5 [pid 635] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 635] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 630] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 643] <... openat resumed>) = 3 [pid 630] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 630] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 635] <... futex resumed>) = 0 [pid 630] <... futex resumed>) = 1 [pid 635] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 630] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 635] <... ioctl resumed>) = 0 [pid 635] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 630] <... futex resumed>) = 0 [pid 643] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 635] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 630] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 635] <... futex resumed>) = 0 [pid 630] <... futex resumed>) = 1 [pid 635] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 630] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 635] <... prlimit64 resumed>NULL) = 0 [pid 635] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 630] <... futex resumed>) = 0 [pid 635] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 630] exit_group(0 [pid 635] <... futex resumed>) = ? [pid 630] <... exit_group resumed>) = ? [pid 635] +++ exited with 0 +++ [pid 630] +++ exited with 0 +++ [pid 309] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=630, si_uid=0, si_status=0, si_utime=10, si_stime=19} --- [pid 309] restart_syscall(<... resuming interrupted clone ...> [pid 641] <... fsconfig resumed>) = 0 [pid 641] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 640] <... futex resumed>) = 0 [pid 641] openat(AT_FDCWD, "./file0", O_RDONLY [pid 640] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 641] <... openat resumed>) = 5 [pid 640] <... futex resumed>) = 0 [pid 641] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 640] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 641] <... futex resumed>) = 0 [pid 640] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 641] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 640] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 640] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 641] <... ioctl resumed>) = 0 [pid 641] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 640] <... futex resumed>) = 0 [pid 641] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 640] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 641] <... prlimit64 resumed>NULL) = 0 [pid 640] <... futex resumed>) = 0 [pid 641] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 640] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 641] <... futex resumed>) = 0 [pid 640] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 641] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 640] exit_group(0 [pid 641] <... futex resumed>) = ? [pid 640] <... exit_group resumed>) = ? [pid 641] +++ exited with 0 +++ [pid 640] +++ exited with 0 +++ [pid 310] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=640, si_uid=0, si_status=0, si_utime=6, si_stime=14} --- [pid 310] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 309] <... restart_syscall resumed>) = 0 [pid 643] <... openat resumed>) = 4 [pid 643] ioctl(4, LOOP_CLR_FD [pid 310] umount2("./9", MNT_FORCE|UMOUNT_NOFOLLOW [pid 309] umount2("./8", MNT_FORCE|UMOUNT_NOFOLLOW [pid 310] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 643] <... ioctl resumed>) = 0 [pid 310] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 309] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 643] close(4 [pid 310] <... openat resumed>) = 3 [pid 309] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 643] <... close resumed>) = 0 [pid 310] newfstatat(3, "", [pid 309] <... openat resumed>) = 3 [pid 643] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 310] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 309] newfstatat(3, "", [pid 643] <... futex resumed>) = 1 [pid 642] <... futex resumed>) = 0 [pid 310] getdents64(3, [pid 309] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 643] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 642] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 309] getdents64(3, [pid 643] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 642] <... futex resumed>) = 0 [pid 310] <... getdents64 resumed>0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 309] <... getdents64 resumed>0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 643] fspick(AT_FDCWD, "./file0", 0 [pid 642] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 310] umount2("./9/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 309] umount2("./8/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 643] <... fspick resumed>) = 4 [pid 310] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 309] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 643] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 310] newfstatat(AT_FDCWD, "./9/binderfs", [pid 309] newfstatat(AT_FDCWD, "./8/binderfs", [pid 643] <... futex resumed>) = 1 [pid 642] <... futex resumed>) = 0 [pid 310] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 309] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 643] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 642] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 310] unlink("./9/binderfs" [pid 309] unlink("./8/binderfs" [pid 643] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 642] <... futex resumed>) = 0 [pid 310] <... unlink resumed>) = 0 [pid 309] <... unlink resumed>) = 0 [pid 643] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 642] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 310] umount2("./9/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 309] umount2("./8/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 643] <... fsconfig resumed>) = 0 [pid 643] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 642] <... futex resumed>) = 0 [pid 643] openat(AT_FDCWD, "./file0", O_RDONLY [pid 642] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 643] <... openat resumed>) = 5 [pid 642] <... futex resumed>) = 0 [pid 643] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 642] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 643] <... futex resumed>) = 0 [pid 642] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 643] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 642] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 642] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 643] <... ioctl resumed>) = 0 [pid 643] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 642] <... futex resumed>) = 0 [pid 643] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 642] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 643] <... prlimit64 resumed>NULL) = 0 [pid 642] <... futex resumed>) = 0 [pid 643] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 642] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 643] <... futex resumed>) = 0 [pid 642] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 643] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 642] exit_group(0 [pid 643] <... futex resumed>) = ? [pid 642] <... exit_group resumed>) = ? [ 49.468297][ T643] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [pid 643] +++ exited with 0 +++ [pid 642] +++ exited with 0 +++ [pid 307] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=642, si_uid=0, si_status=0, si_utime=4, si_stime=20} --- [pid 307] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 307] umount2("./9", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 307] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 307] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 307] umount2("./9/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] newfstatat(AT_FDCWD, "./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 307] unlink("./9/binderfs") = 0 [pid 307] umount2("./9/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 311] <... umount2 resumed>) = 0 [pid 311] umount2("./9/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] newfstatat(AT_FDCWD, "./9/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 311] umount2("./9/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 311] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 311] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 311] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 311] close(4) = 0 [pid 311] rmdir("./9/file0") = 0 [pid 311] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 311] close(3) = 0 [pid 311] rmdir("./9") = 0 [pid 311] mkdir("./10", 0777) = 0 [pid 311] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 308] <... umount2 resumed>) = 0 [pid 308] umount2("./9/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] newfstatat(AT_FDCWD, "./9/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 308] umount2("./9/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 308] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 308] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 308] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 308] close(4) = 0 [pid 308] rmdir("./9/file0") = 0 [pid 308] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 308] close(3) = 0 [pid 308] rmdir("./9") = 0 [pid 308] mkdir("./10", 0777) = 0 [pid 308] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 311] <... openat resumed>) = 3 [pid 311] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 311] close(3) = 0 [pid 311] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 670 ./strace-static-x86_64: Process 670 attached [pid 670] set_robust_list(0x55555b716760, 24) = 0 [pid 670] chdir("./10") = 0 [pid 670] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 670] setpgid(0, 0) = 0 [pid 670] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 670] write(3, "1000", 4) = 4 [pid 670] close(3) = 0 [pid 670] symlink("/dev/binderfs", "./binderfs") = 0 [pid 670] write(1, "executing program\n", 18executing program ) = 18 [pid 670] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 670] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 670] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 670] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 670] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 670] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 670] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[671]}, 88) = 671 [pid 670] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 670] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 670] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 308] <... openat resumed>) = 3 [pid 308] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 308] close(3) = 0 [pid 308] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 671 attached ./strace-static-x86_64: Process 672 attached , child_tidptr=0x55555b716750) = 672 [pid 671] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 672] set_robust_list(0x55555b716760, 24 [pid 671] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 672] <... set_robust_list resumed>) = 0 [pid 671] memfd_create("syzkaller", 0 [pid 672] chdir("./10" [pid 671] <... memfd_create resumed>) = 3 [pid 671] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 672] <... chdir resumed>) = 0 [pid 671] <... mmap resumed>) = 0x7f5376fec000 [pid 672] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 672] setpgid(0, 0) = 0 [pid 672] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 672] write(3, "1000", 4) = 4 [pid 672] close(3) = 0 [pid 672] symlink("/dev/binderfs", "./binderfs") = 0 [pid 672] write(1, "executing program\n", 18executing program ) = 18 [pid 672] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 672] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 672] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 672] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 672] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 672] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 672] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[673]}, 88) = 673 [pid 672] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 672] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 672] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 673 attached [pid 673] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 673] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 673] memfd_create("syzkaller", 0) = 3 [pid 673] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 307] <... umount2 resumed>) = 0 [pid 307] umount2("./9/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] newfstatat(AT_FDCWD, "./9/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 307] umount2("./9/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 307] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 307] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 307] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 307] close(4) = 0 [pid 307] rmdir("./9/file0") = 0 [pid 307] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 307] close(3) = 0 [pid 307] rmdir("./9") = 0 [pid 307] mkdir("./10", 0777) = 0 [pid 310] <... umount2 resumed>) = 0 [pid 307] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 310] umount2("./9/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 307] <... openat resumed>) = 3 [pid 307] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 307] close(3 [pid 310] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 307] <... close resumed>) = 0 [pid 307] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 310] newfstatat(AT_FDCWD, "./9/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 307] <... clone resumed>, child_tidptr=0x55555b716750) = 674 [pid 310] umount2("./9/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 310] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 310] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 310] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 310] close(4) = 0 [pid 310] rmdir("./9/file0") = 0 [pid 310] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 310] close(3) = 0 [pid 310] rmdir("./9") = 0 [pid 310] mkdir("./10", 0777) = 0 [pid 310] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 310] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 310] close(3 [pid 309] <... umount2 resumed>) = 0 [pid 310] <... close resumed>) = 0 ./strace-static-x86_64: Process 674 attached [pid 310] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 675 [pid 674] set_robust_list(0x55555b716760, 24 [pid 309] umount2("./8/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] newfstatat(AT_FDCWD, "./8/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 309] umount2("./8/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 309] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 309] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 309] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 309] close(4) = 0 [pid 309] rmdir("./8/file0" [pid 674] <... set_robust_list resumed>) = 0 [pid 309] <... rmdir resumed>) = 0 [pid 674] chdir("./10" [pid 309] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 309] close(3) = 0 [pid 309] rmdir("./8") = 0 [pid 674] <... chdir resumed>) = 0 [pid 674] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 309] mkdir("./9", 0777 [pid 674] setpgid(0, 0) = 0 [pid 674] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 309] <... mkdir resumed>) = 0 [pid 674] <... openat resumed>) = 3 [pid 309] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 674] write(3, "1000", 4 [pid 309] <... openat resumed>) = 3 [pid 309] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 309] close(3 [pid 674] <... write resumed>) = 4 [pid 309] <... close resumed>) = 0 [pid 309] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 674] close(3) = 0 [pid 674] symlink("/dev/binderfs", "./binderfs"./strace-static-x86_64: Process 675 attached [pid 309] <... clone resumed>, child_tidptr=0x55555b716750) = 676 [pid 674] <... symlink resumed>) = 0 [pid 675] set_robust_list(0x55555b716760, 24executing program [pid 674] write(1, "executing program\n", 18 [pid 675] <... set_robust_list resumed>) = 0 [pid 674] <... write resumed>) = 18 [pid 674] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 674] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 675] chdir("./10" [pid 674] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 675] <... chdir resumed>) = 0 [pid 674] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 675] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 674] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE [pid 675] <... prctl resumed>) = 0 [pid 674] <... mprotect resumed>) = 0 [pid 675] setpgid(0, 0 [pid 674] rt_sigprocmask(SIG_BLOCK, ~[], [pid 675] <... setpgid resumed>) = 0 [pid 674] <... rt_sigprocmask resumed>[], 8) = 0 [pid 674] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[677]}, 88) = 677 [pid 675] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 674] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 ./strace-static-x86_64: Process 676 attached [pid 676] set_robust_list(0x55555b716760, 24) = 0 [pid 676] chdir("./9" [pid 674] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 676] <... chdir resumed>) = 0 [pid 676] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 676] setpgid(0, 0) = 0 [pid 674] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 676] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 675] <... openat resumed>) = 3 [pid 675] write(3, "1000", 4 [pid 676] write(3, "1000", 4) = 4 [pid 676] close(3) = 0 [pid 676] symlink("/dev/binderfs", "./binderfs" [pid 675] <... write resumed>) = 4 [pid 676] <... symlink resumed>) = 0 [pid 676] write(1, "executing program\n", 18 executing program [pid 675] close(3 [pid 676] <... write resumed>) = 18 [pid 676] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 676] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 676] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 676] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 676] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 676] rt_sigprocmask(SIG_BLOCK, ~[], [pid 675] <... close resumed>) = 0 [pid 676] <... rt_sigprocmask resumed>[], 8) = 0 [pid 676] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[678]}, 88) = 678 [pid 676] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 676] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 676] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 675] symlink("/dev/binderfs", "./binderfs"./strace-static-x86_64: Process 678 attached [pid 678] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 678] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 678] memfd_create("syzkaller", 0) = 3 [pid 678] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 675] <... symlink resumed>) = 0 [pid 675] write(1, "executing program\n", 18./strace-static-x86_64: Process 677 attached executing program ) = 18 [pid 677] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 675] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 677] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 675] <... futex resumed>) = 0 [pid 677] memfd_create("syzkaller", 0 [pid 675] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 677] <... memfd_create resumed>) = 3 [pid 675] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 677] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 675] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 677] <... mmap resumed>) = 0x7f5376fec000 [pid 675] <... mmap resumed>) = 0x7f537f3ec000 [pid 675] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 675] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 675] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[679]}, 88) = 679 [pid 675] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 675] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 675] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 679 attached [pid 679] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 679] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 679] memfd_create("syzkaller", 0) = 3 [pid 679] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 671] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 673] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 677] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 671] <... write resumed>) = 20699119 [pid 679] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 678] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 671] munmap(0x7f5376fec000, 138412032) = 0 [pid 671] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 671] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 671] close(3) = 0 [pid 671] close(4) = 0 [pid 671] mkdir("./file0", 0777) = 0 [pid 671] mount("/dev/loop4", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 679] <... write resumed>) = 20699119 [pid 679] munmap(0x7f5376fec000, 138412032) = 0 [pid 679] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [ 50.096063][ T671] F2FS-fs (loop4): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 50.126437][ T671] F2FS-fs (loop4): Found nat_bits in checkpoint [pid 679] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 679] close(3) = 0 [pid 679] close(4 [pid 673] <... write resumed>) = 20699119 [pid 673] munmap(0x7f5376fec000, 138412032) = 0 [pid 673] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 677] <... write resumed>) = 20699119 [pid 677] munmap(0x7f5376fec000, 138412032) = 0 [pid 677] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 679] <... close resumed>) = 0 [pid 677] <... openat resumed>) = 4 [pid 673] <... openat resumed>) = 4 [pid 679] mkdir("./file0", 0777 [pid 677] ioctl(4, LOOP_SET_FD, 3 [pid 673] ioctl(4, LOOP_SET_FD, 3 [pid 679] <... mkdir resumed>) = 0 [pid 679] mount("/dev/loop3", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 678] <... write resumed>) = 20699119 [pid 678] munmap(0x7f5376fec000, 138412032) = 0 [pid 678] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 671] <... mount resumed>) = 0 [pid 671] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 671] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 677] <... ioctl resumed>) = 0 [pid 673] <... ioctl resumed>) = 0 [pid 677] close(3 [pid 673] close(3 [pid 677] <... close resumed>) = 0 [pid 673] <... close resumed>) = 0 [pid 677] close(4 [pid 673] close(4 [pid 677] <... close resumed>) = 0 [pid 678] <... openat resumed>) = 4 [pid 671] <... openat resumed>) = 4 [pid 671] ioctl(4, LOOP_CLR_FD) = 0 [pid 671] close(4) = 0 [pid 671] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 670] <... futex resumed>) = 0 [pid 670] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 670] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 671] <... futex resumed>) = 1 [pid 671] fspick(AT_FDCWD, "./file0", 0 [pid 677] mkdir("./file0", 0777 [pid 671] <... fspick resumed>) = 4 [pid 671] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 670] <... futex resumed>) = 0 [pid 670] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 670] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 671] <... futex resumed>) = 1 [pid 671] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 677] <... mkdir resumed>) = 0 [pid 678] ioctl(4, LOOP_SET_FD, 3 [ 50.222339][ T671] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0 [ 50.229470][ T671] F2FS-fs (loop4): Cannot turn on quotas: -2 on 1 [ 50.238141][ T671] F2FS-fs (loop4): Cannot turn on quotas: -2 on 2 [ 50.246081][ T671] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [pid 677] mount("/dev/loop0", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 671] <... fsconfig resumed>) = 0 [pid 671] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 670] <... futex resumed>) = 0 [pid 670] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 670] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 671] openat(AT_FDCWD, "./file0", O_RDONLY) = 5 [pid 671] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 670] <... futex resumed>) = 0 [pid 670] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 670] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 671] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140) = 0 [pid 671] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 670] <... futex resumed>) = 0 [pid 670] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 670] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 671] prlimit64(0, RLIMIT_RTPRIO, NULL, NULL) = 0 [pid 671] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 670] <... futex resumed>) = 0 [pid 670] exit_group(0) = ? [pid 671] +++ exited with 0 +++ [pid 670] +++ exited with 0 +++ [pid 311] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=670, si_uid=0, si_status=0, si_utime=3, si_stime=15} --- [pid 311] umount2("./10", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 311] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 311] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 311] umount2("./10/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] newfstatat(AT_FDCWD, "./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 311] unlink("./10/binderfs") = 0 [pid 311] umount2("./10/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 673] <... close resumed>) = 0 [pid 673] mkdir("./file0", 0777) = 0 [pid 673] mount("/dev/loop1", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 678] <... ioctl resumed>) = 0 [pid 678] close(3) = 0 [ 50.303530][ T679] F2FS-fs (loop3): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 50.317097][ T679] F2FS-fs (loop3): Found nat_bits in checkpoint [ 50.342309][ T673] F2FS-fs (loop1): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 678] close(4 [pid 679] <... mount resumed>) = 0 [pid 679] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [ 50.357456][ T673] F2FS-fs (loop1): Found nat_bits in checkpoint [ 50.360721][ T679] F2FS-fs (loop3): Cannot turn on quotas: -2 on 0 [ 50.371123][ T679] F2FS-fs (loop3): Cannot turn on quotas: -2 on 1 [ 50.378066][ T679] F2FS-fs (loop3): Cannot turn on quotas: -2 on 2 [ 50.386794][ T679] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [pid 679] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 673] <... mount resumed>) = 0 [pid 673] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 673] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 678] <... close resumed>) = 0 [pid 679] <... openat resumed>) = 4 [pid 678] mkdir("./file0", 0777 [pid 679] ioctl(4, LOOP_CLR_FD [pid 678] <... mkdir resumed>) = 0 [ 50.405450][ T673] F2FS-fs (loop1): Cannot turn on quotas: -2 on 0 [ 50.412113][ T673] F2FS-fs (loop1): Cannot turn on quotas: -2 on 1 [ 50.419090][ T673] F2FS-fs (loop1): Cannot turn on quotas: -2 on 2 [ 50.426776][ T673] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 50.427994][ T677] F2FS-fs (loop0): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 678] mount("/dev/loop2", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 311] <... umount2 resumed>) = 0 [pid 311] umount2("./10/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] newfstatat(AT_FDCWD, "./10/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 311] umount2("./10/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 311] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 311] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 311] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 311] close(4) = 0 [pid 311] rmdir("./10/file0") = 0 [pid 311] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 311] close(3) = 0 [pid 311] rmdir("./10") = 0 [pid 311] mkdir("./11", 0777) = 0 [ 50.454326][ T677] F2FS-fs (loop0): Found nat_bits in checkpoint [pid 311] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 679] <... ioctl resumed>) = 0 [pid 673] <... openat resumed>) = 4 [pid 673] ioctl(4, LOOP_CLR_FD [pid 679] close(4) = 0 [pid 673] <... ioctl resumed>) = 0 [pid 673] close(4 [pid 679] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 675] <... futex resumed>) = 0 [pid 673] <... close resumed>) = 0 [pid 679] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 675] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 675] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 679] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 673] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 679] fspick(AT_FDCWD, "./file0", 0 [pid 672] <... futex resumed>) = 0 [pid 672] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 672] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 679] <... fspick resumed>) = 4 [pid 673] fspick(AT_FDCWD, "./file0", 0 [pid 679] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 673] <... fspick resumed>) = 4 [pid 311] <... openat resumed>) = 3 [pid 311] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 311] close(3) = 0 [pid 311] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 679] <... futex resumed>) = 1 [pid 675] <... futex resumed>) = 0 [pid 673] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 675] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 675] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 679] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 673] <... futex resumed>) = 1 [pid 672] <... futex resumed>) = 0 [pid 673] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 672] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 673] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 672] <... futex resumed>) = 0 [pid 673] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 672] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 311] <... clone resumed>, child_tidptr=0x55555b716750) = 699 ./strace-static-x86_64: Process 699 attached [pid 699] set_robust_list(0x55555b716760, 24) = 0 [pid 699] chdir("./11") = 0 [pid 699] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 699] setpgid(0, 0) = 0 [pid 699] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 699] write(3, "1000", 4) = 4 [pid 699] close(3) = 0 [pid 699] symlink("/dev/binderfs", "./binderfs") = 0 [pid 699] write(1, "executing program\n", 18executing program ) = 18 [pid 699] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 699] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 699] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 699] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 699] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 699] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [ 50.503096][ T678] F2FS-fs (loop2): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 50.520270][ T677] F2FS-fs (loop0): Cannot turn on quotas: -2 on 0 [pid 699] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[702]}, 88) = 702 [pid 699] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 699] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 699] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 679] <... fsconfig resumed>) = 0 [pid 679] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 675] <... futex resumed>) = 0 [pid 679] openat(AT_FDCWD, "./file0", O_RDONLY [pid 675] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 679] <... openat resumed>) = 5 [pid 675] <... futex resumed>) = 0 [pid 679] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 675] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 679] <... futex resumed>) = 0 [pid 675] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 679] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 675] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 675] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 702 attached [pid 702] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 702] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 679] <... ioctl resumed>) = 0 [pid 679] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 675] <... futex resumed>) = 0 [pid 679] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 675] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 679] <... prlimit64 resumed>NULL) = 0 [pid 675] <... futex resumed>) = 0 [pid 679] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 675] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 679] <... futex resumed>) = 0 [pid 675] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 679] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 675] exit_group(0 [pid 679] <... futex resumed>) = ? [pid 675] <... exit_group resumed>) = ? [pid 679] +++ exited with 0 +++ [pid 675] +++ exited with 0 +++ [pid 310] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=675, si_uid=0, si_status=0, si_utime=3, si_stime=17} --- [pid 310] restart_syscall(<... resuming interrupted clone ...> [pid 702] memfd_create("syzkaller", 0) = 3 [pid 702] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 673] <... fsconfig resumed>) = 0 [pid 673] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 672] <... futex resumed>) = 0 [pid 673] openat(AT_FDCWD, "./file0", O_RDONLY [pid 672] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 673] <... openat resumed>) = 5 [pid 672] <... futex resumed>) = 0 [pid 673] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 672] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 673] <... futex resumed>) = 0 [pid 672] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 673] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 672] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 672] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 673] <... ioctl resumed>) = 0 [pid 673] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 672] <... futex resumed>) = 0 [pid 673] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 672] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 673] <... prlimit64 resumed>NULL) = 0 [pid 672] <... futex resumed>) = 0 [pid 310] <... restart_syscall resumed>) = 0 [pid 673] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 672] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 673] <... futex resumed>) = 0 [pid 672] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 673] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 672] exit_group(0 [pid 310] umount2("./10", MNT_FORCE|UMOUNT_NOFOLLOW [pid 673] <... futex resumed>) = ? [pid 672] <... exit_group resumed>) = ? [pid 310] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 673] +++ exited with 0 +++ [pid 672] +++ exited with 0 +++ [pid 310] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 310] newfstatat(3, "", [pid 308] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=672, si_uid=0, si_status=0, si_utime=6, si_stime=19} --- [pid 310] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 308] restart_syscall(<... resuming interrupted clone ...> [pid 310] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 310] umount2("./10/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] newfstatat(AT_FDCWD, "./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 310] unlink("./10/binderfs") = 0 [pid 310] umount2("./10/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 308] <... restart_syscall resumed>) = 0 [pid 308] umount2("./10", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 308] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 308] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 308] umount2("./10/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] newfstatat(AT_FDCWD, "./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 308] unlink("./10/binderfs") = 0 [ 50.545826][ T677] F2FS-fs (loop0): Cannot turn on quotas: -2 on 1 [ 50.554555][ T678] F2FS-fs (loop2): Found nat_bits in checkpoint [pid 308] umount2("./10/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 677] <... mount resumed>) = 0 [pid 678] <... mount resumed>) = 0 [pid 677] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 678] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 677] <... openat resumed>) = 3 [pid 678] openat(AT_FDCWD, "/dev/loop2", O_RDWR [ 50.590269][ T677] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2 [ 50.598145][ T678] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0 [ 50.604713][ T678] F2FS-fs (loop2): Cannot turn on quotas: -2 on 1 [ 50.612453][ T677] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 50.612482][ T678] F2FS-fs (loop2): Cannot turn on quotas: -2 on 2 [ 50.628562][ T678] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [pid 677] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 678] <... openat resumed>) = 4 [pid 677] <... openat resumed>) = 4 [pid 678] ioctl(4, LOOP_CLR_FD [pid 677] ioctl(4, LOOP_CLR_FD [pid 678] <... ioctl resumed>) = 0 [pid 677] <... ioctl resumed>) = 0 [pid 678] close(4 [pid 677] close(4 [pid 702] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 678] <... close resumed>) = 0 [pid 677] <... close resumed>) = 0 [pid 678] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 677] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 678] <... futex resumed>) = 1 [pid 677] <... futex resumed>) = 1 [pid 676] <... futex resumed>) = 0 [pid 674] <... futex resumed>) = 0 [pid 676] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 678] fspick(AT_FDCWD, "./file0", 0 [pid 677] fspick(AT_FDCWD, "./file0", 0 [pid 676] <... futex resumed>) = 0 [pid 674] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 676] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 678] <... fspick resumed>) = 4 [pid 677] <... fspick resumed>) = 4 [pid 674] <... futex resumed>) = 0 [pid 678] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 677] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 674] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 678] <... futex resumed>) = 1 [pid 677] <... futex resumed>) = 0 [pid 676] <... futex resumed>) = 0 [pid 674] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 676] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 678] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 677] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 676] <... futex resumed>) = 0 [pid 674] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 676] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 674] <... futex resumed>) = 0 [pid 674] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 677] <... fsconfig resumed>) = 0 [pid 677] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 674] <... futex resumed>) = 0 [pid 677] openat(AT_FDCWD, "./file0", O_RDONLY [pid 674] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 677] <... openat resumed>) = 5 [pid 674] <... futex resumed>) = 0 [pid 677] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 674] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 677] <... futex resumed>) = 0 [pid 674] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 677] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 674] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 674] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 677] <... ioctl resumed>) = 0 [pid 677] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 674] <... futex resumed>) = 0 [pid 677] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 674] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 677] <... prlimit64 resumed>NULL) = 0 [pid 674] <... futex resumed>) = 0 [pid 677] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 674] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 677] <... futex resumed>) = 0 [pid 674] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 677] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 674] exit_group(0 [pid 677] <... futex resumed>) = ? [pid 674] <... exit_group resumed>) = ? [pid 677] +++ exited with 0 +++ [pid 674] +++ exited with 0 +++ [pid 307] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=674, si_uid=0, si_status=0, si_utime=7, si_stime=17} --- [pid 307] umount2("./10", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 307] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 307] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 307] umount2("./10/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] newfstatat(AT_FDCWD, "./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 307] unlink("./10/binderfs") = 0 [pid 307] umount2("./10/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 310] <... umount2 resumed>) = 0 [pid 310] umount2("./10/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] newfstatat(AT_FDCWD, "./10/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 310] umount2("./10/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 310] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 310] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 310] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 310] close(4) = 0 [pid 310] rmdir("./10/file0") = 0 [pid 310] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 310] close(3) = 0 [pid 310] rmdir("./10") = 0 [pid 310] mkdir("./11", 0777) = 0 [pid 310] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 310] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 310] close(3) = 0 [pid 310] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 708 ./strace-static-x86_64: Process 708 attached [pid 678] <... fsconfig resumed>) = 0 [pid 678] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 676] <... futex resumed>) = 0 [pid 708] set_robust_list(0x55555b716760, 24 [pid 678] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 676] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 708] <... set_robust_list resumed>) = 0 [pid 678] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 676] <... futex resumed>) = 0 [pid 678] openat(AT_FDCWD, "./file0", O_RDONLY [pid 708] chdir("./11" [pid 678] <... openat resumed>) = 5 [pid 676] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 708] <... chdir resumed>) = 0 [pid 678] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 676] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 708] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 678] <... futex resumed>) = 0 [pid 676] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 708] <... prctl resumed>) = 0 [pid 678] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 676] <... futex resumed>) = 0 [pid 708] setpgid(0, 0 [pid 676] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 708] <... setpgid resumed>) = 0 [pid 708] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 708] write(3, "1000", 4) = 4 [pid 708] close(3) = 0 [pid 708] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 678] <... ioctl resumed>) = 0 [pid 708] write(1, "executing program\n", 18 [pid 678] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 708] <... write resumed>) = 18 [pid 678] <... futex resumed>) = 1 [pid 676] <... futex resumed>) = 0 [pid 708] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 678] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 676] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 708] <... futex resumed>) = 0 [pid 678] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 676] <... futex resumed>) = 0 [pid 708] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, [pid 678] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 676] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 708] <... rt_sigaction resumed>NULL, 8) = 0 [pid 678] <... prlimit64 resumed>NULL) = 0 [pid 708] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 678] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 708] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 678] <... futex resumed>) = 1 [pid 676] <... futex resumed>) = 0 [pid 708] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 678] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 676] exit_group(0 [pid 708] <... mmap resumed>) = 0x7f537f3ec000 [pid 676] <... exit_group resumed>) = ? [pid 678] <... futex resumed>) = ? [pid 708] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE [pid 678] +++ exited with 0 +++ [pid 676] +++ exited with 0 +++ [pid 309] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=676, si_uid=0, si_status=0, si_utime=4, si_stime=17} --- [pid 708] <... mprotect resumed>) = 0 [pid 309] restart_syscall(<... resuming interrupted clone ...> [pid 708] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 708] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[709]}, 88) = 709 [pid 309] <... restart_syscall resumed>) = 0 [pid 708] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 708] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 309] umount2("./9", MNT_FORCE|UMOUNT_NOFOLLOW [pid 708] <... futex resumed>) = 0 [pid 309] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 309] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 708] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 309] <... openat resumed>) = 3 [pid 309] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 309] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 309] umount2("./9/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] newfstatat(AT_FDCWD, "./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 309] unlink("./9/binderfs") = 0 [pid 309] umount2("./9/file0", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 709 attached [pid 709] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 709] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 709] memfd_create("syzkaller", 0) = 3 [pid 709] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 702] <... write resumed>) = 20699119 [pid 702] munmap(0x7f5376fec000, 138412032) = 0 [pid 702] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 308] <... umount2 resumed>) = 0 [pid 702] <... openat resumed>) = 4 [pid 702] ioctl(4, LOOP_SET_FD, 3 [pid 709] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 702] <... ioctl resumed>) = 0 [pid 702] close(3) = 0 [pid 702] close(4) = 0 [pid 702] mkdir("./file0", 0777) = 0 [pid 702] mount("/dev/loop4", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 308] umount2("./10/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] newfstatat(AT_FDCWD, "./10/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 308] umount2("./10/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 308] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 308] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 308] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 308] close(4) = 0 [pid 308] rmdir("./10/file0") = 0 [pid 308] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 308] close(3) = 0 [pid 308] rmdir("./10") = 0 [pid 308] mkdir("./11", 0777) = 0 [pid 308] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 308] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 308] close(3) = 0 [pid 308] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 713 ./strace-static-x86_64: Process 713 attached [pid 713] set_robust_list(0x55555b716760, 24) = 0 [pid 713] chdir("./11") = 0 [pid 713] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 713] setpgid(0, 0) = 0 [pid 713] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 713] write(3, "1000", 4) = 4 [pid 713] close(3) = 0 [pid 713] symlink("/dev/binderfs", "./binderfs") = 0 [pid 713] write(1, "executing program\n", 18executing program ) = 18 [pid 713] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 713] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 713] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 713] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 713] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 713] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 713] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[714]}, 88) = 714 [pid 713] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 713] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 713] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 714 attached [pid 714] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 714] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 714] memfd_create("syzkaller", 0) = 3 [pid 714] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 309] <... umount2 resumed>) = 0 [pid 309] umount2("./9/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] newfstatat(AT_FDCWD, "./9/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 309] umount2("./9/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 309] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 309] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 309] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 309] close(4) = 0 [pid 309] rmdir("./9/file0") = 0 [pid 309] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 309] close(3) = 0 [pid 309] rmdir("./9") = 0 [pid 309] mkdir("./10", 0777) = 0 [pid 309] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 309] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 50.855627][ T702] F2FS-fs (loop4): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 50.892078][ T702] F2FS-fs (loop4): Found nat_bits in checkpoint [pid 309] close(3) = 0 [pid 309] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 715 [pid 307] <... umount2 resumed>) = 0 [pid 307] umount2("./10/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] newfstatat(AT_FDCWD, "./10/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 307] umount2("./10/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 307] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 307] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 307] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 307] close(4) = 0 [pid 307] rmdir("./10/file0") = 0 [pid 307] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 307] close(3) = 0 [pid 307] rmdir("./10") = 0 [pid 307] mkdir("./11", 0777) = 0 [pid 307] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 307] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 307] close(3) = 0 [pid 307] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 716 ./strace-static-x86_64: Process 715 attached [pid 715] set_robust_list(0x55555b716760, 24) = 0 [pid 715] chdir("./10"./strace-static-x86_64: Process 716 attached [pid 716] set_robust_list(0x55555b716760, 24) = 0 [pid 716] chdir("./11" [pid 715] <... chdir resumed>) = 0 [pid 715] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 715] setpgid(0, 0) = 0 [pid 715] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 715] write(3, "1000", 4) = 4 [pid 715] close(3) = 0 [pid 715] symlink("/dev/binderfs", "./binderfs") = 0 [pid 716] <... chdir resumed>) = 0 [pid 716] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 716] setpgid(0, 0) = 0 [pid 702] <... mount resumed>) = 0 [pid 716] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 702] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 716] <... openat resumed>) = 3 [pid 702] <... openat resumed>) = 3 [pid 716] write(3, "1000", 4) = 4 [pid 702] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 716] close(3) = 0 [pid 716] symlink("/dev/binderfs", "./binderfs" [pid 702] <... openat resumed>) = 4 executing program [pid 716] <... symlink resumed>) = 0 [pid 702] ioctl(4, LOOP_CLR_FD [pid 716] write(1, "executing program\n", 18) = 18 [pid 702] <... ioctl resumed>) = 0 [pid 716] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 702] close(4 [pid 716] <... futex resumed>) = 0 [pid 716] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, [pid 702] <... close resumed>) = 0 [pid 716] <... rt_sigaction resumed>NULL, 8) = 0 [pid 716] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 702] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 716] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 702] <... futex resumed>) = 1 [pid 716] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 702] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 716] <... mmap resumed>) = 0x7f537f3ec000 [pid 716] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE [pid 699] <... futex resumed>) = 0 [pid 716] <... mprotect resumed>) = 0 [pid 699] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 699] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 716] rt_sigprocmask(SIG_BLOCK, ~[], [pid 702] <... futex resumed>) = 0 [pid 716] <... rt_sigprocmask resumed>[], 8) = 0 [pid 702] fspick(AT_FDCWD, "./file0", 0 [pid 716] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} [pid 702] <... fspick resumed>) = 4 [pid 716] <... clone3 resumed> => {parent_tid=[717]}, 88) = 717 [pid 702] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 716] rt_sigprocmask(SIG_SETMASK, [], [pid 702] <... futex resumed>) = 1 [pid 716] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 699] <... futex resumed>) = 0 [pid 716] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 702] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 699] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 716] <... futex resumed>) = 0 [pid 702] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 699] <... futex resumed>) = 0 [pid 716] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 702] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 699] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 715] write(1, "executing program\n", 18executing program ) = 18 [pid 715] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 715] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 715] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 715] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 715] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 715] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 715] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[719]}, 88) = 719 [pid 715] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 715] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 715] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 717 attached [pid 717] set_robust_list(0x7f537f40c9a0, 24./strace-static-x86_64: Process 719 attached [pid 719] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 719] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 719] memfd_create("syzkaller", 0) = 3 [pid 719] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 717] <... set_robust_list resumed>) = 0 [pid 717] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 717] memfd_create("syzkaller", 0) = 3 [pid 717] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 702] <... fsconfig resumed>) = 0 [pid 702] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 699] <... futex resumed>) = 0 [pid 702] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 699] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 702] <... futex resumed>) = 0 [pid 702] openat(AT_FDCWD, "./file0", O_RDONLY [pid 699] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 702] <... openat resumed>) = 5 [pid 702] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 702] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 699] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 699] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 702] <... futex resumed>) = 0 [pid 699] <... futex resumed>) = 1 [pid 702] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 699] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 702] <... ioctl resumed>) = 0 [pid 702] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 699] <... futex resumed>) = 0 [pid 702] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 699] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 702] prlimit64(0, RLIMIT_RTPRIO, NULL, NULL) = 0 [pid 699] <... futex resumed>) = 0 [pid 702] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 699] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 702] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 699] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 699] exit_group(0) = ? [pid 702] <... futex resumed>) = ? [pid 702] +++ exited with 0 +++ [pid 699] +++ exited with 0 +++ [pid 311] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=699, si_uid=0, si_status=0, si_utime=7, si_stime=19} --- [pid 311] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 311] umount2("./11", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 311] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 311] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 311] umount2("./11/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] newfstatat(AT_FDCWD, "./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 311] unlink("./11/binderfs") = 0 [ 50.950095][ T702] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0 [ 50.957096][ T702] F2FS-fs (loop4): Cannot turn on quotas: -2 on 1 [ 50.963923][ T702] F2FS-fs (loop4): Cannot turn on quotas: -2 on 2 [ 50.970653][ T702] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [pid 311] umount2("./11/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 709] <... write resumed>) = 20699119 [pid 709] munmap(0x7f5376fec000, 138412032) = 0 [pid 709] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 709] ioctl(4, LOOP_SET_FD, 3 [pid 714] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 709] <... ioctl resumed>) = 0 [pid 709] close(3) = 0 [pid 709] close(4) = 0 [pid 709] mkdir("./file0", 0777) = 0 [pid 709] mount("/dev/loop3", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [ 51.126193][ T709] F2FS-fs (loop3): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 51.156598][ T709] F2FS-fs (loop3): Found nat_bits in checkpoint [pid 717] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 311] <... umount2 resumed>) = 0 [pid 719] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 311] umount2("./11/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] newfstatat(AT_FDCWD, "./11/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 311] umount2("./11/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 311] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 311] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 311] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 311] close(4) = 0 [pid 311] rmdir("./11/file0" [pid 709] <... mount resumed>) = 0 [pid 311] <... rmdir resumed>) = 0 [pid 311] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 311] close(3) = 0 [pid 311] rmdir("./11" [pid 709] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 311] <... rmdir resumed>) = 0 [pid 311] mkdir("./12", 0777 [pid 709] <... openat resumed>) = 3 [pid 311] <... mkdir resumed>) = 0 [pid 311] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 311] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 311] close(3 [pid 709] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 709] ioctl(4, LOOP_CLR_FD) = 0 [pid 709] close(4) = 0 [pid 709] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 709] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 708] <... futex resumed>) = 0 [pid 311] <... close resumed>) = 0 [pid 708] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 311] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 708] <... futex resumed>) = 1 [pid 708] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 709] <... futex resumed>) = 0 [pid 709] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 709] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 708] <... futex resumed>) = 0 [pid 311] <... clone resumed>, child_tidptr=0x55555b716750) = 725 [pid 708] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 708] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 709] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0./strace-static-x86_64: Process 725 attached ) = 0 [pid 709] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 708] <... futex resumed>) = 0 [pid 725] set_robust_list(0x55555b716760, 24 [pid 708] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 725] <... set_robust_list resumed>) = 0 [pid 709] openat(AT_FDCWD, "./file0", O_RDONLY [pid 708] <... futex resumed>) = 0 [pid 725] chdir("./12" [pid 709] <... openat resumed>) = 5 [pid 708] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 725] <... chdir resumed>) = 0 [pid 709] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 725] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 709] <... futex resumed>) = 1 [pid 708] <... futex resumed>) = 0 [pid 708] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 725] <... prctl resumed>) = 0 [pid 708] <... futex resumed>) = 0 [pid 725] setpgid(0, 0 [pid 709] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 708] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 725] <... setpgid resumed>) = 0 [pid 709] <... ioctl resumed>) = 0 [pid 725] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 709] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 725] <... openat resumed>) = 3 [pid 709] <... futex resumed>) = 1 [pid 708] <... futex resumed>) = 0 [pid 708] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 725] write(3, "1000", 4 [pid 708] <... futex resumed>) = 0 [pid 725] <... write resumed>) = 4 [pid 709] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 708] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 725] close(3) = 0 [pid 709] <... prlimit64 resumed>NULL) = 0 [pid 725] symlink("/dev/binderfs", "./binderfs" [pid 709] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 708] <... futex resumed>) = 0 [pid 725] <... symlink resumed>) = 0 [pid 708] exit_group(0 [pid 725] write(1, "executing program\n", 18 [pid 708] <... exit_group resumed>) = ? executing program [pid 725] <... write resumed>) = 18 [pid 725] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 709] +++ exited with 0 +++ [pid 708] +++ exited with 0 +++ [pid 725] <... futex resumed>) = 0 [pid 725] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, [pid 310] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=708, si_uid=0, si_status=0, si_utime=5, si_stime=15} --- [pid 725] <... rt_sigaction resumed>NULL, 8) = 0 [pid 310] restart_syscall(<... resuming interrupted clone ...> [pid 725] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 725] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 725] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 725] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 725] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[728]}, 88) = 728 [pid 725] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 725] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 725] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 310] <... restart_syscall resumed>) = 0 [pid 310] umount2("./11", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 310] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 310] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 310] umount2("./11/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] newfstatat(AT_FDCWD, "./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 310] unlink("./11/binderfs") = 0 [ 51.202203][ T709] F2FS-fs (loop3): Cannot turn on quotas: -2 on 0 [ 51.209598][ T709] F2FS-fs (loop3): Cannot turn on quotas: -2 on 1 [ 51.217236][ T709] F2FS-fs (loop3): Cannot turn on quotas: -2 on 2 [ 51.225450][ T709] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [pid 310] umount2("./11/file0", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 728 attached [pid 728] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 728] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 728] memfd_create("syzkaller", 0) = 3 [pid 728] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 717] <... write resumed>) = 20699119 [pid 717] munmap(0x7f5376fec000, 138412032) = 0 [pid 717] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 717] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 717] close(3) = 0 [pid 717] close(4 [pid 714] <... write resumed>) = 20699119 [pid 714] munmap(0x7f5376fec000, 138412032) = 0 [pid 714] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 717] <... close resumed>) = 0 [pid 717] mkdir("./file0", 0777) = 0 [pid 717] mount("/dev/loop0", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 714] <... openat resumed>) = 4 [pid 714] ioctl(4, LOOP_SET_FD, 3 [pid 728] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 714] <... ioctl resumed>) = 0 [pid 714] close(3) = 0 [pid 714] close(4) = 0 [pid 714] mkdir("./file0", 0777) = 0 [pid 714] mount("/dev/loop1", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 719] <... write resumed>) = 20699119 [pid 719] munmap(0x7f5376fec000, 138412032) = 0 [pid 719] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 719] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 719] close(3) = 0 [pid 719] close(4) = 0 [pid 719] mkdir("./file0", 0777) = 0 [ 51.392716][ T717] F2FS-fs (loop0): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 51.419807][ T717] F2FS-fs (loop0): Found nat_bits in checkpoint [ 51.424350][ T714] F2FS-fs (loop1): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 719] mount("/dev/loop2", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 310] <... umount2 resumed>) = 0 [pid 310] umount2("./11/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] newfstatat(AT_FDCWD, "./11/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 310] umount2("./11/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 310] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 310] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [ 51.465904][ T719] F2FS-fs (loop2): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 51.475672][ T714] F2FS-fs (loop1): Found nat_bits in checkpoint [ 51.496760][ T717] F2FS-fs (loop0): Cannot turn on quotas: -2 on 0 [ 51.506849][ T719] F2FS-fs (loop2): Found nat_bits in checkpoint [pid 310] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 310] close(4) = 0 [pid 310] rmdir("./11/file0") = 0 [pid 310] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 310] close(3) = 0 [pid 310] rmdir("./11") = 0 [pid 310] mkdir("./12", 0777) = 0 [pid 310] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 310] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 310] close(3) = 0 [pid 310] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 738 [pid 717] <... mount resumed>) = 0 [pid 717] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 717] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 717] ioctl(4, LOOP_CLR_FD) = 0 [pid 717] close(4) = 0 [pid 717] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 717] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 716] <... futex resumed>) = 0 [pid 716] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 716] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 738 attached [pid 717] <... futex resumed>) = 0 [pid 717] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 717] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 738] set_robust_list(0x55555b716760, 24 [pid 717] <... futex resumed>) = 1 [pid 716] <... futex resumed>) = 0 [pid 738] <... set_robust_list resumed>) = 0 [pid 717] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 716] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 738] chdir("./12" [pid 717] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 716] <... futex resumed>) = 0 [pid 738] <... chdir resumed>) = 0 [pid 717] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 716] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 738] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 738] setpgid(0, 0) = 0 [pid 738] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 738] write(3, "1000", 4) = 4 [pid 738] close(3) = 0 [pid 738] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 738] write(1, "executing program\n", 18) = 18 [pid 738] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 738] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 738] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 738] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 738] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 738] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 738] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[741]}, 88) = 741 [pid 738] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 738] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 51.507397][ T717] F2FS-fs (loop0): Cannot turn on quotas: -2 on 1 [ 51.521933][ T717] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2 [ 51.531342][ T717] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [pid 738] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 741 attached [pid 717] <... fsconfig resumed>) = 0 [pid 717] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 716] <... futex resumed>) = 0 [pid 741] set_robust_list(0x7f537f40c9a0, 24 [pid 716] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 741] <... set_robust_list resumed>) = 0 [pid 717] openat(AT_FDCWD, "./file0", O_RDONLY [pid 716] <... futex resumed>) = 0 [pid 741] rt_sigprocmask(SIG_SETMASK, [], [pid 717] <... openat resumed>) = 5 [pid 716] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 741] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 717] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 741] memfd_create("syzkaller", 0 [pid 717] <... futex resumed>) = 1 [pid 716] <... futex resumed>) = 0 [pid 741] <... memfd_create resumed>) = 3 [pid 716] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 741] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 717] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 716] <... futex resumed>) = 0 [pid 741] <... mmap resumed>) = 0x7f5376fec000 [pid 716] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 717] <... ioctl resumed>) = 0 [pid 717] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 716] <... futex resumed>) = 0 [pid 717] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 716] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 717] <... prlimit64 resumed>NULL) = 0 [pid 716] <... futex resumed>) = 0 [pid 717] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 716] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 717] <... futex resumed>) = 0 [pid 716] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 717] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 716] exit_group(0) = ? [pid 717] <... futex resumed>) = ? [pid 717] +++ exited with 0 +++ [pid 716] +++ exited with 0 +++ [pid 307] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=716, si_uid=0, si_status=0, si_utime=5, si_stime=16} --- [pid 307] umount2("./11", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 307] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 307] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 307] umount2("./11/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] newfstatat(AT_FDCWD, "./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 307] unlink("./11/binderfs") = 0 [pid 307] umount2("./11/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 719] <... mount resumed>) = 0 [pid 719] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 728] <... write resumed>) = 20699119 [pid 719] <... openat resumed>) = 3 [pid 719] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 719] ioctl(4, LOOP_CLR_FD) = 0 [pid 719] close(4) = 0 [pid 719] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 715] <... futex resumed>) = 0 [pid 715] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 715] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 719] <... futex resumed>) = 1 [pid 719] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 719] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 715] <... futex resumed>) = 0 [pid 715] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 715] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 719] <... futex resumed>) = 1 [pid 719] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 728] munmap(0x7f5376fec000, 138412032) = 0 [pid 728] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 51.607588][ T719] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0 [ 51.614646][ T719] F2FS-fs (loop2): Cannot turn on quotas: -2 on 1 [ 51.619501][ T714] F2FS-fs (loop1): Cannot turn on quotas: -2 on 0 [ 51.621503][ T719] F2FS-fs (loop2): Cannot turn on quotas: -2 on 2 [ 51.634962][ T719] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 51.639410][ T714] F2FS-fs (loop1): Cannot turn on quotas: -2 on 1 [pid 728] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 728] close(3) = 0 [pid 728] close(4 [pid 719] <... fsconfig resumed>) = 0 [pid 719] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 715] <... futex resumed>) = 0 [pid 719] openat(AT_FDCWD, "./file0", O_RDONLY [pid 715] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 719] <... openat resumed>) = 5 [pid 715] <... futex resumed>) = 0 [pid 719] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 715] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 719] <... futex resumed>) = 0 [pid 715] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 719] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 715] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 715] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 719] <... ioctl resumed>) = 0 [pid 719] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 715] <... futex resumed>) = 0 [pid 719] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 715] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 719] <... prlimit64 resumed>NULL) = 0 [pid 715] <... futex resumed>) = 0 [pid 719] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 715] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 719] <... futex resumed>) = 0 [pid 715] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 719] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 715] exit_group(0 [pid 719] <... futex resumed>) = ? [pid 715] <... exit_group resumed>) = ? [pid 719] +++ exited with 0 +++ [pid 715] +++ exited with 0 +++ [pid 309] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=715, si_uid=0, si_status=0, si_utime=4, si_stime=16} --- [pid 309] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 309] umount2("./10", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 309] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 309] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 309] umount2("./10/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] newfstatat(AT_FDCWD, "./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 309] unlink("./10/binderfs") = 0 [pid 309] umount2("./10/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 741] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 714] <... mount resumed>) = 0 [pid 714] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 714] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 728] <... close resumed>) = 0 [pid 728] mkdir("./file0", 0777) = 0 [pid 728] mount("/dev/loop4", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 307] <... umount2 resumed>) = 0 [pid 307] umount2("./11/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] newfstatat(AT_FDCWD, "./11/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 307] umount2("./11/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 307] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 307] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 307] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 307] close(4) = 0 [pid 307] rmdir("./11/file0") = 0 [pid 307] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 307] close(3) = 0 [pid 307] rmdir("./11") = 0 [pid 307] mkdir("./12", 0777) = 0 [ 51.669405][ T714] F2FS-fs (loop1): Cannot turn on quotas: -2 on 2 [ 51.689307][ T714] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [pid 307] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 714] <... openat resumed>) = 4 [pid 714] ioctl(4, LOOP_CLR_FD) = 0 [pid 714] close(4) = 0 [pid 714] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 713] <... futex resumed>) = 0 [pid 714] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 713] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 714] <... futex resumed>) = 0 [pid 713] <... futex resumed>) = 1 [pid 714] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 713] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 714] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 713] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 714] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 713] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 714] <... futex resumed>) = 0 [pid 713] <... futex resumed>) = 1 [pid 714] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 713] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 741] <... write resumed>) = 20699119 [pid 307] <... openat resumed>) = 3 [pid 741] munmap(0x7f5376fec000, 138412032 [pid 307] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 307] close(3) = 0 [pid 307] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 747 [pid 741] <... munmap resumed>) = 0 [pid 741] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 741] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 747 attached [pid 747] set_robust_list(0x55555b716760, 24) = 0 [pid 747] chdir("./12") = 0 [pid 747] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 747] setpgid(0, 0) = 0 [pid 747] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 747] write(3, "1000", 4) = 4 [pid 747] close(3) = 0 [pid 747] symlink("/dev/binderfs", "./binderfs") = 0 [pid 747] write(1, "executing program\n", 18executing program ) = 18 [pid 747] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 747] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 747] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 747] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 747] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 747] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 747] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[751]}, 88) = 751 [pid 741] <... ioctl resumed>) = 0 [pid 741] close(3) = 0 [pid 741] close(4 [pid 747] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 747] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 747] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 751 attached [pid 714] <... fsconfig resumed>) = 0 [pid 751] set_robust_list(0x7f537f40c9a0, 24 [pid 714] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 713] <... futex resumed>) = 0 [pid 713] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 714] openat(AT_FDCWD, "./file0", O_RDONLY [pid 713] <... futex resumed>) = 0 [pid 713] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 714] <... openat resumed>) = 5 [pid 751] <... set_robust_list resumed>) = 0 [pid 751] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [ 51.772345][ T728] F2FS-fs (loop4): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 751] memfd_create("syzkaller", 0) = 3 [pid 751] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 714] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 714] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 713] <... futex resumed>) = 0 [pid 713] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 714] <... futex resumed>) = 0 [pid 713] <... futex resumed>) = 1 [pid 714] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 713] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 714] <... ioctl resumed>) = 0 [pid 714] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 714] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 713] <... futex resumed>) = 0 [pid 713] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 714] <... futex resumed>) = 0 [pid 714] prlimit64(0, RLIMIT_RTPRIO, NULL, NULL) = 0 [pid 713] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 714] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 713] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 714] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 713] exit_group(0 [pid 714] <... futex resumed>) = ? [pid 713] <... exit_group resumed>) = ? [pid 714] +++ exited with 0 +++ [pid 713] +++ exited with 0 +++ [pid 308] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=713, si_uid=0, si_status=0, si_utime=8, si_stime=16} --- [pid 308] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 308] umount2("./11", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 308] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 308] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 308] umount2("./11/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] newfstatat(AT_FDCWD, "./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 308] unlink("./11/binderfs") = 0 [pid 308] umount2("./11/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 741] <... close resumed>) = 0 [pid 741] mkdir("./file0", 0777) = 0 [pid 741] mount("/dev/loop3", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 309] <... umount2 resumed>) = 0 [pid 309] umount2("./10/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] newfstatat(AT_FDCWD, "./10/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 309] umount2("./10/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 309] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 309] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 309] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 309] close(4) = 0 [pid 309] rmdir("./10/file0") = 0 [pid 309] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 309] close(3) = 0 [ 51.818604][ T728] F2FS-fs (loop4): Found nat_bits in checkpoint [ 51.856313][ T741] F2FS-fs (loop3): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 309] rmdir("./10") = 0 [pid 309] mkdir("./11", 0777) = 0 [pid 309] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 309] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 309] close(3) = 0 [pid 309] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 754 ./strace-static-x86_64: Process 754 attached [pid 754] set_robust_list(0x55555b716760, 24) = 0 [pid 754] chdir("./11") = 0 [pid 754] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 754] setpgid(0, 0) = 0 [pid 754] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 754] write(3, "1000", 4) = 4 [pid 754] close(3) = 0 [pid 754] symlink("/dev/binderfs", "./binderfs") = 0 [pid 754] write(1, "executing program\n", 18executing program ) = 18 [pid 754] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 754] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 754] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 754] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 754] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 754] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 754] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[755]}, 88) = 755 [pid 754] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 754] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 754] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 755 attached [pid 755] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 755] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [ 51.890336][ T741] F2FS-fs (loop3): Found nat_bits in checkpoint [ 51.921124][ T728] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0 [ 51.927457][ T728] F2FS-fs (loop4): Cannot turn on quotas: -2 on 1 [pid 755] memfd_create("syzkaller", 0) = 3 [pid 755] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 308] <... umount2 resumed>) = 0 [pid 308] umount2("./11/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] newfstatat(AT_FDCWD, "./11/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 308] umount2("./11/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 308] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 308] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 308] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 308] close(4) = 0 [pid 308] rmdir("./11/file0") = 0 [pid 308] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 308] close(3 [pid 751] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 308] <... close resumed>) = 0 [pid 308] rmdir("./11") = 0 [pid 308] mkdir("./12", 0777) = 0 [pid 308] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 308] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 308] close(3 [pid 728] <... mount resumed>) = 0 [pid 308] <... close resumed>) = 0 [pid 308] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 756 ./strace-static-x86_64: Process 756 attached [pid 756] set_robust_list(0x55555b716760, 24 [pid 728] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 756] <... set_robust_list resumed>) = 0 [pid 756] chdir("./12") = 0 [ 51.955422][ T728] F2FS-fs (loop4): Cannot turn on quotas: -2 on 2 [ 51.986576][ T728] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [pid 756] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 756] setpgid(0, 0) = 0 [pid 756] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 756] write(3, "1000", 4) = 4 [pid 756] close(3) = 0 [pid 756] symlink("/dev/binderfs", "./binderfs") = 0 [pid 756] write(1, "executing program\n", 18executing program ) = 18 [pid 756] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 756] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 756] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 756] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 756] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 756] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 756] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[757]}, 88) = 757 [pid 756] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 756] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 756] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 757 attached [pid 757] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 757] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 757] memfd_create("syzkaller", 0) = 3 [pid 728] <... openat resumed>) = 3 [pid 728] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 728] ioctl(4, LOOP_CLR_FD) = 0 [pid 728] close(4) = 0 [pid 757] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 728] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 725] <... futex resumed>) = 0 [pid 728] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 725] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 728] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 725] <... futex resumed>) = 0 [pid 728] fspick(AT_FDCWD, "./file0", 0 [pid 725] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 728] <... fspick resumed>) = 4 [pid 728] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 725] <... futex resumed>) = 0 [pid 728] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 725] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 728] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 725] <... futex resumed>) = 0 [pid 728] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 725] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 728] <... fsconfig resumed>) = 0 [pid 728] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 725] <... futex resumed>) = 0 [pid 728] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 725] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 728] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 725] <... futex resumed>) = 0 [pid 728] openat(AT_FDCWD, "./file0", O_RDONLY [pid 725] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 728] <... openat resumed>) = 5 [pid 728] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 725] <... futex resumed>) = 0 [pid 728] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 725] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 728] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 725] <... futex resumed>) = 0 [pid 728] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 725] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 728] <... ioctl resumed>) = 0 [pid 728] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 725] <... futex resumed>) = 0 [pid 728] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 725] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 728] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 725] <... futex resumed>) = 0 [pid 728] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 725] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 728] <... prlimit64 resumed>NULL) = 0 [pid 728] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 725] <... futex resumed>) = 0 [pid 728] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 725] exit_group(0 [pid 728] <... futex resumed>) = ? [pid 725] <... exit_group resumed>) = ? [pid 728] +++ exited with 0 +++ [pid 725] +++ exited with 0 +++ [pid 311] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=725, si_uid=0, si_status=0, si_utime=5, si_stime=17} --- [pid 311] umount2("./12", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 311] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 311] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 311] umount2("./12/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] newfstatat(AT_FDCWD, "./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 52.020729][ T741] F2FS-fs (loop3): Cannot turn on quotas: -2 on 0 [ 52.027098][ T741] F2FS-fs (loop3): Cannot turn on quotas: -2 on 1 [pid 311] unlink("./12/binderfs") = 0 [pid 311] umount2("./12/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 741] <... mount resumed>) = 0 [pid 741] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 741] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 741] ioctl(4, LOOP_CLR_FD) = 0 [pid 741] close(4) = 0 [pid 741] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 738] <... futex resumed>) = 0 [pid 741] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 738] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 741] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 738] <... futex resumed>) = 0 [pid 741] fspick(AT_FDCWD, "./file0", 0 [pid 738] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 741] <... fspick resumed>) = 4 [pid 741] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 738] <... futex resumed>) = 0 [pid 741] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 738] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 741] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 738] <... futex resumed>) = 0 [pid 741] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 738] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 741] <... fsconfig resumed>) = 0 [pid 741] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 738] <... futex resumed>) = 0 [pid 741] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 738] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 741] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 738] <... futex resumed>) = 0 [pid 741] openat(AT_FDCWD, "./file0", O_RDONLY [pid 738] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 741] <... openat resumed>) = 5 [pid 741] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 738] <... futex resumed>) = 0 [pid 741] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 738] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 741] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 738] <... futex resumed>) = 0 [pid 741] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 738] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 741] <... ioctl resumed>) = 0 [pid 741] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 738] <... futex resumed>) = 0 [pid 741] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 738] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 741] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 738] <... futex resumed>) = 0 [pid 741] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 738] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 741] <... prlimit64 resumed>NULL) = 0 [pid 741] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 738] <... futex resumed>) = 0 [pid 741] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 738] exit_group(0 [pid 741] <... futex resumed>) = ? [pid 738] <... exit_group resumed>) = ? [ 52.064896][ T741] F2FS-fs (loop3): Cannot turn on quotas: -2 on 2 [ 52.089338][ T741] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [pid 741] +++ exited with 0 +++ [pid 738] +++ exited with 0 +++ [pid 310] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=738, si_uid=0, si_status=0, si_utime=6, si_stime=13} --- [pid 310] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 310] umount2("./12", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 310] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 310] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 310] umount2("./12/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] newfstatat(AT_FDCWD, "./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 310] unlink("./12/binderfs") = 0 [pid 310] umount2("./12/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 755] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 757] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 751] <... write resumed>) = 20699119 [pid 751] munmap(0x7f5376fec000, 138412032) = 0 [pid 751] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 751] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 751] close(3) = 0 [pid 751] close(4) = 0 [pid 751] mkdir("./file0", 0777) = 0 [pid 751] mount("/dev/loop0", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 311] <... umount2 resumed>) = 0 [pid 311] umount2("./12/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] newfstatat(AT_FDCWD, "./12/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 311] umount2("./12/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 311] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 311] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 311] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 311] close(4) = 0 [pid 311] rmdir("./12/file0") = 0 [pid 311] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 311] close(3) = 0 [pid 311] rmdir("./12") = 0 [pid 311] mkdir("./13", 0777) = 0 [pid 311] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 311] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 311] close(3) = 0 [pid 311] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 765 ./strace-static-x86_64: Process 765 attached [pid 765] set_robust_list(0x55555b716760, 24) = 0 [ 52.220769][ T751] F2FS-fs (loop0): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 765] chdir("./13") = 0 [pid 765] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 765] setpgid(0, 0) = 0 [pid 765] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 765] write(3, "1000", 4) = 4 [pid 765] close(3) = 0 [pid 765] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 765] write(1, "executing program\n", 18) = 18 [pid 765] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 765] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 765] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 765] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 765] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 765] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 765] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[767]}, 88) = 767 [pid 765] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 765] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 765] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 767 attached [pid 767] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 767] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 767] memfd_create("syzkaller", 0) = 3 [pid 767] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 757] <... write resumed>) = 20699119 [pid 757] munmap(0x7f5376fec000, 138412032) = 0 [pid 757] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 757] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 757] close(3) = 0 [pid 757] close(4) = 0 [pid 757] mkdir("./file0", 0777) = 0 [ 52.261865][ T751] F2FS-fs (loop0): Found nat_bits in checkpoint [pid 757] mount("/dev/loop1", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 310] <... umount2 resumed>) = 0 [pid 310] umount2("./12/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] newfstatat(AT_FDCWD, "./12/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 310] umount2("./12/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 52.319896][ T757] F2FS-fs (loop1): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 52.351192][ T757] F2FS-fs (loop1): Found nat_bits in checkpoint [pid 310] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 310] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 310] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 310] close(4) = 0 [pid 310] rmdir("./12/file0") = 0 [pid 310] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 310] close(3) = 0 [pid 310] rmdir("./12") = 0 [pid 310] mkdir("./13", 0777) = 0 [pid 310] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 310] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 310] close(3) = 0 [pid 310] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 771 [pid 755] <... write resumed>) = 20699119 [pid 755] munmap(0x7f5376fec000, 138412032 [pid 751] <... mount resumed>) = 0 [pid 751] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 755] <... munmap resumed>) = 0 [pid 755] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 ./strace-static-x86_64: Process 771 attached [pid 751] <... openat resumed>) = 3 [pid 755] ioctl(4, LOOP_SET_FD, 3 [pid 751] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 771] set_robust_list(0x55555b716760, 24) = 0 [pid 771] chdir("./13") = 0 [pid 771] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 771] setpgid(0, 0) = 0 [pid 771] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 771] write(3, "1000", 4) = 4 [pid 771] close(3) = 0 [pid 771] symlink("/dev/binderfs", "./binderfs") = 0 [pid 771] write(1, "executing program\n", 18executing program ) = 18 [pid 771] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 771] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 771] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 771] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 771] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 771] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 771] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[773]}, 88) = 773 [pid 771] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 771] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 771] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 773 attached [pid 755] <... ioctl resumed>) = 0 [pid 751] <... openat resumed>) = 4 [pid 751] ioctl(4, LOOP_CLR_FD) = 0 [pid 751] close(4) = 0 [pid 751] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 747] <... futex resumed>) = 0 [pid 747] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 747] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 751] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 751] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 747] <... futex resumed>) = 0 [pid 747] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 747] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 751] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 773] set_robust_list(0x7f537f40c9a0, 24 [pid 755] close(3) = 0 [pid 773] <... set_robust_list resumed>) = 0 [pid 773] rt_sigprocmask(SIG_SETMASK, [], [pid 755] close(4) = 0 [pid 755] mkdir("./file0", 0777) = 0 [pid 755] mount("/dev/loop2", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 773] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 773] memfd_create("syzkaller", 0) = 3 [pid 773] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [ 52.367631][ T751] F2FS-fs (loop0): Cannot turn on quotas: -2 on 0 [ 52.375902][ T751] F2FS-fs (loop0): Cannot turn on quotas: -2 on 1 [ 52.383767][ T751] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2 [ 52.391593][ T751] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [pid 751] <... fsconfig resumed>) = 0 [pid 751] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 747] <... futex resumed>) = 0 [pid 751] openat(AT_FDCWD, "./file0", O_RDONLY [pid 747] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 751] <... openat resumed>) = 5 [pid 747] <... futex resumed>) = 0 [pid 751] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 747] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 751] <... futex resumed>) = 0 [pid 747] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 751] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 747] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 747] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 751] <... ioctl resumed>) = 0 [pid 751] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 747] <... futex resumed>) = 0 [pid 751] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 747] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 751] <... prlimit64 resumed>NULL) = 0 [pid 747] <... futex resumed>) = 0 [pid 751] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 747] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 751] <... futex resumed>) = 0 [pid 747] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 751] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 747] exit_group(0 [pid 751] <... futex resumed>) = ? [pid 747] <... exit_group resumed>) = ? [pid 751] +++ exited with 0 +++ [pid 747] +++ exited with 0 +++ [pid 307] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=747, si_uid=0, si_status=0, si_utime=4, si_stime=18} --- [pid 307] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 307] umount2("./12", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 307] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 307] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 307] umount2("./12/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] newfstatat(AT_FDCWD, "./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 307] unlink("./12/binderfs") = 0 [ 52.424133][ T755] F2FS-fs (loop2): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 307] umount2("./12/file0", MNT_FORCE|UMOUNT_NOFOLLOW [ 52.466284][ T755] F2FS-fs (loop2): Found nat_bits in checkpoint [ 52.474277][ T757] F2FS-fs (loop1): Cannot turn on quotas: -2 on 0 [ 52.502786][ T757] F2FS-fs (loop1): Cannot turn on quotas: -2 on 1 [pid 767] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119 [pid 767] munmap(0x7f5376fec000, 138412032 [pid 757] <... mount resumed>) = 0 [pid 767] <... munmap resumed>) = 0 [pid 757] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 767] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 757] <... openat resumed>) = 3 [pid 767] ioctl(4, LOOP_SET_FD, 3 [ 52.523312][ T757] F2FS-fs (loop1): Cannot turn on quotas: -2 on 2 [ 52.549546][ T757] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [pid 757] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 767] <... ioctl resumed>) = 0 [pid 757] <... openat resumed>) = 4 [pid 767] close(3 [pid 757] ioctl(4, LOOP_CLR_FD) = 0 [pid 767] <... close resumed>) = 0 [pid 767] close(4 [pid 757] close(4 [pid 767] <... close resumed>) = 0 [pid 757] <... close resumed>) = 0 [pid 773] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 767] mkdir("./file0", 0777 [pid 757] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 755] <... mount resumed>) = 0 [pid 307] <... umount2 resumed>) = 0 [pid 767] <... mkdir resumed>) = 0 [pid 757] <... futex resumed>) = 1 [pid 756] <... futex resumed>) = 0 [pid 755] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 307] umount2("./12/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 756] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 767] mount("/dev/loop4", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 757] fspick(AT_FDCWD, "./file0", 0 [pid 756] <... futex resumed>) = 0 [pid 755] <... openat resumed>) = 3 [pid 307] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 756] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 757] <... fspick resumed>) = 4 [pid 755] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 307] newfstatat(AT_FDCWD, "./12/file0", [pid 757] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 755] <... openat resumed>) = 4 [pid 307] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 757] <... futex resumed>) = 1 [pid 756] <... futex resumed>) = 0 [pid 755] ioctl(4, LOOP_CLR_FD [pid 307] umount2("./12/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 756] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 757] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 756] <... futex resumed>) = 0 [pid 755] <... ioctl resumed>) = 0 [pid 307] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 756] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 755] close(4 [pid 307] openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 755] <... close resumed>) = 0 [pid 755] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 307] <... openat resumed>) = 4 [pid 755] <... futex resumed>) = 1 [pid 754] <... futex resumed>) = 0 [pid 307] newfstatat(4, "", [pid 755] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 754] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 307] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 755] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 754] <... futex resumed>) = 0 [pid 307] getdents64(4, [pid 755] fspick(AT_FDCWD, "./file0", 0 [pid 754] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 307] <... getdents64 resumed>0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 755] <... fspick resumed>) = 4 [pid 307] getdents64(4, [pid 755] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 307] <... getdents64 resumed>0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 755] <... futex resumed>) = 1 [pid 754] <... futex resumed>) = 0 [pid 307] close(4 [pid 755] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 754] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 307] <... close resumed>) = 0 [pid 755] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 754] <... futex resumed>) = 0 [pid 307] rmdir("./12/file0" [pid 755] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 754] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 307] <... rmdir resumed>) = 0 [pid 307] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 307] close(3) = 0 [pid 307] rmdir("./12") = 0 [pid 307] mkdir("./13", 0777) = 0 [pid 307] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 307] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 307] close(3) = 0 [pid 307] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 781 ./strace-static-x86_64: Process 781 attached [pid 781] set_robust_list(0x55555b716760, 24) = 0 [pid 781] chdir("./13") = 0 [pid 781] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 781] setpgid(0, 0) = 0 [pid 781] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 781] write(3, "1000", 4) = 4 [pid 781] close(3) = 0 [pid 781] symlink("/dev/binderfs", "./binderfs") = 0 [pid 781] write(1, "executing program\n", 18executing program ) = 18 [pid 781] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 781] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 781] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 781] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 781] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 781] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 781] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[783]}, 88) = 783 [pid 781] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 781] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 781] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 755] <... fsconfig resumed>) = 0 [pid 755] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 754] <... futex resumed>) = 0 [pid 755] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 754] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 755] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 754] <... futex resumed>) = 0 [pid 755] openat(AT_FDCWD, "./file0", O_RDONLY [pid 754] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 755] <... openat resumed>) = 5 [pid 755] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 754] <... futex resumed>) = 0 [pid 755] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 754] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 755] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 754] <... futex resumed>) = 0 [pid 755] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [ 52.590068][ T755] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0 [ 52.596396][ T755] F2FS-fs (loop2): Cannot turn on quotas: -2 on 1 [ 52.603064][ T755] F2FS-fs (loop2): Cannot turn on quotas: -2 on 2 [ 52.611512][ T755] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 52.630227][ T767] F2FS-fs (loop4): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 754] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 755] <... ioctl resumed>) = 0 [pid 755] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 754] <... futex resumed>) = 0 [pid 755] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 754] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 755] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 754] <... futex resumed>) = 0 [pid 755] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 754] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 755] <... prlimit64 resumed>NULL) = 0 [pid 755] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 754] <... futex resumed>) = 0 [pid 755] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 754] exit_group(0 [pid 755] <... futex resumed>) = ? [pid 754] <... exit_group resumed>) = ? [pid 755] +++ exited with 0 +++ [pid 754] +++ exited with 0 +++ [pid 309] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=754, si_uid=0, si_status=0, si_utime=3, si_stime=16} --- [pid 309] umount2("./11", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 309] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 309] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 309] umount2("./11/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] newfstatat(AT_FDCWD, "./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 309] unlink("./11/binderfs") = 0 [pid 309] umount2("./11/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 757] <... fsconfig resumed>) = 0 [pid 757] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 756] <... futex resumed>) = 0 [pid 757] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 756] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 757] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 756] <... futex resumed>) = 0 [pid 757] openat(AT_FDCWD, "./file0", O_RDONLY) = 5 [pid 756] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 757] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 756] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 757] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 756] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 757] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 756] <... futex resumed>) = 0 [pid 757] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 756] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 757] <... ioctl resumed>) = 0 [pid 757] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 757] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 756] <... futex resumed>) = 0 [pid 756] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 757] <... futex resumed>) = 0 [pid 756] <... futex resumed>) = 1 [pid 757] prlimit64(0, RLIMIT_RTPRIO, NULL, NULL) = 0 [pid 756] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 757] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 756] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 757] <... futex resumed>) = 0 [pid 756] exit_group(0) = ? [pid 757] +++ exited with 0 +++ ./strace-static-x86_64: Process 783 attached [pid 783] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 783] rt_sigprocmask(SIG_SETMASK, [], [pid 756] +++ exited with 0 +++ [pid 308] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=756, si_uid=0, si_status=0, si_utime=7, si_stime=15} --- [pid 308] restart_syscall(<... resuming interrupted clone ...> [pid 783] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 783] memfd_create("syzkaller", 0) = 3 [pid 783] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 308] <... restart_syscall resumed>) = 0 [pid 308] umount2("./12", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 308] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 308] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 308] umount2("./12/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] newfstatat(AT_FDCWD, "./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 308] unlink("./12/binderfs") = 0 [pid 308] umount2("./12/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 773] <... write resumed>) = 20699119 [pid 773] munmap(0x7f5376fec000, 138412032) = 0 [ 52.681733][ T767] F2FS-fs (loop4): Found nat_bits in checkpoint [pid 773] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 773] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 773] close(3) = 0 [pid 773] close(4) = 0 [pid 773] mkdir("./file0", 0777) = 0 [pid 773] mount("/dev/loop3", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 767] <... mount resumed>) = 0 [pid 767] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 767] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 767] ioctl(4, LOOP_CLR_FD) = 0 [pid 767] close(4) = 0 [ 52.755844][ T767] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0 [ 52.762946][ T767] F2FS-fs (loop4): Cannot turn on quotas: -2 on 1 [ 52.770363][ T767] F2FS-fs (loop4): Cannot turn on quotas: -2 on 2 [ 52.781587][ T767] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [pid 767] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 765] <... futex resumed>) = 0 [pid 767] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 765] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 767] <... futex resumed>) = 0 [pid 765] <... futex resumed>) = 1 [pid 765] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 767] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 767] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 765] <... futex resumed>) = 0 [pid 767] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 765] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 767] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 765] <... futex resumed>) = 0 [pid 767] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 765] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 308] <... umount2 resumed>) = 0 [pid 308] umount2("./12/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 309] <... umount2 resumed>) = 0 [pid 308] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 308] newfstatat(AT_FDCWD, "./12/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 308] umount2("./12/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 308] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 308] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 308] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 308] close(4) = 0 [pid 308] rmdir("./12/file0" [pid 767] <... fsconfig resumed>) = 0 [pid 767] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 765] <... futex resumed>) = 0 [pid 765] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 767] openat(AT_FDCWD, "./file0", O_RDONLY [pid 765] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 767] <... openat resumed>) = 5 [pid 767] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 765] <... futex resumed>) = 0 [pid 765] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 767] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 765] <... futex resumed>) = 0 [pid 765] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 308] <... rmdir resumed>) = 0 [pid 308] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 767] <... ioctl resumed>) = 0 [pid 767] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 765] <... futex resumed>) = 0 [pid 767] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 765] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 767] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 767] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 765] <... futex resumed>) = 0 [pid 767] <... prlimit64 resumed>NULL) = 0 [pid 767] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 765] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 767] <... futex resumed>) = 0 [pid 767] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 765] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 765] exit_group(0) = ? [pid 767] <... futex resumed>) = ? [pid 767] +++ exited with 0 +++ [pid 765] +++ exited with 0 +++ [pid 311] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=765, si_uid=0, si_status=0, si_utime=7, si_stime=13} --- [pid 311] restart_syscall(<... resuming interrupted clone ...> [pid 308] close(3) = 0 [pid 308] rmdir("./12") = 0 [pid 308] mkdir("./13", 0777) = 0 [pid 308] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 308] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 308] close(3 [pid 311] <... restart_syscall resumed>) = 0 [pid 311] umount2("./13", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 311] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 311] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 309] umount2("./11/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 311] umount2("./13/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] newfstatat(AT_FDCWD, "./13/binderfs", [pid 309] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 311] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 309] newfstatat(AT_FDCWD, "./11/file0", [pid 311] unlink("./13/binderfs") = 0 [ 52.812755][ T773] F2FS-fs (loop3): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 311] umount2("./13/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 309] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 309] umount2("./11/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 309] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 309] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 309] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 309] close(4) = 0 [pid 309] rmdir("./11/file0") = 0 [pid 309] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 309] close(3) = 0 [pid 309] rmdir("./11") = 0 [pid 309] mkdir("./12", 0777) = 0 [pid 309] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 308] <... close resumed>) = 0 [pid 309] ioctl(3, LOOP_CLR_FD [pid 308] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 309] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 309] close(3 [pid 308] <... clone resumed>, child_tidptr=0x55555b716750) = 792 [pid 309] <... close resumed>) = 0 [pid 309] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 793 ./strace-static-x86_64: Process 792 attached [pid 792] set_robust_list(0x55555b716760, 24./strace-static-x86_64: Process 793 attached ) = 0 [pid 793] set_robust_list(0x55555b716760, 24 [pid 792] chdir("./13" [pid 793] <... set_robust_list resumed>) = 0 [pid 792] <... chdir resumed>) = 0 [pid 793] chdir("./12" [pid 792] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 793] <... chdir resumed>) = 0 [pid 792] <... prctl resumed>) = 0 [pid 793] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 792] setpgid(0, 0 [pid 793] <... prctl resumed>) = 0 [pid 792] <... setpgid resumed>) = 0 [pid 792] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 793] setpgid(0, 0 [pid 792] write(3, "1000", 4 [pid 793] <... setpgid resumed>) = 0 [pid 792] <... write resumed>) = 4 [pid 792] close(3 [pid 793] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 792] <... close resumed>) = 0 [pid 793] <... openat resumed>) = 3 [pid 792] symlink("/dev/binderfs", "./binderfs" [pid 793] write(3, "1000", 4executing program [pid 792] <... symlink resumed>) = 0 [pid 793] <... write resumed>) = 4 [pid 792] write(1, "executing program\n", 18 [pid 793] close(3 [pid 792] <... write resumed>) = 18 [pid 793] <... close resumed>) = 0 [pid 793] symlink("/dev/binderfs", "./binderfs" [pid 792] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 792] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 792] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 792] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 792] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 792] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 792] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[794]}, 88) = 794 [pid 792] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 792] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 792] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 793] <... symlink resumed>) = 0 executing program [pid 793] write(1, "executing program\n", 18) = 18 [pid 793] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 793] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 793] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 783] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 793] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 793] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 793] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 793] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[795]}, 88) = 795 [pid 793] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 793] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 793] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 794 attached [pid 794] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 794] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [ 52.858609][ T773] F2FS-fs (loop3): Found nat_bits in checkpoint [pid 794] memfd_create("syzkaller", 0) = 3 [pid 794] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 ./strace-static-x86_64: Process 795 attached [pid 795] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 795] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 795] memfd_create("syzkaller", 0) = 3 [pid 795] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 773] <... mount resumed>) = 0 [pid 773] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 773] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 773] ioctl(4, LOOP_CLR_FD) = 0 [pid 773] close(4) = 0 [pid 773] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 771] <... futex resumed>) = 0 [pid 771] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 773] fspick(AT_FDCWD, "./file0", 0 [pid 771] <... futex resumed>) = 0 [pid 771] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 773] <... fspick resumed>) = 4 [pid 773] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 771] <... futex resumed>) = 0 [pid 771] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 773] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 771] <... futex resumed>) = 0 [ 52.922592][ T773] F2FS-fs (loop3): Cannot turn on quotas: -2 on 0 [ 52.939932][ T773] F2FS-fs (loop3): Cannot turn on quotas: -2 on 1 [ 52.946264][ T773] F2FS-fs (loop3): Cannot turn on quotas: -2 on 2 [ 52.963404][ T773] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [pid 771] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 311] <... umount2 resumed>) = 0 [pid 773] <... fsconfig resumed>) = 0 [pid 773] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 771] <... futex resumed>) = 0 [pid 773] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 771] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 773] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 771] <... futex resumed>) = 0 [pid 773] openat(AT_FDCWD, "./file0", O_RDONLY [pid 771] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 773] <... openat resumed>) = 5 [pid 773] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 771] <... futex resumed>) = 0 [pid 773] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 771] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 773] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 771] <... futex resumed>) = 0 [pid 773] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 771] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 773] <... ioctl resumed>) = 0 [pid 773] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 771] <... futex resumed>) = 0 [pid 771] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 773] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 771] <... futex resumed>) = 0 [pid 773] <... prlimit64 resumed>NULL) = 0 [pid 773] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 771] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 773] <... futex resumed>) = 0 [pid 771] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 773] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 771] exit_group(0 [pid 773] <... futex resumed>) = ? [pid 771] <... exit_group resumed>) = ? [pid 773] +++ exited with 0 +++ [pid 771] +++ exited with 0 +++ [pid 310] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=771, si_uid=0, si_status=0, si_utime=5, si_stime=16} --- [pid 310] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 310] umount2("./13", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 310] newfstatat(3, "", [pid 311] umount2("./13/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 311] newfstatat(AT_FDCWD, "./13/file0", [pid 310] getdents64(3, [pid 311] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 311] umount2("./13/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 310] <... getdents64 resumed>0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 783] <... write resumed>) = 20699119 [pid 311] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 311] getdents64(4, [pid 310] umount2("./13/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 783] munmap(0x7f5376fec000, 138412032 [pid 310] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 311] <... getdents64 resumed>0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 311] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 310] newfstatat(AT_FDCWD, "./13/binderfs", [pid 311] close(4) = 0 [pid 310] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 311] rmdir("./13/file0" [pid 310] unlink("./13/binderfs") = 0 [pid 310] umount2("./13/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 311] <... rmdir resumed>) = 0 [pid 311] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 311] close(3) = 0 [pid 311] rmdir("./13") = 0 [pid 311] mkdir("./14", 0777) = 0 [pid 311] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 311] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 311] close(3) = 0 [pid 311] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 798 [pid 783] <... munmap resumed>) = 0 ./strace-static-x86_64: Process 798 attached [pid 798] set_robust_list(0x55555b716760, 24) = 0 [pid 798] chdir("./14" [pid 783] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 798] <... chdir resumed>) = 0 [pid 798] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 798] setpgid(0, 0) = 0 [pid 798] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 798] write(3, "1000", 4) = 4 [pid 798] close(3) = 0 [pid 798] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 798] write(1, "executing program\n", 18) = 18 [pid 798] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 798] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 798] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 798] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 798] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 798] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 798] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[799]}, 88) = 799 [pid 798] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 798] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 798] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 799 attached [pid 799] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 799] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 799] memfd_create("syzkaller", 0) = 3 [pid 799] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 783] <... openat resumed>) = 4 [pid 783] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 783] close(3) = 0 [pid 783] close(4) = 0 [pid 783] mkdir("./file0", 0777) = 0 [pid 783] mount("/dev/loop0", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [ 53.103431][ T783] F2FS-fs (loop0): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 795] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 794] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [ 53.148883][ T783] F2FS-fs (loop0): Found nat_bits in checkpoint [pid 799] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119 [pid 799] munmap(0x7f5376fec000, 138412032) = 0 [pid 799] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 799] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 799] close(3) = 0 [pid 799] close(4 [pid 310] <... umount2 resumed>) = 0 [pid 310] umount2("./13/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] newfstatat(AT_FDCWD, "./13/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 310] umount2("./13/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 310] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 310] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 310] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 310] close(4) = 0 [pid 310] rmdir("./13/file0") = 0 [pid 310] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 310] close(3) = 0 [pid 310] rmdir("./13") = 0 [pid 310] mkdir("./14", 0777) = 0 [pid 310] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 799] <... close resumed>) = 0 [pid 310] <... openat resumed>) = 3 [pid 799] mkdir("./file0", 0777 [pid 310] ioctl(3, LOOP_CLR_FD [pid 799] <... mkdir resumed>) = 0 [pid 799] mount("/dev/loop4", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 794] <... write resumed>) = 20699119 [pid 794] munmap(0x7f5376fec000, 138412032) = 0 [pid 794] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 310] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 794] <... openat resumed>) = 4 [pid 794] ioctl(4, LOOP_SET_FD, 3 [pid 310] close(3 [pid 794] <... ioctl resumed>) = 0 [pid 310] <... close resumed>) = 0 [pid 794] close(3 [pid 310] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 794] <... close resumed>) = 0 [pid 794] close(4 [pid 310] <... clone resumed>, child_tidptr=0x55555b716750) = 806 [pid 795] <... write resumed>) = 20699119 [pid 795] munmap(0x7f5376fec000, 138412032 [pid 783] <... mount resumed>) = 0 [pid 783] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 783] openat(AT_FDCWD, "/dev/loop0", O_RDWR./strace-static-x86_64: Process 806 attached [pid 806] set_robust_list(0x55555b716760, 24) = 0 [pid 806] chdir("./14") = 0 [pid 806] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 806] setpgid(0, 0) = 0 [pid 806] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 806] write(3, "1000", 4) = 4 [pid 806] close(3) = 0 [ 53.279927][ T783] F2FS-fs (loop0): Cannot turn on quotas: -2 on 0 [ 53.286308][ T783] F2FS-fs (loop0): Cannot turn on quotas: -2 on 1 [ 53.299372][ T783] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2 [ 53.307075][ T783] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 53.321151][ T799] F2FS-fs (loop4): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 806] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 806] write(1, "executing program\n", 18) = 18 [pid 806] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 806] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 806] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 806] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 806] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 806] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 806] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[809]}, 88) = 809 [pid 806] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 806] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 806] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 809 attached [pid 809] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 809] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 809] memfd_create("syzkaller", 0) = 3 [pid 809] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 795] <... munmap resumed>) = 0 [pid 795] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 794] <... close resumed>) = 0 [pid 794] mkdir("./file0", 0777) = 0 [ 53.337760][ T799] F2FS-fs (loop4): Found nat_bits in checkpoint [pid 794] mount("/dev/loop1", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 783] <... openat resumed>) = 4 [pid 799] <... mount resumed>) = 0 [pid 799] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 799] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 799] ioctl(4, LOOP_CLR_FD) = 0 [pid 799] close(4) = 0 [pid 799] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 798] <... futex resumed>) = 0 [pid 798] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 798] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 799] <... futex resumed>) = 1 [pid 799] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 799] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 798] <... futex resumed>) = 0 [pid 798] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 798] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 799] <... futex resumed>) = 1 [pid 799] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 795] <... openat resumed>) = 4 [pid 795] ioctl(4, LOOP_SET_FD, 3 [pid 783] ioctl(4, LOOP_CLR_FD [pid 799] <... fsconfig resumed>) = 0 [pid 799] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 798] <... futex resumed>) = 0 [pid 798] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 798] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 799] openat(AT_FDCWD, "./file0", O_RDONLY) = 5 [pid 799] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 798] <... futex resumed>) = 0 [pid 798] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 798] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 799] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140) = 0 [pid 799] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 798] <... futex resumed>) = 0 [pid 798] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 798] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 799] prlimit64(0, RLIMIT_RTPRIO, NULL, NULL) = 0 [pid 799] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 798] <... futex resumed>) = 0 [pid 798] exit_group(0) = ? [pid 799] +++ exited with 0 +++ [pid 798] +++ exited with 0 +++ [pid 311] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=798, si_uid=0, si_status=0, si_utime=5, si_stime=16} --- [pid 311] restart_syscall(<... resuming interrupted clone ...> [pid 795] <... ioctl resumed>) = 0 [pid 783] <... ioctl resumed>) = 0 [pid 809] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 783] close(4) = 0 [pid 795] close(3 [pid 783] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 795] <... close resumed>) = 0 [pid 783] <... futex resumed>) = 1 [pid 781] <... futex resumed>) = 0 [pid 795] close(4 [pid 783] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 781] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 783] <... futex resumed>) = 0 [pid 781] <... futex resumed>) = 1 [pid 783] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 781] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 783] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 783] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 781] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 781] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 783] <... futex resumed>) = 0 [pid 781] <... futex resumed>) = 1 [pid 783] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 781] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 311] <... restart_syscall resumed>) = 0 [pid 311] umount2("./14", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 311] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 311] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 311] umount2("./14/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] newfstatat(AT_FDCWD, "./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 311] unlink("./14/binderfs") = 0 [ 53.384316][ T799] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0 [ 53.391118][ T799] F2FS-fs (loop4): Cannot turn on quotas: -2 on 1 [ 53.397734][ T799] F2FS-fs (loop4): Cannot turn on quotas: -2 on 2 [ 53.404919][ T799] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 53.417969][ T794] F2FS-fs (loop1): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 311] umount2("./14/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 783] <... fsconfig resumed>) = 0 [pid 783] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 783] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 781] <... futex resumed>) = 0 [pid 781] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 783] <... futex resumed>) = 0 [pid 781] <... futex resumed>) = 1 [pid 783] openat(AT_FDCWD, "./file0", O_RDONLY) = 5 [pid 783] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 781] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 783] <... futex resumed>) = 0 [pid 783] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 781] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 781] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 783] <... futex resumed>) = 0 [pid 781] <... futex resumed>) = 1 [pid 783] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 781] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 783] <... ioctl resumed>) = 0 [pid 783] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 783] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 781] <... futex resumed>) = 0 [pid 781] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 783] <... futex resumed>) = 0 [pid 781] <... futex resumed>) = 1 [pid 783] prlimit64(0, RLIMIT_RTPRIO, NULL, NULL) = 0 [pid 783] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 783] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 781] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 781] exit_group(0 [pid 783] <... futex resumed>) = ? [pid 781] <... exit_group resumed>) = ? [pid 783] +++ exited with 0 +++ [pid 781] +++ exited with 0 +++ [pid 307] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=781, si_uid=0, si_status=0, si_utime=6, si_stime=21} --- [pid 307] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 307] umount2("./13", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 307] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 307] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 307] umount2("./13/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] newfstatat(AT_FDCWD, "./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 307] unlink("./13/binderfs") = 0 [pid 307] umount2("./13/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 795] <... close resumed>) = 0 [pid 311] <... umount2 resumed>) = 0 [pid 795] mkdir("./file0", 0777 [pid 311] umount2("./14/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 795] <... mkdir resumed>) = 0 [pid 311] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 795] mount("/dev/loop2", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 311] newfstatat(AT_FDCWD, "./14/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 311] umount2("./14/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 311] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 311] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 311] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 311] close(4) = 0 [pid 311] rmdir("./14/file0") = 0 [pid 311] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 311] close(3) = 0 [pid 311] rmdir("./14") = 0 [pid 311] mkdir("./15", 0777) = 0 [ 53.445379][ T794] F2FS-fs (loop1): Found nat_bits in checkpoint [pid 311] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 809] <... write resumed>) = 20699119 [pid 809] munmap(0x7f5376fec000, 138412032) = 0 [pid 809] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 311] <... openat resumed>) = 3 [pid 311] ioctl(3, LOOP_CLR_FD [pid 794] <... mount resumed>) = 0 [pid 794] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [ 53.519472][ T794] F2FS-fs (loop1): Cannot turn on quotas: -2 on 0 [ 53.525942][ T794] F2FS-fs (loop1): Cannot turn on quotas: -2 on 1 [ 53.533116][ T794] F2FS-fs (loop1): Cannot turn on quotas: -2 on 2 [ 53.544442][ T794] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 53.552476][ T795] F2FS-fs (loop2): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 53.563328][ T795] F2FS-fs (loop2): Found nat_bits in checkpoint [pid 794] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 809] <... openat resumed>) = 4 [pid 311] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 809] ioctl(4, LOOP_SET_FD, 3 [pid 794] <... openat resumed>) = 4 [pid 311] close(3 [pid 794] ioctl(4, LOOP_CLR_FD [pid 311] <... close resumed>) = 0 [pid 311] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 820 ./strace-static-x86_64: Process 820 attached [pid 820] set_robust_list(0x55555b716760, 24) = 0 [pid 820] chdir("./15") = 0 [pid 820] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 820] setpgid(0, 0) = 0 [pid 820] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 820] write(3, "1000", 4) = 4 [pid 820] close(3) = 0 [pid 820] symlink("/dev/binderfs", "./binderfs") = 0 [pid 820] write(1, "executing program\n", 18executing program ) = 18 [pid 820] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 820] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 820] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 820] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 820] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 820] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 820] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[821]}, 88) = 821 [pid 820] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 820] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 820] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 809] <... ioctl resumed>) = 0 [pid 794] <... ioctl resumed>) = 0 [pid 794] close(4 [pid 809] close(3) = 0 [pid 794] <... close resumed>) = 0 [pid 809] close(4 [pid 794] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 809] <... close resumed>) = 0 [pid 809] mkdir("./file0", 0777) = 0 [pid 809] mount("/dev/loop3", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 794] <... futex resumed>) = 1 [pid 794] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 792] <... futex resumed>) = 0 [pid 792] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 794] <... futex resumed>) = 0 [pid 794] fspick(AT_FDCWD, "./file0", 0./strace-static-x86_64: Process 821 attached ) = 4 [pid 792] <... futex resumed>) = 1 [pid 821] set_robust_list(0x7f537f40c9a0, 24 [pid 794] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 792] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 821] <... set_robust_list resumed>) = 0 [pid 794] <... futex resumed>) = 0 [pid 792] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 821] rt_sigprocmask(SIG_SETMASK, [], [pid 794] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 792] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 821] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 794] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 792] <... futex resumed>) = 0 [pid 794] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 792] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 821] memfd_create("syzkaller", 0) = 3 [pid 821] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 795] <... mount resumed>) = 0 [pid 795] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 795] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 795] ioctl(4, LOOP_CLR_FD) = 0 [pid 795] close(4) = 0 [pid 795] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 793] <... futex resumed>) = 0 [pid 793] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 793] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 795] <... futex resumed>) = 1 [pid 795] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 795] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 793] <... futex resumed>) = 0 [pid 793] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 793] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 795] <... futex resumed>) = 1 [ 53.608185][ T795] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0 [ 53.614753][ T795] F2FS-fs (loop2): Cannot turn on quotas: -2 on 1 [ 53.621464][ T795] F2FS-fs (loop2): Cannot turn on quotas: -2 on 2 [ 53.627922][ T795] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 53.630166][ T809] F2FS-fs (loop3): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 795] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = 0 [pid 795] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 793] <... futex resumed>) = 0 [pid 793] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 793] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 795] <... futex resumed>) = 1 [pid 795] openat(AT_FDCWD, "./file0", O_RDONLY) = 5 [pid 795] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 793] <... futex resumed>) = 0 [pid 793] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 793] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 795] <... futex resumed>) = 1 [pid 795] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140) = 0 [pid 795] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 793] <... futex resumed>) = 0 [pid 793] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 793] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 795] <... futex resumed>) = 1 [pid 795] prlimit64(0, RLIMIT_RTPRIO, NULL, NULL) = 0 [pid 795] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 793] <... futex resumed>) = 0 [pid 793] exit_group(0) = ? [pid 795] <... futex resumed>) = ? [pid 795] +++ exited with 0 +++ [pid 793] +++ exited with 0 +++ [pid 309] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=793, si_uid=0, si_status=0, si_utime=4, si_stime=17} --- [pid 309] restart_syscall(<... resuming interrupted clone ...> [pid 794] <... fsconfig resumed>) = 0 [pid 794] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 792] <... futex resumed>) = 0 [pid 794] openat(AT_FDCWD, "./file0", O_RDONLY [pid 792] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 794] <... openat resumed>) = 5 [pid 792] <... futex resumed>) = 0 [pid 794] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 792] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 794] <... futex resumed>) = 0 [pid 792] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 794] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 792] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 792] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 794] <... ioctl resumed>) = 0 [pid 794] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 792] <... futex resumed>) = 0 [pid 794] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 792] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 794] <... prlimit64 resumed>NULL) = 0 [pid 792] <... futex resumed>) = 0 [pid 794] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 792] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 794] <... futex resumed>) = 0 [pid 792] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 794] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 792] exit_group(0 [pid 794] <... futex resumed>) = ? [pid 792] <... exit_group resumed>) = ? [pid 794] +++ exited with 0 +++ [pid 792] +++ exited with 0 +++ [pid 308] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=792, si_uid=0, si_status=0, si_utime=8, si_stime=17} --- [pid 308] restart_syscall(<... resuming interrupted clone ...> [pid 309] <... restart_syscall resumed>) = 0 [pid 308] <... restart_syscall resumed>) = 0 [pid 309] umount2("./12", MNT_FORCE|UMOUNT_NOFOLLOW [pid 308] umount2("./13", MNT_FORCE|UMOUNT_NOFOLLOW [pid 309] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 308] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 309] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 308] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 309] <... openat resumed>) = 3 [pid 308] <... openat resumed>) = 3 [pid 309] newfstatat(3, "", [pid 308] newfstatat(3, "", [pid 309] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 308] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 309] getdents64(3, [pid 308] getdents64(3, [pid 309] <... getdents64 resumed>0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 308] <... getdents64 resumed>0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 309] umount2("./12/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 308] umount2("./13/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 309] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 308] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 309] newfstatat(AT_FDCWD, "./12/binderfs", [pid 308] newfstatat(AT_FDCWD, "./13/binderfs", [pid 309] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 308] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 309] unlink("./12/binderfs" [pid 308] unlink("./13/binderfs" [pid 309] <... unlink resumed>) = 0 [pid 308] <... unlink resumed>) = 0 [pid 309] umount2("./12/file0", MNT_FORCE|UMOUNT_NOFOLLOW [ 53.672333][ T809] F2FS-fs (loop3): Found nat_bits in checkpoint [pid 308] umount2("./13/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 809] <... mount resumed>) = 0 [pid 809] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 809] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 307] <... umount2 resumed>) = 0 [pid 307] umount2("./13/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] newfstatat(AT_FDCWD, "./13/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 307] umount2("./13/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 307] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 307] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 307] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 307] close(4) = 0 [pid 307] rmdir("./13/file0") = 0 [pid 307] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 307] close(3) = 0 [pid 307] rmdir("./13") = 0 [pid 307] mkdir("./14", 0777) = 0 [pid 307] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 809] <... openat resumed>) = 4 [pid 307] <... openat resumed>) = 3 [pid 809] ioctl(4, LOOP_CLR_FD [pid 307] ioctl(3, LOOP_CLR_FD [pid 809] <... ioctl resumed>) = 0 [pid 307] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 809] close(4) = 0 [pid 307] close(3 [pid 809] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 809] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 307] <... close resumed>) = 0 [pid 806] <... futex resumed>) = 0 [pid 307] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 806] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 307] <... clone resumed>, child_tidptr=0x55555b716750) = 828 [pid 809] <... futex resumed>) = 0 [pid 809] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 809] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 809] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 806] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 806] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 809] <... futex resumed>) = 0 [pid 806] <... futex resumed>) = 1 [pid 809] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [ 53.723697][ T809] F2FS-fs (loop3): Cannot turn on quotas: -2 on 0 [ 53.730150][ T809] F2FS-fs (loop3): Cannot turn on quotas: -2 on 1 [ 53.736459][ T809] F2FS-fs (loop3): Cannot turn on quotas: -2 on 2 [ 53.742896][ T809] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [pid 806] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 821] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119./strace-static-x86_64: Process 828 attached [pid 828] set_robust_list(0x55555b716760, 24) = 0 [pid 828] chdir("./14") = 0 [pid 828] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 828] setpgid(0, 0) = 0 [pid 828] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 828] write(3, "1000", 4) = 4 [pid 828] close(3) = 0 [pid 828] symlink("/dev/binderfs", "./binderfs") = 0 [pid 828] write(1, "executing program\n", 18executing program ) = 18 [pid 828] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 828] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 828] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 828] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 828] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 828] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 828] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[831]}, 88) = 831 [pid 828] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 828] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 828] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 809] <... fsconfig resumed>) = 0 [pid 809] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 809] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 806] <... futex resumed>) = 0 [pid 806] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 809] <... futex resumed>) = 0 [pid 806] <... futex resumed>) = 1 [pid 809] openat(AT_FDCWD, "./file0", O_RDONLY [pid 806] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 809] <... openat resumed>) = 5 [pid 809] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 806] <... futex resumed>) = 0 [pid 809] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 806] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 806] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 809] <... ioctl resumed>) = 0 [pid 809] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 809] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 806] <... futex resumed>) = 0 [pid 806] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 809] <... futex resumed>) = 0 [pid 806] <... futex resumed>) = 1 [pid 809] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 806] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 809] <... prlimit64 resumed>NULL) = 0 [pid 809] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 806] <... futex resumed>) = 0 [pid 809] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 806] exit_group(0 [pid 809] <... futex resumed>) = ? [pid 806] <... exit_group resumed>) = ? [pid 809] +++ exited with 0 +++ [pid 806] +++ exited with 0 +++ [pid 310] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=806, si_uid=0, si_status=0, si_utime=6, si_stime=18} --- [pid 310] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 310] umount2("./14", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 310] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 310] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 310] umount2("./14/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] newfstatat(AT_FDCWD, "./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 310] unlink("./14/binderfs") = 0 [pid 310] umount2("./14/file0", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 831 attached [pid 831] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 831] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 831] memfd_create("syzkaller", 0) = 3 [pid 831] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 309] <... umount2 resumed>) = 0 [pid 309] umount2("./12/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] newfstatat(AT_FDCWD, "./12/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 309] umount2("./12/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 309] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 309] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 309] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 309] close(4) = 0 [pid 309] rmdir("./12/file0") = 0 [pid 309] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 309] close(3) = 0 [pid 309] rmdir("./12") = 0 [pid 309] mkdir("./13", 0777) = 0 [pid 309] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 309] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 309] close(3) = 0 [pid 309] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 832 ./strace-static-x86_64: Process 832 attached [pid 832] set_robust_list(0x55555b716760, 24) = 0 [pid 832] chdir("./13") = 0 [pid 832] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 832] setpgid(0, 0) = 0 [pid 832] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 832] write(3, "1000", 4) = 4 [pid 832] close(3) = 0 [pid 832] symlink("/dev/binderfs", "./binderfs") = 0 [pid 832] write(1, "executing program\n", 18executing program ) = 18 [pid 832] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 832] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 832] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 832] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 832] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 832] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 832] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[833]}, 88) = 833 [pid 832] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 832] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 832] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 833 attached [pid 833] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 833] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 833] memfd_create("syzkaller", 0) = 3 [pid 833] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 308] <... umount2 resumed>) = 0 [pid 308] umount2("./13/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] newfstatat(AT_FDCWD, "./13/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 308] umount2("./13/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 308] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 308] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 308] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 308] close(4) = 0 [pid 308] rmdir("./13/file0") = 0 [pid 308] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 308] close(3) = 0 [pid 308] rmdir("./13") = 0 [pid 308] mkdir("./14", 0777) = 0 [pid 308] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 308] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 308] close(3) = 0 [pid 308] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 834 ./strace-static-x86_64: Process 834 attached [pid 834] set_robust_list(0x55555b716760, 24) = 0 [pid 834] chdir("./14") = 0 [pid 834] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 834] setpgid(0, 0) = 0 [pid 834] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 834] write(3, "1000", 4) = 4 [pid 834] close(3) = 0 [pid 834] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 834] write(1, "executing program\n", 18) = 18 [pid 834] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 834] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 834] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 834] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 834] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 834] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 834] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[835]}, 88) = 835 [pid 834] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 834] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 834] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 821] <... write resumed>) = 20699119 ./strace-static-x86_64: Process 835 attached [pid 835] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 835] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 835] memfd_create("syzkaller", 0 [pid 821] munmap(0x7f5376fec000, 138412032) = 0 [pid 835] <... memfd_create resumed>) = 3 [pid 835] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 821] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 310] <... umount2 resumed>) = 0 [pid 821] <... openat resumed>) = 4 [pid 821] ioctl(4, LOOP_SET_FD, 3 [pid 310] umount2("./14/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] newfstatat(AT_FDCWD, "./14/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 310] umount2("./14/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 310] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 310] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 310] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 310] close(4) = 0 [pid 310] rmdir("./14/file0" [pid 831] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 310] <... rmdir resumed>) = 0 [pid 310] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 310] close(3) = 0 [pid 310] rmdir("./14") = 0 [pid 310] mkdir("./15", 0777) = 0 [pid 310] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 821] <... ioctl resumed>) = 0 [pid 821] close(3) = 0 [pid 821] close(4) = 0 [pid 821] mkdir("./file0", 0777) = 0 [pid 821] mount("/dev/loop4", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 310] <... openat resumed>) = 3 [pid 310] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 310] close(3) = 0 [pid 310] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 837 ./strace-static-x86_64: Process 837 attached [pid 837] set_robust_list(0x55555b716760, 24) = 0 [pid 837] chdir("./15") = 0 [pid 837] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 837] setpgid(0, 0) = 0 [pid 837] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 837] write(3, "1000", 4) = 4 [pid 837] close(3) = 0 [pid 837] symlink("/dev/binderfs", "./binderfs") = 0 [pid 837] write(1, "executing program\n", 18executing program ) = 18 [pid 837] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 837] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 837] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 837] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 837] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 837] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 837] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[838]}, 88) = 838 [pid 837] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 837] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 837] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 838 attached [pid 838] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 838] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 838] memfd_create("syzkaller", 0) = 3 [pid 838] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [ 54.007145][ T821] F2FS-fs (loop4): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 54.066115][ T821] F2FS-fs (loop4): Found nat_bits in checkpoint [pid 833] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119 [pid 833] munmap(0x7f5376fec000, 138412032) = 0 [pid 833] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 833] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 833] close(3) = 0 [pid 833] close(4) = 0 [pid 833] mkdir("./file0", 0777) = 0 [pid 833] mount("/dev/loop2", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 831] <... write resumed>) = 20699119 [pid 831] munmap(0x7f5376fec000, 138412032) = 0 [pid 831] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 831] ioctl(4, LOOP_SET_FD, 3 [pid 835] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 831] <... ioctl resumed>) = 0 [pid 831] close(3) = 0 [pid 831] close(4) = 0 [pid 831] mkdir("./file0", 0777) = 0 [ 54.162811][ T833] F2FS-fs (loop2): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 54.184198][ T833] F2FS-fs (loop2): Found nat_bits in checkpoint [ 54.203405][ T821] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0 [pid 831] mount("/dev/loop0", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 821] <... mount resumed>) = 0 [pid 821] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 821] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 821] ioctl(4, LOOP_CLR_FD) = 0 [pid 821] close(4) = 0 [pid 821] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 820] <... futex resumed>) = 0 [pid 821] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 820] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 821] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 820] <... futex resumed>) = 0 [pid 821] fspick(AT_FDCWD, "./file0", 0 [pid 820] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 821] <... fspick resumed>) = 4 [pid 821] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 820] <... futex resumed>) = 0 [pid 821] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 820] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 821] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 820] <... futex resumed>) = 0 [pid 821] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [ 54.215335][ T831] F2FS-fs (loop0): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 54.229724][ T821] F2FS-fs (loop4): Cannot turn on quotas: -2 on 1 [ 54.236351][ T821] F2FS-fs (loop4): Cannot turn on quotas: -2 on 2 [ 54.243194][ T821] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [pid 820] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 838] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 821] <... fsconfig resumed>) = 0 [pid 821] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 820] <... futex resumed>) = 0 [pid 821] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 820] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 821] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 820] <... futex resumed>) = 0 [pid 821] openat(AT_FDCWD, "./file0", O_RDONLY [pid 820] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 821] <... openat resumed>) = 5 [pid 821] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 820] <... futex resumed>) = 0 [pid 821] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 820] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 821] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 820] <... futex resumed>) = 0 [pid 821] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 820] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 821] <... ioctl resumed>) = 0 [pid 821] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 820] <... futex resumed>) = 0 [pid 821] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 820] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 821] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 820] <... futex resumed>) = 0 [pid 821] prlimit64(0, RLIMIT_RTPRIO, NULL, NULL) = 0 [pid 820] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 821] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 820] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 821] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 820] exit_group(0 [pid 821] <... futex resumed>) = ? [pid 820] <... exit_group resumed>) = ? [pid 821] +++ exited with 0 +++ [pid 820] +++ exited with 0 +++ [pid 311] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=820, si_uid=0, si_status=0, si_utime=6, si_stime=15} --- [pid 311] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 311] umount2("./15", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 311] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 311] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 311] umount2("./15/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] newfstatat(AT_FDCWD, "./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 311] unlink("./15/binderfs") = 0 [ 54.270066][ T831] F2FS-fs (loop0): Found nat_bits in checkpoint [pid 311] umount2("./15/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 835] <... write resumed>) = 20699119 [pid 835] munmap(0x7f5376fec000, 138412032 [pid 833] <... mount resumed>) = 0 [pid 835] <... munmap resumed>) = 0 [pid 835] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 835] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 835] close(3) = 0 [pid 835] close(4) = 0 [pid 835] mkdir("./file0", 0777) = 0 [ 54.332053][ T833] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0 [ 54.343693][ T833] F2FS-fs (loop2): Cannot turn on quotas: -2 on 1 [ 54.353793][ T833] F2FS-fs (loop2): Cannot turn on quotas: -2 on 2 [ 54.360492][ T833] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [pid 835] mount("/dev/loop1", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 833] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 833] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 838] <... write resumed>) = 20699119 [pid 838] munmap(0x7f5376fec000, 138412032 [pid 833] ioctl(4, LOOP_CLR_FD [pid 838] <... munmap resumed>) = 0 [pid 838] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 838] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 838] close(3 [pid 833] <... ioctl resumed>) = 0 [pid 838] <... close resumed>) = 0 [pid 833] close(4) = 0 [pid 838] close(4) = 0 [ 54.387075][ T835] F2FS-fs (loop1): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 54.413928][ T831] F2FS-fs (loop0): Cannot turn on quotas: -2 on 0 [ 54.421227][ T831] F2FS-fs (loop0): Cannot turn on quotas: -2 on 1 [ 54.429536][ T831] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2 [pid 833] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 838] mkdir("./file0", 0777 [pid 833] <... futex resumed>) = 1 [pid 832] <... futex resumed>) = 0 [pid 838] <... mkdir resumed>) = 0 [pid 833] fspick(AT_FDCWD, "./file0", 0 [pid 832] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 838] mount("/dev/loop3", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 833] <... fspick resumed>) = 4 [pid 832] <... futex resumed>) = 0 [pid 833] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 832] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 833] <... futex resumed>) = 0 [pid 832] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 833] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 832] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 832] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 831] <... mount resumed>) = 0 [pid 831] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 831] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 831] ioctl(4, LOOP_CLR_FD) = 0 [pid 831] close(4) = 0 [pid 831] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 828] <... futex resumed>) = 0 [pid 828] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 828] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 831] <... futex resumed>) = 1 [pid 831] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 831] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 828] <... futex resumed>) = 0 [pid 828] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 828] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 831] <... futex resumed>) = 1 [pid 831] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = 0 [pid 831] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 828] <... futex resumed>) = 0 [pid 828] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 828] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 831] openat(AT_FDCWD, "./file0", O_RDONLY) = 5 [pid 833] <... fsconfig resumed>) = 0 [pid 833] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 832] <... futex resumed>) = 0 [pid 833] openat(AT_FDCWD, "./file0", O_RDONLY [pid 832] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 833] <... openat resumed>) = 5 [pid 832] <... futex resumed>) = 0 [pid 833] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 832] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 833] <... futex resumed>) = 0 [pid 832] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 833] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 832] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 833] <... ioctl resumed>) = 0 [pid 832] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 833] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 832] <... futex resumed>) = 0 [pid 833] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 832] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 833] <... prlimit64 resumed>NULL) = 0 [pid 832] <... futex resumed>) = 0 [pid 833] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 832] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 833] <... futex resumed>) = 0 [pid 832] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 833] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 832] exit_group(0 [pid 833] <... futex resumed>) = ? [pid 832] <... exit_group resumed>) = ? [pid 833] +++ exited with 0 +++ [pid 832] +++ exited with 0 +++ [pid 831] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 309] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=832, si_uid=0, si_status=0, si_utime=4, si_stime=16} --- [pid 831] <... futex resumed>) = 1 [pid 828] <... futex resumed>) = 0 [pid 831] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 828] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 309] restart_syscall(<... resuming interrupted clone ...> [pid 828] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 831] <... ioctl resumed>) = 0 [pid 831] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 828] <... futex resumed>) = 0 [pid 831] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 828] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 831] <... prlimit64 resumed>NULL) = 0 [pid 828] <... futex resumed>) = 0 [pid 831] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 828] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 831] <... futex resumed>) = 0 [pid 828] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 831] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 828] exit_group(0 [pid 831] <... futex resumed>) = ? [pid 828] <... exit_group resumed>) = ? [pid 831] +++ exited with 0 +++ [pid 828] +++ exited with 0 +++ [pid 307] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=828, si_uid=0, si_status=0, si_utime=6, si_stime=14} --- [pid 307] restart_syscall(<... resuming interrupted clone ...> [pid 311] <... umount2 resumed>) = 0 [pid 311] umount2("./15/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] newfstatat(AT_FDCWD, "./15/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 311] umount2("./15/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 311] newfstatat(4, "", [pid 309] <... restart_syscall resumed>) = 0 [pid 311] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 307] <... restart_syscall resumed>) = 0 [pid 309] umount2("./13", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] umount2("./14", MNT_FORCE|UMOUNT_NOFOLLOW [pid 311] getdents64(4, [pid 309] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 307] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 309] <... openat resumed>) = 3 [pid 307] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 309] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 307] newfstatat(3, "", [pid 311] <... getdents64 resumed>0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 307] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 311] getdents64(4, [pid 309] getdents64(3, [pid 307] getdents64(3, [pid 309] <... getdents64 resumed>0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 307] <... getdents64 resumed>0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 311] <... getdents64 resumed>0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 309] umount2("./13/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 307] umount2("./14/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 311] close(4 [pid 309] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 307] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 311] <... close resumed>) = 0 [pid 309] newfstatat(AT_FDCWD, "./13/binderfs", [pid 307] newfstatat(AT_FDCWD, "./14/binderfs", [pid 311] rmdir("./15/file0" [pid 309] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 307] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 309] unlink("./13/binderfs" [pid 307] unlink("./14/binderfs" [pid 309] <... unlink resumed>) = 0 [pid 309] umount2("./13/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 307] <... unlink resumed>) = 0 [pid 307] umount2("./14/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 311] <... rmdir resumed>) = 0 [pid 311] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 311] close(3) = 0 [pid 311] rmdir("./15") = 0 [pid 311] mkdir("./16", 0777) = 0 [ 54.429857][ T835] F2FS-fs (loop1): Found nat_bits in checkpoint [ 54.445930][ T838] F2FS-fs (loop3): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 54.454042][ T831] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 54.470729][ T838] F2FS-fs (loop3): Found nat_bits in checkpoint [pid 311] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 835] <... mount resumed>) = 0 [pid 835] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [ 54.522404][ T835] F2FS-fs (loop1): Cannot turn on quotas: -2 on 0 [ 54.528815][ T835] F2FS-fs (loop1): Cannot turn on quotas: -2 on 1 [ 54.535536][ T835] F2FS-fs (loop1): Cannot turn on quotas: -2 on 2 [ 54.542218][ T835] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 54.547848][ T838] F2FS-fs (loop3): Cannot turn on quotas: -2 on 0 [ 54.556563][ T838] F2FS-fs (loop3): Cannot turn on quotas: -2 on 1 [ 54.563685][ T838] F2FS-fs (loop3): Cannot turn on quotas: -2 on 2 [pid 835] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 838] <... mount resumed>) = 0 [pid 838] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 838] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 835] <... openat resumed>) = 4 [pid 311] <... openat resumed>) = 3 [pid 835] ioctl(4, LOOP_CLR_FD [pid 311] ioctl(3, LOOP_CLR_FD [pid 835] <... ioctl resumed>) = 0 [pid 311] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 835] close(4 [pid 311] close(3 [pid 835] <... close resumed>) = 0 [pid 311] <... close resumed>) = 0 [pid 835] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 311] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 835] <... futex resumed>) = 1 [pid 834] <... futex resumed>) = 0 [pid 835] fspick(AT_FDCWD, "./file0", 0 [pid 834] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 311] <... clone resumed>, child_tidptr=0x55555b716750) = 860 [pid 835] <... fspick resumed>) = 4 [pid 834] <... futex resumed>) = 0 [pid 835] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 834] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 835] <... futex resumed>) = 0 [pid 834] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 835] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 834] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 834] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 860 attached [pid 860] set_robust_list(0x55555b716760, 24) = 0 [pid 860] chdir("./16") = 0 [pid 860] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 860] setpgid(0, 0) = 0 [pid 860] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 860] write(3, "1000", 4) = 4 [pid 860] close(3) = 0 [pid 860] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 860] write(1, "executing program\n", 18) = 18 [pid 860] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 860] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 860] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 860] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 838] <... openat resumed>) = 4 [pid 860] <... mmap resumed>) = 0x7f537f3ec000 [pid 860] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 860] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 860] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} [pid 838] ioctl(4, LOOP_CLR_FD [pid 860] <... clone3 resumed> => {parent_tid=[862]}, 88) = 862 [pid 860] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 860] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 860] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 838] <... ioctl resumed>) = 0 [pid 838] close(4) = 0 [pid 838] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 837] <... futex resumed>) = 0 [pid 838] fspick(AT_FDCWD, "./file0", 0 [pid 837] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 838] <... fspick resumed>) = 4 [pid 837] <... futex resumed>) = 0 [pid 838] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 837] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 838] <... futex resumed>) = 0 [pid 837] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 837] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 838] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 837] <... futex resumed>) = 0 [pid 837] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 862 attached [pid 838] <... fsconfig resumed>) = 0 [pid 838] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 838] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 862] set_robust_list(0x7f537f40c9a0, 24 [pid 837] <... futex resumed>) = 0 [pid 862] <... set_robust_list resumed>) = 0 [pid 837] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 862] rt_sigprocmask(SIG_SETMASK, [], [pid 837] <... futex resumed>) = 1 [pid 862] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 837] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 862] memfd_create("syzkaller", 0 [pid 838] <... futex resumed>) = 0 [pid 835] <... fsconfig resumed>) = 0 [pid 862] <... memfd_create resumed>) = 3 [pid 838] openat(AT_FDCWD, "./file0", O_RDONLY [pid 835] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 862] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 838] <... openat resumed>) = 5 [pid 835] <... futex resumed>) = 1 [pid 834] <... futex resumed>) = 0 [pid 838] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 835] openat(AT_FDCWD, "./file0", O_RDONLY [pid 834] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 838] <... futex resumed>) = 1 [pid 837] <... futex resumed>) = 0 [pid 835] <... openat resumed>) = 5 [pid 834] <... futex resumed>) = 0 [pid 837] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 838] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 837] <... futex resumed>) = 0 [pid 835] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 834] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 837] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 835] <... futex resumed>) = 0 [pid 834] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 838] <... ioctl resumed>) = 0 [pid 835] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 834] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 838] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 834] <... futex resumed>) = 0 [pid 838] <... futex resumed>) = 1 [pid 837] <... futex resumed>) = 0 [pid 835] <... ioctl resumed>) = 0 [pid 834] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 838] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 837] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 835] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 837] <... futex resumed>) = 0 [pid 838] <... prlimit64 resumed>NULL) = 0 [pid 837] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 835] <... futex resumed>) = 1 [pid 834] <... futex resumed>) = 0 [ 54.570953][ T838] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [pid 838] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 835] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 834] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 838] <... futex resumed>) = 1 [pid 837] <... futex resumed>) = 0 [pid 835] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 834] <... futex resumed>) = 0 [pid 838] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 837] exit_group(0 [pid 835] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 834] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 838] <... futex resumed>) = ? [pid 837] <... exit_group resumed>) = ? [pid 835] <... prlimit64 resumed>NULL) = 0 [pid 838] +++ exited with 0 +++ [pid 835] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 834] <... futex resumed>) = 0 [pid 837] +++ exited with 0 +++ [pid 835] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 834] exit_group(0 [pid 835] <... futex resumed>) = ? [pid 834] <... exit_group resumed>) = ? [pid 310] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=837, si_uid=0, si_status=0, si_utime=10, si_stime=19} --- [pid 835] +++ exited with 0 +++ [pid 834] +++ exited with 0 +++ [pid 310] restart_syscall(<... resuming interrupted clone ...> [pid 308] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=834, si_uid=0, si_status=0, si_utime=4, si_stime=21} --- [pid 308] restart_syscall(<... resuming interrupted clone ...> [pid 307] <... umount2 resumed>) = 0 [pid 307] umount2("./14/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] newfstatat(AT_FDCWD, "./14/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 307] umount2("./14/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 307] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 307] getdents64(4, [pid 310] <... restart_syscall resumed>) = 0 [pid 308] <... restart_syscall resumed>) = 0 [pid 310] umount2("./15", MNT_FORCE|UMOUNT_NOFOLLOW [pid 308] umount2("./14", MNT_FORCE|UMOUNT_NOFOLLOW [pid 310] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 308] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 310] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 308] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 310] <... openat resumed>) = 3 [pid 308] <... openat resumed>) = 3 [pid 310] newfstatat(3, "", [pid 308] newfstatat(3, "", [pid 310] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 308] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 310] getdents64(3, [pid 308] getdents64(3, [pid 310] <... getdents64 resumed>0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 308] <... getdents64 resumed>0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 310] umount2("./15/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 308] umount2("./14/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 310] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 308] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 310] newfstatat(AT_FDCWD, "./15/binderfs", [pid 308] newfstatat(AT_FDCWD, "./14/binderfs", [pid 310] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 308] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 310] unlink("./15/binderfs" [pid 308] unlink("./14/binderfs" [pid 310] <... unlink resumed>) = 0 [pid 308] <... unlink resumed>) = 0 [pid 310] umount2("./15/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 308] umount2("./14/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 307] <... getdents64 resumed>0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 307] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 307] close(4) = 0 [pid 307] rmdir("./14/file0") = 0 [pid 307] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 307] close(3) = 0 [pid 307] rmdir("./14") = 0 [pid 307] mkdir("./15", 0777) = 0 [pid 307] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 309] <... umount2 resumed>) = 0 [pid 309] umount2("./13/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] newfstatat(AT_FDCWD, "./13/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 309] umount2("./13/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 309] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 309] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 309] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 309] close(4) = 0 [pid 309] rmdir("./13/file0") = 0 [pid 309] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 309] close(3) = 0 [pid 309] rmdir("./13") = 0 [pid 309] mkdir("./14", 0777) = 0 [pid 309] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 862] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 308] <... umount2 resumed>) = 0 [pid 308] umount2("./14/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] newfstatat(AT_FDCWD, "./14/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 308] umount2("./14/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 308] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 308] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 308] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 308] close(4) = 0 [pid 308] rmdir("./14/file0") = 0 [pid 308] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 308] close(3) = 0 [pid 308] rmdir("./14") = 0 [pid 308] mkdir("./15", 0777) = 0 [pid 308] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 309] <... openat resumed>) = 3 [pid 307] <... openat resumed>) = 3 [pid 309] ioctl(3, LOOP_CLR_FD [pid 307] ioctl(3, LOOP_CLR_FD [pid 309] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 307] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 309] close(3 [pid 307] close(3 [pid 309] <... close resumed>) = 0 [pid 307] <... close resumed>) = 0 [pid 309] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 307] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 309] <... clone resumed>, child_tidptr=0x55555b716750) = 866 [pid 307] <... clone resumed>, child_tidptr=0x55555b716750) = 867 [pid 308] <... openat resumed>) = 3 [pid 308] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 308] close(3) = 0 [pid 308] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 868 ./strace-static-x86_64: Process 866 attached [pid 866] set_robust_list(0x55555b716760, 24) = 0 [pid 866] chdir("./14") = 0 [pid 866] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 866] setpgid(0, 0) = 0 [pid 866] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 866] write(3, "1000", 4) = 4 [pid 866] close(3) = 0 [pid 866] symlink("/dev/binderfs", "./binderfs") = 0 [pid 866] write(1, "executing program\n", 18executing program ) = 18 [pid 866] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 866] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 866] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 866] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 866] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 866] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 866] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[869]}, 88) = 869 [pid 866] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 866] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 866] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 868 attached [pid 868] set_robust_list(0x55555b716760, 24) = 0 [pid 868] chdir("./15") = 0 [pid 868] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 868] setpgid(0, 0) = 0 [pid 868] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 867 attached ) = 3 [pid 868] write(3, "1000", 4) = 4 [pid 868] close(3) = 0 [pid 868] symlink("/dev/binderfs", "./binderfs") = 0 [pid 868] write(1, "executing program\n", 18executing program ) = 18 [pid 868] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 868] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 868] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 868] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 868] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 868] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 868] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[870]}, 88) = 870 [pid 868] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 868] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 868] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 870 attached [pid 870] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 870] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 870] memfd_create("syzkaller", 0) = 3 [pid 870] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 867] set_robust_list(0x55555b716760, 24./strace-static-x86_64: Process 869 attached ) = 0 [pid 869] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 867] chdir("./15" [pid 869] rt_sigprocmask(SIG_SETMASK, [], [pid 867] <... chdir resumed>) = 0 [pid 869] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 867] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 869] memfd_create("syzkaller", 0 [pid 867] <... prctl resumed>) = 0 [pid 869] <... memfd_create resumed>) = 3 [pid 867] setpgid(0, 0 [pid 869] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 867] <... setpgid resumed>) = 0 [pid 869] <... mmap resumed>) = 0x7f5376fec000 [pid 867] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 867] write(3, "1000", 4) = 4 [pid 867] close(3) = 0 [pid 867] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 867] write(1, "executing program\n", 18) = 18 [pid 867] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 867] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 867] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 867] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 867] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 867] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 867] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[871]}, 88) = 871 [pid 867] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 867] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 867] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 871 attached [pid 871] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 871] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 871] memfd_create("syzkaller", 0) = 3 [pid 871] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 862] <... write resumed>) = 20699119 [pid 862] munmap(0x7f5376fec000, 138412032) = 0 [pid 862] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 862] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 862] close(3) = 0 [pid 862] close(4) = 0 [pid 862] mkdir("./file0", 0777) = 0 [pid 862] mount("/dev/loop4", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 310] <... umount2 resumed>) = 0 [pid 310] umount2("./15/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] newfstatat(AT_FDCWD, "./15/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 310] umount2("./15/file0", MNT_FORCE|UMOUNT_NOFOLLOW [ 54.865940][ T862] F2FS-fs (loop4): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 870] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 310] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 310] openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 310] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 310] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 310] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 310] close(4) = 0 [pid 310] rmdir("./15/file0") = 0 [pid 310] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 310] close(3) = 0 [pid 310] rmdir("./15") = 0 [pid 310] mkdir("./16", 0777) = 0 [pid 310] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 310] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 310] close(3) = 0 [pid 310] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 875 ./strace-static-x86_64: Process 875 attached [pid 875] set_robust_list(0x55555b716760, 24) = 0 [pid 875] chdir("./16") = 0 [pid 875] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 875] setpgid(0, 0) = 0 [pid 875] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 875] write(3, "1000", 4) = 4 [pid 875] close(3) = 0 [pid 875] symlink("/dev/binderfs", "./binderfs") = 0 [pid 875] write(1, "executing program\n", 18executing program ) = 18 [pid 875] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 875] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 875] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 875] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 875] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 875] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 875] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[876]}, 88) = 876 [pid 875] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 875] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 875] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 876 attached [pid 876] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 876] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 876] memfd_create("syzkaller", 0) = 3 [pid 876] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [ 54.920366][ T862] F2FS-fs (loop4): Found nat_bits in checkpoint [pid 870] <... write resumed>) = 20699119 [pid 870] munmap(0x7f5376fec000, 138412032) = 0 [pid 870] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 870] ioctl(4, LOOP_SET_FD, 3 [pid 871] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 870] <... ioctl resumed>) = 0 [pid 870] close(3) = 0 [pid 870] close(4) = 0 [pid 870] mkdir("./file0", 0777) = 0 [pid 870] mount("/dev/loop1", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [ 55.027866][ T870] F2FS-fs (loop1): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 55.048104][ T862] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0 [ 55.059312][ T862] F2FS-fs (loop4): Cannot turn on quotas: -2 on 1 [ 55.065738][ T862] F2FS-fs (loop4): Cannot turn on quotas: -2 on 2 [pid 869] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 862] <... mount resumed>) = 0 [pid 862] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 862] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 862] ioctl(4, LOOP_CLR_FD) = 0 [pid 862] close(4) = 0 [pid 862] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 860] <... futex resumed>) = 0 [pid 860] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 860] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 862] <... futex resumed>) = 1 [pid 862] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 862] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 860] <... futex resumed>) = 0 [pid 860] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 860] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 862] <... futex resumed>) = 1 [ 55.072729][ T870] F2FS-fs (loop1): Found nat_bits in checkpoint [ 55.089317][ T862] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [pid 862] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 869] <... write resumed>) = 20699119 [pid 862] <... fsconfig resumed>) = 0 [pid 862] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 860] <... futex resumed>) = 0 [pid 860] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 860] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 862] <... futex resumed>) = 1 [pid 862] openat(AT_FDCWD, "./file0", O_RDONLY) = 5 [pid 862] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 860] <... futex resumed>) = 0 [pid 860] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 860] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 862] <... futex resumed>) = 1 [pid 862] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140) = 0 [pid 862] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 860] <... futex resumed>) = 0 [pid 860] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 860] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 862] <... futex resumed>) = 1 [pid 862] prlimit64(0, RLIMIT_RTPRIO, NULL, NULL) = 0 [pid 862] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 860] <... futex resumed>) = 0 [pid 860] exit_group(0) = ? [pid 862] <... futex resumed>) = ? [pid 862] +++ exited with 0 +++ [pid 860] +++ exited with 0 +++ [pid 311] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=860, si_uid=0, si_status=0, si_utime=4, si_stime=15} --- [pid 311] restart_syscall(<... resuming interrupted clone ...> [pid 869] munmap(0x7f5376fec000, 138412032 [pid 311] <... restart_syscall resumed>) = 0 [pid 311] umount2("./16", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 311] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 311] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 311] umount2("./16/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] newfstatat(AT_FDCWD, "./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 311] unlink("./16/binderfs") = 0 [pid 311] umount2("./16/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 869] <... munmap resumed>) = 0 [pid 869] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 869] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 869] close(3) = 0 [pid 869] close(4) = 0 [pid 869] mkdir("./file0", 0777) = 0 [pid 869] mount("/dev/loop2", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [ 55.163974][ T869] F2FS-fs (loop2): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 876] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 871] <... write resumed>) = 20699119 [pid 871] munmap(0x7f5376fec000, 138412032) = 0 [pid 871] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 871] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 871] close(3) = 0 [pid 871] close(4) = 0 [pid 871] mkdir("./file0", 0777) = 0 [ 55.210093][ T869] F2FS-fs (loop2): Found nat_bits in checkpoint [ 55.225384][ T870] F2FS-fs (loop1): Cannot turn on quotas: -2 on 0 [ 55.233014][ T870] F2FS-fs (loop1): Cannot turn on quotas: -2 on 1 [ 55.247858][ T871] F2FS-fs (loop0): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 871] mount("/dev/loop0", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 870] <... mount resumed>) = 0 [pid 870] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 870] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 870] ioctl(4, LOOP_CLR_FD) = 0 [ 55.273138][ T870] F2FS-fs (loop1): Cannot turn on quotas: -2 on 2 [ 55.282540][ T871] F2FS-fs (loop0): Found nat_bits in checkpoint [ 55.301402][ T870] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [pid 870] close(4) = 0 [pid 870] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 868] <... futex resumed>) = 0 [pid 868] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 868] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 870] <... futex resumed>) = 1 [pid 870] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 870] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 868] <... futex resumed>) = 0 [pid 868] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 868] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 870] <... futex resumed>) = 1 [pid 870] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = 0 [pid 870] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 868] <... futex resumed>) = 0 [pid 868] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 868] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 870] <... futex resumed>) = 1 [pid 870] openat(AT_FDCWD, "./file0", O_RDONLY) = 5 [pid 870] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 868] <... futex resumed>) = 0 [pid 868] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 868] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 870] <... futex resumed>) = 1 [pid 870] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140) = 0 [pid 870] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 868] <... futex resumed>) = 0 [pid 868] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 868] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 870] <... futex resumed>) = 1 [pid 870] prlimit64(0, RLIMIT_RTPRIO, NULL, NULL) = 0 [pid 869] <... mount resumed>) = 0 [pid 870] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 868] <... futex resumed>) = 0 [pid 868] exit_group(0) = ? [pid 870] <... futex resumed>) = ? [pid 870] +++ exited with 0 +++ [pid 868] +++ exited with 0 +++ [pid 308] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=868, si_uid=0, si_status=0, si_utime=6, si_stime=18} --- [pid 308] restart_syscall(<... resuming interrupted clone ...> [pid 869] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 869] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 869] ioctl(4, LOOP_CLR_FD) = 0 [pid 869] close(4) = 0 [pid 308] <... restart_syscall resumed>) = 0 [pid 869] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 866] <... futex resumed>) = 0 [pid 869] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 866] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 308] umount2("./15", MNT_FORCE|UMOUNT_NOFOLLOW [pid 869] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 866] <... futex resumed>) = 0 [pid 308] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 869] fspick(AT_FDCWD, "./file0", 0 [pid 866] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 308] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 869] <... fspick resumed>) = 4 [pid 308] <... openat resumed>) = 3 [pid 869] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 308] newfstatat(3, "", [pid 869] <... futex resumed>) = 1 [pid 866] <... futex resumed>) = 0 [pid 308] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 869] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 866] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 308] getdents64(3, [pid 869] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 866] <... futex resumed>) = 0 [pid 308] <... getdents64 resumed>0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 869] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 866] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 308] umount2("./15/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] newfstatat(AT_FDCWD, "./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 308] unlink("./15/binderfs") = 0 [pid 308] umount2("./15/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 311] <... umount2 resumed>) = 0 [pid 311] umount2("./16/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 869] <... fsconfig resumed>) = 0 [pid 311] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 869] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 311] newfstatat(AT_FDCWD, "./16/file0", [pid 869] <... futex resumed>) = 1 [pid 866] <... futex resumed>) = 0 [pid 311] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 869] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 866] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 869] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 866] <... futex resumed>) = 0 [pid 311] umount2("./16/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 869] openat(AT_FDCWD, "./file0", O_RDONLY [pid 866] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 869] <... openat resumed>) = 5 [pid 311] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 869] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 311] openat(AT_FDCWD, "./16/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 869] <... futex resumed>) = 1 [pid 866] <... futex resumed>) = 0 [pid 311] <... openat resumed>) = 4 [pid 869] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 866] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 311] newfstatat(4, "", [pid 866] <... futex resumed>) = 0 [pid 311] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 869] <... ioctl resumed>) = 0 [pid 866] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 311] getdents64(4, [pid 869] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 866] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 869] <... futex resumed>) = 0 [pid 866] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 311] <... getdents64 resumed>0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 869] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 866] <... futex resumed>) = 0 [pid 311] getdents64(4, [pid 869] <... prlimit64 resumed>NULL) = 0 [pid 866] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 311] <... getdents64 resumed>0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 869] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 866] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 311] close(4 [pid 869] <... futex resumed>) = 0 [pid 866] exit_group(0 [pid 311] <... close resumed>) = 0 [pid 866] <... exit_group resumed>) = ? [pid 311] rmdir("./16/file0" [pid 869] +++ exited with 0 +++ [pid 866] +++ exited with 0 +++ [pid 309] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=866, si_uid=0, si_status=0, si_utime=6, si_stime=12} --- [pid 311] <... rmdir resumed>) = 0 [pid 309] restart_syscall(<... resuming interrupted clone ...> [pid 311] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 311] close(3) = 0 [pid 311] rmdir("./16" [pid 876] <... write resumed>) = 20699119 [pid 311] <... rmdir resumed>) = 0 [pid 311] mkdir("./17", 0777) = 0 [pid 311] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 876] munmap(0x7f5376fec000, 138412032) = 0 [pid 876] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 309] <... restart_syscall resumed>) = 0 [pid 309] umount2("./14", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 309] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 309] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 309] umount2("./14/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] newfstatat(AT_FDCWD, "./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 309] unlink("./14/binderfs") = 0 [ 55.333195][ T869] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0 [ 55.341166][ T869] F2FS-fs (loop2): Cannot turn on quotas: -2 on 1 [ 55.348298][ T869] F2FS-fs (loop2): Cannot turn on quotas: -2 on 2 [ 55.356051][ T869] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [pid 309] umount2("./14/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 876] <... openat resumed>) = 4 [pid 876] ioctl(4, LOOP_SET_FD, 3 [pid 311] <... openat resumed>) = 3 [pid 311] ioctl(3, LOOP_CLR_FD [pid 876] <... ioctl resumed>) = 0 [pid 876] close(3) = 0 [pid 876] close(4 [pid 871] <... mount resumed>) = 0 [pid 871] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 871] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 311] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 311] close(3 [pid 308] <... umount2 resumed>) = 0 [pid 308] umount2("./15/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] newfstatat(AT_FDCWD, "./15/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 308] umount2("./15/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 308] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 308] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 308] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 308] close(4) = 0 [pid 308] rmdir("./15/file0") = 0 [pid 308] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 308] close(3) = 0 [pid 308] rmdir("./15") = 0 [pid 308] mkdir("./16", 0777) = 0 [ 55.404345][ T871] F2FS-fs (loop0): Cannot turn on quotas: -2 on 0 [ 55.412032][ T871] F2FS-fs (loop0): Cannot turn on quotas: -2 on 1 [ 55.419725][ T871] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2 [ 55.427813][ T871] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [pid 308] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 876] <... close resumed>) = 0 [pid 871] <... openat resumed>) = 4 [pid 876] mkdir("./file0", 0777 [pid 871] ioctl(4, LOOP_CLR_FD [pid 876] <... mkdir resumed>) = 0 [pid 871] <... ioctl resumed>) = 0 [pid 876] mount("/dev/loop3", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 871] close(4) = 0 [pid 871] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 867] <... futex resumed>) = 0 [pid 871] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 867] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 871] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 867] <... futex resumed>) = 0 [pid 871] fspick(AT_FDCWD, "./file0", 0 [pid 867] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 871] <... fspick resumed>) = 4 [pid 871] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 311] <... close resumed>) = 0 [pid 871] <... futex resumed>) = 1 [pid 867] <... futex resumed>) = 0 [pid 871] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 867] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 871] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 867] <... futex resumed>) = 0 [pid 871] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 867] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 311] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 897 [pid 308] <... openat resumed>) = 3 [pid 308] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 308] close(3) = 0 [pid 308] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 897 attached [pid 897] set_robust_list(0x55555b716760, 24) = 0 [pid 897] chdir("./17") = 0 [pid 897] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 897] setpgid(0, 0) = 0 [pid 897] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 897] write(3, "1000", 4) = 4 [pid 897] close(3) = 0 [pid 897] symlink("/dev/binderfs", "./binderfs") = 0 [pid 897] write(1, "executing program\n", 18executing program ) = 18 [pid 897] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 897] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 897] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 897] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 897] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 897] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 897] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} [pid 308] <... clone resumed>, child_tidptr=0x55555b716750) = 899 [pid 897] <... clone3 resumed> => {parent_tid=[900]}, 88) = 900 [pid 897] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 897] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 897] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 899 attached [pid 899] set_robust_list(0x55555b716760, 24) = 0 [pid 899] chdir("./16") = 0 [pid 899] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 899] setpgid(0, 0) = 0 [pid 899] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 899] write(3, "1000", 4) = 4 [pid 899] close(3) = 0 [pid 899] symlink("/dev/binderfs", "./binderfs") = 0 [pid 899] write(1, "executing program\n", 18executing program ./strace-static-x86_64: Process 900 attached [pid 871] <... fsconfig resumed>) = 0 [pid 871] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 900] set_robust_list(0x7f537f40c9a0, 24 [pid 871] <... futex resumed>) = 1 [pid 867] <... futex resumed>) = 0 [pid 871] openat(AT_FDCWD, "./file0", O_RDONLY [pid 867] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 871] <... openat resumed>) = 5 [pid 867] <... futex resumed>) = 0 [pid 871] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 867] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 871] <... futex resumed>) = 0 [pid 867] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 871] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 867] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 900] <... set_robust_list resumed>) = 0 [pid 867] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 899] <... write resumed>) = 18 [pid 899] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 899] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 899] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 899] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 871] <... ioctl resumed>) = 0 [pid 900] rt_sigprocmask(SIG_SETMASK, [], [pid 871] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 900] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 871] <... futex resumed>) = 1 [pid 867] <... futex resumed>) = 0 [pid 871] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 867] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 900] memfd_create("syzkaller", 0 [pid 871] <... prlimit64 resumed>NULL) = 0 [pid 867] <... futex resumed>) = 0 [pid 871] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 867] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 871] <... futex resumed>) = 0 [pid 867] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 871] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 867] exit_group(0 [pid 871] <... futex resumed>) = ? [pid 867] <... exit_group resumed>) = ? [pid 871] +++ exited with 0 +++ [pid 900] <... memfd_create resumed>) = 3 [pid 900] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 867] +++ exited with 0 +++ [pid 307] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=867, si_uid=0, si_status=0, si_utime=6, si_stime=17} --- [pid 307] restart_syscall(<... resuming interrupted clone ...> [pid 899] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 899] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 899] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[902]}, 88) = 902 [pid 899] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 899] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 899] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 307] <... restart_syscall resumed>) = 0 [pid 307] umount2("./15", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 307] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 307] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 307] umount2("./15/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] newfstatat(AT_FDCWD, "./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 307] unlink("./15/binderfs"./strace-static-x86_64: Process 902 attached ) = 0 [pid 307] umount2("./15/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 902] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 902] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 902] memfd_create("syzkaller", 0) = 3 [pid 902] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [ 55.481886][ T876] F2FS-fs (loop3): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 55.517441][ T876] F2FS-fs (loop3): Found nat_bits in checkpoint [pid 309] <... umount2 resumed>) = 0 [pid 309] umount2("./14/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] newfstatat(AT_FDCWD, "./14/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 309] umount2("./14/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 309] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 309] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 309] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 309] close(4) = 0 [pid 309] rmdir("./14/file0") = 0 [pid 309] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 309] close(3) = 0 [pid 309] rmdir("./14") = 0 [pid 309] mkdir("./15", 0777) = 0 [pid 309] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 309] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 309] close(3) = 0 [pid 309] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 903 [pid 902] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119./strace-static-x86_64: Process 903 attached [pid 903] set_robust_list(0x55555b716760, 24) = 0 [pid 903] chdir("./15") = 0 [pid 903] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 903] setpgid(0, 0) = 0 [pid 903] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 903] write(3, "1000", 4) = 4 [pid 903] close(3) = 0 [pid 903] symlink("/dev/binderfs", "./binderfs") = 0 [pid 903] write(1, "executing program\n", 18executing program ) = 18 [pid 903] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 903] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 903] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 903] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 903] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 903] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 903] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[904]}, 88) = 904 [pid 903] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 903] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 903] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 904 attached [pid 904] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 904] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 904] memfd_create("syzkaller", 0) = 3 [pid 904] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 876] <... mount resumed>) = 0 [pid 876] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 876] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 876] ioctl(4, LOOP_CLR_FD) = 0 [pid 876] close(4) = 0 [pid 876] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 875] <... futex resumed>) = 0 [pid 876] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 875] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 876] <... futex resumed>) = 0 [pid 875] <... futex resumed>) = 1 [pid 876] fspick(AT_FDCWD, "./file0", 0 [pid 875] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 876] <... fspick resumed>) = 4 [pid 876] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 875] <... futex resumed>) = 0 [pid 875] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 876] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 875] <... futex resumed>) = 0 [ 55.672007][ T876] F2FS-fs (loop3): Cannot turn on quotas: -2 on 0 [ 55.679065][ T876] F2FS-fs (loop3): Cannot turn on quotas: -2 on 1 [ 55.699348][ T876] F2FS-fs (loop3): Cannot turn on quotas: -2 on 2 [ 55.709607][ T876] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [pid 875] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 876] <... fsconfig resumed>) = 0 [pid 876] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 876] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 875] <... futex resumed>) = 0 [pid 875] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 876] <... futex resumed>) = 0 [pid 875] <... futex resumed>) = 1 [pid 876] openat(AT_FDCWD, "./file0", O_RDONLY) = 5 [pid 875] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 876] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 875] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 876] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 875] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 876] <... futex resumed>) = 0 [pid 875] <... futex resumed>) = 1 [pid 876] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 875] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 876] <... ioctl resumed>) = 0 [pid 876] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 875] <... futex resumed>) = 0 [pid 875] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 876] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 875] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 876] <... prlimit64 resumed>NULL) = 0 [pid 876] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 875] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 876] <... futex resumed>) = 0 [pid 876] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 875] exit_group(0) = ? [pid 876] <... futex resumed>) = ? [pid 876] +++ exited with 0 +++ [pid 875] +++ exited with 0 +++ [pid 310] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=875, si_uid=0, si_status=0, si_utime=5, si_stime=22} --- [pid 310] restart_syscall(<... resuming interrupted clone ...> [pid 307] <... umount2 resumed>) = 0 [pid 307] umount2("./15/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] newfstatat(AT_FDCWD, "./15/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 307] umount2("./15/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 307] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 307] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 307] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 307] close(4) = 0 [pid 307] rmdir("./15/file0") = 0 [pid 307] getdents64(3, [pid 310] <... restart_syscall resumed>) = 0 [pid 900] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 310] umount2("./16", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 310] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 310] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 310] umount2("./16/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] newfstatat(AT_FDCWD, "./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 310] unlink("./16/binderfs") = 0 [pid 310] umount2("./16/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 307] <... getdents64 resumed>0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 307] close(3) = 0 [pid 307] rmdir("./15") = 0 [pid 307] mkdir("./16", 0777) = 0 [pid 307] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 902] <... write resumed>) = 20699119 [pid 902] munmap(0x7f5376fec000, 138412032) = 0 [pid 902] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 307] <... openat resumed>) = 3 [pid 902] ioctl(4, LOOP_SET_FD, 3 [pid 307] ioctl(3, LOOP_CLR_FD [pid 902] <... ioctl resumed>) = 0 [pid 307] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 902] close(3) = 0 [pid 307] close(3 [pid 902] close(4) = 0 [pid 307] <... close resumed>) = 0 [pid 902] mkdir("./file0", 0777 [pid 307] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 902] <... mkdir resumed>) = 0 [pid 902] mount("/dev/loop1", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 307] <... clone resumed>, child_tidptr=0x55555b716750) = 908 ./strace-static-x86_64: Process 908 attached [pid 908] set_robust_list(0x55555b716760, 24) = 0 [pid 908] chdir("./16") = 0 [pid 908] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 908] setpgid(0, 0) = 0 [pid 908] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 908] write(3, "1000", 4) = 4 [pid 908] close(3) = 0 [pid 908] symlink("/dev/binderfs", "./binderfs") = 0 [pid 908] write(1, "executing program\n", 18executing program ) = 18 [pid 908] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 908] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 908] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 908] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 908] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 908] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 908] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[910]}, 88) = 910 [pid 908] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 908] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 908] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 904] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119./strace-static-x86_64: Process 910 attached [pid 910] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 910] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 910] memfd_create("syzkaller", 0) = 3 [pid 910] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [ 55.829956][ T902] F2FS-fs (loop1): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 900] <... write resumed>) = 20699119 [pid 900] munmap(0x7f5376fec000, 138412032) = 0 [pid 900] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 900] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 900] close(3) = 0 [pid 900] close(4) = 0 [pid 900] mkdir("./file0", 0777) = 0 [ 55.871888][ T902] F2FS-fs (loop1): Found nat_bits in checkpoint [ 55.907566][ T900] F2FS-fs (loop4): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 55.929017][ T902] F2FS-fs (loop1): Cannot turn on quotas: -2 on 0 [ 55.936019][ T902] F2FS-fs (loop1): Cannot turn on quotas: -2 on 1 [ 55.943371][ T902] F2FS-fs (loop1): Cannot turn on quotas: -2 on 2 [ 55.950622][ T900] F2FS-fs (loop4): Found nat_bits in checkpoint [pid 900] mount("/dev/loop4", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 902] <... mount resumed>) = 0 [pid 310] <... umount2 resumed>) = 0 [pid 310] umount2("./16/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] newfstatat(AT_FDCWD, "./16/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 310] umount2("./16/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] openat(AT_FDCWD, "./16/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 310] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 310] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 310] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 310] close(4) = 0 [pid 310] rmdir("./16/file0") = 0 [pid 310] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 310] close(3) = 0 [pid 902] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 310] rmdir("./16") = 0 [pid 902] <... openat resumed>) = 3 [pid 310] mkdir("./17", 0777 [pid 904] <... write resumed>) = 20699119 [pid 904] munmap(0x7f5376fec000, 138412032) = 0 [pid 904] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 904] ioctl(4, LOOP_SET_FD, 3 [pid 310] <... mkdir resumed>) = 0 [pid 902] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 310] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 904] <... ioctl resumed>) = 0 [pid 902] <... openat resumed>) = 4 [pid 310] <... openat resumed>) = 3 [pid 902] ioctl(4, LOOP_CLR_FD [pid 310] ioctl(3, LOOP_CLR_FD [pid 902] <... ioctl resumed>) = 0 [pid 310] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 902] close(4 [pid 310] close(3 [pid 902] <... close resumed>) = 0 [pid 310] <... close resumed>) = 0 [pid 902] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 310] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 902] <... futex resumed>) = 1 [pid 899] <... futex resumed>) = 0 [pid 902] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 899] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 310] <... clone resumed>, child_tidptr=0x55555b716750) = 916 [pid 902] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 899] <... futex resumed>) = 0 [pid 902] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 899] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 902] <... futex resumed>) = 0 [pid 902] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 899] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 902] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 899] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 902] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 899] <... futex resumed>) = 0 [pid 899] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 904] close(3) = 0 [pid 904] close(4) = 0 [pid 904] mkdir("./file0", 0777) = 0 [ 55.989560][ T902] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [pid 904] mount("/dev/loop2", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 902] <... fsconfig resumed>) = 0 [pid 902] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 899] <... futex resumed>) = 0 [pid 899] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 899] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 902] openat(AT_FDCWD, "./file0", O_RDONLY) = 5 [pid 902] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 899] <... futex resumed>) = 0 [pid 902] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 899] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 902] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 899] <... futex resumed>) = 0 [pid 902] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 899] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 902] <... ioctl resumed>) = 0 [pid 902] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 916 attached [pid 916] set_robust_list(0x55555b716760, 24) = 0 [pid 916] chdir("./17" [pid 902] <... futex resumed>) = 1 [pid 902] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 899] <... futex resumed>) = 0 [pid 899] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 902] <... futex resumed>) = 0 [pid 902] prlimit64(0, RLIMIT_RTPRIO, NULL, NULL) = 0 [pid 902] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 899] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 902] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 899] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 899] exit_group(0) = ? [pid 902] <... futex resumed>) = ? [pid 902] +++ exited with 0 +++ [pid 899] +++ exited with 0 +++ [pid 308] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=899, si_uid=0, si_status=0, si_utime=7, si_stime=18} --- [pid 308] restart_syscall(<... resuming interrupted clone ...> [pid 916] <... chdir resumed>) = 0 [pid 916] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 916] setpgid(0, 0) = 0 [pid 916] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 916] write(3, "1000", 4) = 4 [pid 916] close(3) = 0 [pid 916] symlink("/dev/binderfs", "./binderfs") = 0 [pid 916] write(1, "executing program\n", 18executing program ) = 18 [pid 916] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 916] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 916] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 916] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 916] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 308] <... restart_syscall resumed>) = 0 [pid 308] umount2("./16", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 308] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 308] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 308] umount2("./16/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] newfstatat(AT_FDCWD, "./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 308] unlink("./16/binderfs") = 0 [pid 308] umount2("./16/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 910] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 916] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 916] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[921]}, 88) = 921 [pid 916] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 916] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 916] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 921 attached [pid 921] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 921] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 921] memfd_create("syzkaller", 0) = 3 [pid 921] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [ 56.034872][ T904] F2FS-fs (loop2): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 56.048930][ T900] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0 [ 56.064094][ T900] F2FS-fs (loop4): Cannot turn on quotas: -2 on 1 [ 56.079996][ T904] F2FS-fs (loop2): Found nat_bits in checkpoint [ 56.089758][ T900] F2FS-fs (loop4): Cannot turn on quotas: -2 on 2 [ 56.118186][ T900] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [pid 900] <... mount resumed>) = 0 [pid 900] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 900] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 900] ioctl(4, LOOP_CLR_FD) = 0 [pid 900] close(4) = 0 [pid 900] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 900] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 897] <... futex resumed>) = 0 [pid 897] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 897] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 900] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 900] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 900] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 897] <... futex resumed>) = 0 [pid 897] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 897] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 56.142618][ T904] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0 [pid 900] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 910] <... write resumed>) = 20699119 [pid 900] <... fsconfig resumed>) = 0 [pid 900] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 897] <... futex resumed>) = 0 [pid 910] munmap(0x7f5376fec000, 138412032 [pid 897] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 897] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 900] openat(AT_FDCWD, "./file0", O_RDONLY) = 5 [pid 900] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 897] <... futex resumed>) = 0 [pid 897] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 897] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 900] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140) = 0 [pid 900] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 897] <... futex resumed>) = 0 [pid 897] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 897] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 900] prlimit64(0, RLIMIT_RTPRIO, NULL, NULL) = 0 [pid 900] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 897] <... futex resumed>) = 0 [pid 900] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 897] exit_group(0) = ? [pid 900] <... futex resumed>) = ? [pid 910] <... munmap resumed>) = 0 [pid 900] +++ exited with 0 +++ [pid 897] +++ exited with 0 +++ [pid 311] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=897, si_uid=0, si_status=0, si_utime=5, si_stime=16} --- [pid 311] restart_syscall(<... resuming interrupted clone ...> [pid 910] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 311] <... restart_syscall resumed>) = 0 [pid 910] ioctl(4, LOOP_SET_FD, 3 [pid 311] umount2("./17", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 311] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 311] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 311] umount2("./17/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] newfstatat(AT_FDCWD, "./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 311] unlink("./17/binderfs") = 0 [pid 311] umount2("./17/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 910] <... ioctl resumed>) = 0 [pid 910] close(3) = 0 [pid 910] close(4) = 0 [pid 910] mkdir("./file0", 0777) = 0 [ 56.184003][ T904] F2FS-fs (loop2): Cannot turn on quotas: -2 on 1 [ 56.214593][ T910] F2FS-fs (loop0): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 910] mount("/dev/loop0", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 921] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 904] <... mount resumed>) = 0 [pid 904] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 904] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 904] ioctl(4, LOOP_CLR_FD) = 0 [ 56.234223][ T904] F2FS-fs (loop2): Cannot turn on quotas: -2 on 2 [ 56.242412][ T910] F2FS-fs (loop0): Found nat_bits in checkpoint [ 56.258908][ T904] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [pid 904] close(4) = 0 [pid 904] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 903] <... futex resumed>) = 0 [pid 903] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 903] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 904] <... futex resumed>) = 1 [pid 904] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 904] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 903] <... futex resumed>) = 0 [pid 903] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 903] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 904] <... futex resumed>) = 1 [pid 904] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 921] <... write resumed>) = 20699119 [pid 904] <... fsconfig resumed>) = 0 [pid 904] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 903] <... futex resumed>) = 0 [pid 903] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 903] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 904] openat(AT_FDCWD, "./file0", O_RDONLY) = 5 [pid 904] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 903] <... futex resumed>) = 0 [pid 903] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 903] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 904] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140) = 0 [pid 904] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 921] munmap(0x7f5376fec000, 138412032 [pid 904] <... futex resumed>) = 1 [pid 903] <... futex resumed>) = 0 [pid 904] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 903] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 904] <... prlimit64 resumed>NULL) = 0 [pid 903] <... futex resumed>) = 0 [pid 904] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 903] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 904] <... futex resumed>) = 0 [pid 903] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 904] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 903] exit_group(0 [pid 904] <... futex resumed>) = ? [pid 903] <... exit_group resumed>) = ? [pid 904] +++ exited with 0 +++ [pid 903] +++ exited with 0 +++ [pid 309] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=903, si_uid=0, si_status=0, si_utime=3, si_stime=18} --- [pid 309] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 309] umount2("./15", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 309] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 309] getdents64(3, [pid 921] <... munmap resumed>) = 0 [pid 921] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 309] <... getdents64 resumed>0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 921] <... openat resumed>) = 4 [pid 309] umount2("./15/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 921] ioctl(4, LOOP_SET_FD, 3 [pid 309] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 309] newfstatat(AT_FDCWD, "./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 309] unlink("./15/binderfs") = 0 [pid 309] umount2("./15/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 921] <... ioctl resumed>) = 0 [pid 921] close(3) = 0 [pid 921] close(4) = 0 [pid 921] mkdir("./file0", 0777) = 0 [pid 921] mount("/dev/loop3", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 311] <... umount2 resumed>) = 0 [pid 311] umount2("./17/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] newfstatat(AT_FDCWD, "./17/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 311] umount2("./17/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] openat(AT_FDCWD, "./17/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 311] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 311] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 311] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 311] close(4) = 0 [pid 311] rmdir("./17/file0" [pid 308] <... umount2 resumed>) = 0 [pid 308] umount2("./16/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] <... rmdir resumed>) = 0 [pid 311] getdents64(3, [pid 308] newfstatat(AT_FDCWD, "./16/file0", [pid 311] <... getdents64 resumed>0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 311] close(3) = 0 [pid 311] rmdir("./17" [pid 308] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 308] umount2("./16/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] <... rmdir resumed>) = 0 [pid 311] mkdir("./18", 0777 [pid 308] openat(AT_FDCWD, "./16/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 308] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 311] <... mkdir resumed>) = 0 [pid 311] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 308] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 308] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 308] close(4) = 0 [pid 308] rmdir("./16/file0") = 0 [pid 308] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 308] close(3) = 0 [pid 308] rmdir("./16") = 0 [pid 308] mkdir("./17", 0777) = 0 [ 56.356003][ T921] F2FS-fs (loop3): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 56.380420][ T921] F2FS-fs (loop3): Found nat_bits in checkpoint [ 56.398494][ T910] F2FS-fs (loop0): Cannot turn on quotas: -2 on 0 [pid 308] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 311] <... openat resumed>) = 3 [pid 308] <... openat resumed>) = 3 [pid 311] ioctl(3, LOOP_CLR_FD [pid 308] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 308] close(3) = 0 [pid 308] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 933 [pid 311] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 311] close(3) = 0 [pid 311] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 934 ./strace-static-x86_64: Process 934 attached [pid 934] set_robust_list(0x55555b716760, 24) = 0 [pid 910] <... mount resumed>) = 0 [pid 934] chdir("./18") = 0 [pid 910] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 934] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 910] <... openat resumed>) = 3 [pid 934] setpgid(0, 0) = 0 [pid 910] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 934] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 910] <... openat resumed>) = 4 [pid 934] <... openat resumed>) = 3 [pid 910] ioctl(4, LOOP_CLR_FD [pid 934] write(3, "1000", 4 [pid 910] <... ioctl resumed>) = 0 [pid 934] <... write resumed>) = 4 [pid 910] close(4 [pid 934] close(3) = 0 [pid 910] <... close resumed>) = 0 [pid 934] symlink("/dev/binderfs", "./binderfs" [pid 910] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 934] <... symlink resumed>) = 0 [pid 910] <... futex resumed>) = 1 [pid 908] <... futex resumed>) = 0 executing program [pid 934] write(1, "executing program\n", 18 [pid 910] fspick(AT_FDCWD, "./file0", 0 [pid 908] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 934] <... write resumed>) = 18 [pid 934] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 908] <... futex resumed>) = 0 [pid 910] <... fspick resumed>) = 4 [pid 934] <... futex resumed>) = 0 [pid 910] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 908] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 934] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, [pid 910] <... futex resumed>) = 0 [pid 908] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 934] <... rt_sigaction resumed>NULL, 8) = 0 [pid 908] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 910] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 934] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 908] <... futex resumed>) = 0 [pid 934] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 908] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 934] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 934] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 934] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 934] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[937]}, 88) = 937 [pid 934] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 934] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 934] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 910] <... fsconfig resumed>) = 0 [pid 910] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 908] <... futex resumed>) = 0 [pid 910] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 908] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 910] openat(AT_FDCWD, "./file0", O_RDONLY [pid 908] <... futex resumed>) = 0 [pid 910] <... openat resumed>) = 5 [pid 908] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 910] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 908] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 910] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 908] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 910] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 908] <... futex resumed>) = 0 [pid 910] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 908] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 910] <... ioctl resumed>) = 0 [pid 910] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 908] <... futex resumed>) = 0 [pid 910] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 908] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 910] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 908] <... futex resumed>) = 0 [pid 910] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 908] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 910] <... prlimit64 resumed>NULL) = 0 [pid 910] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 908] <... futex resumed>) = 0 [pid 910] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 908] exit_group(0 [pid 910] <... futex resumed>) = ? [pid 908] <... exit_group resumed>) = ? [pid 910] +++ exited with 0 +++ [pid 908] +++ exited with 0 +++ [pid 307] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=908, si_uid=0, si_status=0, si_utime=8, si_stime=16} --- [pid 307] restart_syscall(<... resuming interrupted clone ...>./strace-static-x86_64: Process 933 attached [pid 933] set_robust_list(0x55555b716760, 24) = 0 [pid 933] chdir("./17") = 0 [pid 933] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 933] setpgid(0, 0) = 0 [pid 933] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 933] write(3, "1000", 4) = 4 [pid 933] close(3) = 0 [pid 933] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 933] write(1, "executing program\n", 18) = 18 [pid 933] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 933] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 933] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 933] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 933] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 933] rt_sigprocmask(SIG_BLOCK, ~[], [pid 307] <... restart_syscall resumed>) = 0 [pid 307] umount2("./16", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 307] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 307] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 307] umount2("./16/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] newfstatat(AT_FDCWD, "./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 307] unlink("./16/binderfs") = 0 [pid 307] umount2("./16/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 933] <... rt_sigprocmask resumed>[], 8) = 0 [pid 933] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0}./strace-static-x86_64: Process 937 attached [pid 937] set_robust_list(0x7f537f40c9a0, 24 [pid 933] <... clone3 resumed> => {parent_tid=[938]}, 88) = 938 [pid 937] <... set_robust_list resumed>) = 0 [pid 933] rt_sigprocmask(SIG_SETMASK, [], [pid 937] rt_sigprocmask(SIG_SETMASK, [], [pid 933] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 937] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 933] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 937] memfd_create("syzkaller", 0 [pid 933] <... futex resumed>) = 0 [pid 937] <... memfd_create resumed>) = 3 [ 56.406469][ T910] F2FS-fs (loop0): Cannot turn on quotas: -2 on 1 [ 56.414213][ T910] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2 [ 56.425405][ T910] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [pid 933] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 937] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 ./strace-static-x86_64: Process 938 attached [pid 938] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 938] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 938] memfd_create("syzkaller", 0) = 3 [pid 921] <... mount resumed>) = 0 [pid 938] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 921] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 938] <... mmap resumed>) = 0x7f5376fec000 [pid 921] <... openat resumed>) = 3 [pid 921] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 921] ioctl(4, LOOP_CLR_FD) = 0 [pid 921] close(4) = 0 [pid 921] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 916] <... futex resumed>) = 0 [pid 921] fspick(AT_FDCWD, "./file0", 0 [pid 916] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 921] <... fspick resumed>) = 4 [pid 916] <... futex resumed>) = 0 [pid 921] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 916] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 921] <... futex resumed>) = 0 [pid 916] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 921] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 916] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 56.471882][ T921] F2FS-fs (loop3): Cannot turn on quotas: -2 on 0 [ 56.479857][ T921] F2FS-fs (loop3): Cannot turn on quotas: -2 on 1 [ 56.486736][ T921] F2FS-fs (loop3): Cannot turn on quotas: -2 on 2 [ 56.493596][ T921] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [pid 916] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 921] <... fsconfig resumed>) = 0 [pid 921] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 916] <... futex resumed>) = 0 [pid 921] openat(AT_FDCWD, "./file0", O_RDONLY [pid 916] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 921] <... openat resumed>) = 5 [pid 916] <... futex resumed>) = 0 [pid 921] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 916] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 921] <... futex resumed>) = 0 [pid 916] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 921] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 916] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 916] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 921] <... ioctl resumed>) = 0 [pid 921] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 916] <... futex resumed>) = 0 [pid 921] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 916] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 921] <... prlimit64 resumed>NULL) = 0 [pid 916] <... futex resumed>) = 0 [pid 921] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 916] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 921] <... futex resumed>) = 0 [pid 916] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 921] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 916] exit_group(0 [pid 921] <... futex resumed>) = ? [pid 916] <... exit_group resumed>) = ? [pid 921] +++ exited with 0 +++ [pid 916] +++ exited with 0 +++ [pid 310] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=916, si_uid=0, si_status=0, si_utime=6, si_stime=16} --- [pid 310] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 310] umount2("./17", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 310] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 310] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 310] umount2("./17/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] newfstatat(AT_FDCWD, "./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 310] unlink("./17/binderfs") = 0 [pid 310] umount2("./17/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 309] <... umount2 resumed>) = 0 [pid 937] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 309] umount2("./15/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] newfstatat(AT_FDCWD, "./15/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 309] umount2("./15/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 309] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 309] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 309] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 309] close(4) = 0 [pid 309] rmdir("./15/file0") = 0 [pid 309] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 309] close(3) = 0 [pid 309] rmdir("./15") = 0 [pid 309] mkdir("./16", 0777) = 0 [pid 309] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 307] <... umount2 resumed>) = 0 [pid 307] umount2("./16/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] newfstatat(AT_FDCWD, "./16/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 307] umount2("./16/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] openat(AT_FDCWD, "./16/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 307] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 307] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 307] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 307] close(4) = 0 [pid 307] rmdir("./16/file0") = 0 [pid 307] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 307] close(3) = 0 [pid 307] rmdir("./16") = 0 [pid 307] mkdir("./17", 0777) = 0 [pid 307] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 309] <... openat resumed>) = 3 [pid 307] <... openat resumed>) = 3 [pid 307] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 307] close(3 [pid 309] ioctl(3, LOOP_CLR_FD [pid 307] <... close resumed>) = 0 [pid 307] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 309] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 309] close(3 [pid 307] <... clone resumed>, child_tidptr=0x55555b716750) = 941 [pid 309] <... close resumed>) = 0 [pid 309] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program , child_tidptr=0x55555b716750) = 942 ./strace-static-x86_64: Process 941 attached [pid 941] set_robust_list(0x55555b716760, 24) = 0 [pid 941] chdir("./17") = 0 [pid 941] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 941] setpgid(0, 0) = 0 [pid 941] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 941] write(3, "1000", 4) = 4 [pid 941] close(3) = 0 [pid 941] symlink("/dev/binderfs", "./binderfs") = 0 [pid 941] write(1, "executing program\n", 18) = 18 [pid 941] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 941] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 941] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 941] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 941] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 941] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 941] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[943]}, 88) = 943 [pid 941] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 941] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 941] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 942 attached ./strace-static-x86_64: Process 943 attached [pid 943] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 943] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 942] set_robust_list(0x55555b716760, 24 [pid 943] memfd_create("syzkaller", 0) = 3 [pid 942] <... set_robust_list resumed>) = 0 [pid 943] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 942] chdir("./16") = 0 [pid 942] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 942] setpgid(0, 0) = 0 [pid 942] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 942] write(3, "1000", 4executing program ) = 4 [pid 942] close(3) = 0 [pid 942] symlink("/dev/binderfs", "./binderfs") = 0 [pid 942] write(1, "executing program\n", 18) = 18 [pid 942] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 942] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 942] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 942] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 942] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 942] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 942] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[944]}, 88) = 944 [pid 942] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 942] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 942] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 944 attached [pid 944] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 944] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 944] memfd_create("syzkaller", 0) = 3 [pid 944] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 938] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 310] <... umount2 resumed>) = 0 [pid 310] umount2("./17/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] newfstatat(AT_FDCWD, "./17/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 310] umount2("./17/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] openat(AT_FDCWD, "./17/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 310] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 310] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 310] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 310] close(4) = 0 [pid 310] rmdir("./17/file0") = 0 [pid 310] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 310] close(3) = 0 [pid 310] rmdir("./17") = 0 [pid 310] mkdir("./18", 0777) = 0 [pid 310] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 310] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 310] close(3) = 0 [pid 310] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 945 ./strace-static-x86_64: Process 945 attached [pid 945] set_robust_list(0x55555b716760, 24) = 0 [pid 945] chdir("./18") = 0 [pid 945] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 945] setpgid(0, 0) = 0 [pid 945] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 945] write(3, "1000", 4) = 4 [pid 945] close(3 [pid 937] <... write resumed>) = 20699119 [pid 945] <... close resumed>) = 0 [pid 945] symlink("/dev/binderfs", "./binderfs" [pid 937] munmap(0x7f5376fec000, 138412032 [pid 945] <... symlink resumed>) = 0 [pid 945] write(1, "executing program\n", 18executing program ) = 18 [pid 945] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 945] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 945] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 945] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 945] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 945] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 945] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[946]}, 88) = 946 [pid 945] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 945] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 945] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 937] <... munmap resumed>) = 0 [pid 937] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 937] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 946 attached ) = 0 [pid 946] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 946] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 946] memfd_create("syzkaller", 0 [pid 937] close(3 [pid 946] <... memfd_create resumed>) = 3 [pid 946] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 937] <... close resumed>) = 0 [pid 937] close(4) = 0 [pid 937] mkdir("./file0", 0777) = 0 [pid 937] mount("/dev/loop4", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [ 56.785826][ T937] F2FS-fs (loop4): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 56.834038][ T937] F2FS-fs (loop4): Found nat_bits in checkpoint [pid 943] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 937] <... mount resumed>) = 0 [pid 937] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 937] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 937] ioctl(4, LOOP_CLR_FD) = 0 [pid 937] close(4) = 0 [pid 937] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 934] <... futex resumed>) = 0 [pid 937] <... futex resumed>) = 1 [pid 937] fspick(AT_FDCWD, "./file0", 0 [pid 934] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 934] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 937] <... fspick resumed>) = 4 [pid 937] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 934] <... futex resumed>) = 0 [pid 937] <... futex resumed>) = 1 [pid 934] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 937] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 934] <... futex resumed>) = 0 [pid 934] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 938] <... write resumed>) = 20699119 [pid 938] munmap(0x7f5376fec000, 138412032) = 0 [pid 938] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 938] ioctl(4, LOOP_SET_FD, 3 [pid 944] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 937] <... fsconfig resumed>) = 0 [pid 937] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 934] <... futex resumed>) = 0 [pid 934] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 937] openat(AT_FDCWD, "./file0", O_RDONLY [pid 934] <... futex resumed>) = 0 [pid 937] <... openat resumed>) = 5 [pid 934] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 937] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 934] <... futex resumed>) = 0 [pid 934] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 937] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 934] <... futex resumed>) = 0 [pid 934] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 937] <... ioctl resumed>) = 0 [pid 938] <... ioctl resumed>) = 0 [pid 937] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 934] <... futex resumed>) = 0 [pid 937] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 938] close(3 [pid 934] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 938] <... close resumed>) = 0 [pid 938] close(4) = 0 [pid 938] mkdir("./file0", 0777) = 0 [pid 937] <... futex resumed>) = 0 [pid 934] <... futex resumed>) = 1 [pid 937] prlimit64(0, RLIMIT_RTPRIO, NULL, NULL) = 0 [pid 937] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 937] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 938] mount("/dev/loop1", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 934] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 934] exit_group(0 [pid 937] <... futex resumed>) = ? [pid 934] <... exit_group resumed>) = ? [pid 937] +++ exited with 0 +++ [pid 934] +++ exited with 0 +++ [pid 311] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=934, si_uid=0, si_status=0, si_utime=5, si_stime=19} --- [ 56.888836][ T937] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0 [ 56.896073][ T937] F2FS-fs (loop4): Cannot turn on quotas: -2 on 1 [ 56.902812][ T937] F2FS-fs (loop4): Cannot turn on quotas: -2 on 2 [ 56.910123][ T937] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [pid 311] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 311] umount2("./18", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 311] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 311] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 311] umount2("./18/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] newfstatat(AT_FDCWD, "./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 311] unlink("./18/binderfs") = 0 [pid 311] umount2("./18/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 943] <... write resumed>) = 20699119 [ 56.954631][ T938] F2FS-fs (loop1): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 943] munmap(0x7f5376fec000, 138412032) = 0 [pid 943] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 944] <... write resumed>) = 20699119 [pid 943] <... openat resumed>) = 4 [pid 943] ioctl(4, LOOP_SET_FD, 3 [pid 944] munmap(0x7f5376fec000, 138412032) = 0 [pid 944] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 943] <... ioctl resumed>) = 0 [pid 943] close(3 [pid 944] ioctl(4, LOOP_SET_FD, 3 [pid 943] <... close resumed>) = 0 [pid 943] close(4) = 0 [pid 943] mkdir("./file0", 0777) = 0 [pid 943] mount("/dev/loop0", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 944] <... ioctl resumed>) = 0 [pid 944] close(3) = 0 [ 57.001590][ T938] F2FS-fs (loop1): Found nat_bits in checkpoint [pid 944] close(4) = 0 [pid 944] mkdir("./file0", 0777) = 0 [pid 944] mount("/dev/loop2", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 946] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 311] <... umount2 resumed>) = 0 [pid 311] umount2("./18/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 57.049164][ T943] F2FS-fs (loop0): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 57.061615][ T944] F2FS-fs (loop2): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 311] newfstatat(AT_FDCWD, "./18/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 311] umount2("./18/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] openat(AT_FDCWD, "./18/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 311] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 311] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 311] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 311] close(4) = 0 [pid 311] rmdir("./18/file0") = 0 [pid 311] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 311] close(3) = 0 [pid 311] rmdir("./18") = 0 [pid 311] mkdir("./19", 0777) = 0 [pid 311] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 311] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 311] close(3) = 0 [pid 311] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 961 ./strace-static-x86_64: Process 961 attached [pid 961] set_robust_list(0x55555b716760, 24) = 0 [pid 961] chdir("./19") = 0 [pid 961] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 961] setpgid(0, 0) = 0 [pid 961] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 57.094298][ T943] F2FS-fs (loop0): Found nat_bits in checkpoint [ 57.103177][ T944] F2FS-fs (loop2): Found nat_bits in checkpoint [ 57.117674][ T938] F2FS-fs (loop1): Cannot turn on quotas: -2 on 0 [ 57.126395][ T938] F2FS-fs (loop1): Cannot turn on quotas: -2 on 1 [ 57.133197][ T938] F2FS-fs (loop1): Cannot turn on quotas: -2 on 2 executing program [pid 961] write(3, "1000", 4) = 4 [pid 961] close(3) = 0 [pid 961] symlink("/dev/binderfs", "./binderfs") = 0 [pid 961] write(1, "executing program\n", 18) = 18 [pid 961] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 961] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 961] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 961] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 961] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 961] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 961] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[962]}, 88) = 962 [pid 961] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 961] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 961] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 938] <... mount resumed>) = 0 [pid 938] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 ./strace-static-x86_64: Process 962 attached [pid 962] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 962] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 938] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 962] memfd_create("syzkaller", 0 [pid 938] <... openat resumed>) = 4 [pid 962] <... memfd_create resumed>) = 3 [pid 938] ioctl(4, LOOP_CLR_FD [pid 962] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 938] <... ioctl resumed>) = 0 [pid 938] close(4) = 0 [pid 938] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 933] <... futex resumed>) = 0 [pid 933] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 933] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 938] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 938] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 933] <... futex resumed>) = 0 [pid 933] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 933] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 938] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = 0 [pid 938] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 933] <... futex resumed>) = 0 [pid 933] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 933] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 938] openat(AT_FDCWD, "./file0", O_RDONLY) = 5 [pid 938] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 933] <... futex resumed>) = 0 [pid 933] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 57.141484][ T938] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [pid 933] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 938] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140) = 0 [pid 938] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 933] <... futex resumed>) = 0 [pid 933] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 933] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 938] prlimit64(0, RLIMIT_RTPRIO, NULL, NULL) = 0 [pid 938] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 933] <... futex resumed>) = 0 [pid 933] exit_group(0) = ? [pid 938] +++ exited with 0 +++ [pid 933] +++ exited with 0 +++ [pid 308] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=933, si_uid=0, si_status=0, si_utime=6, si_stime=12} --- [pid 308] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 308] umount2("./17", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 308] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 308] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 308] umount2("./17/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] newfstatat(AT_FDCWD, "./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 308] unlink("./17/binderfs") = 0 [pid 308] umount2("./17/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 943] <... mount resumed>) = 0 [pid 943] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 943] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 943] ioctl(4, LOOP_CLR_FD) = 0 [pid 943] close(4) = 0 [pid 943] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 941] <... futex resumed>) = 0 [pid 941] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 941] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 943] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 943] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 941] <... futex resumed>) = 0 [pid 941] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 941] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 57.206469][ T943] F2FS-fs (loop0): Cannot turn on quotas: -2 on 0 [ 57.214082][ T943] F2FS-fs (loop0): Cannot turn on quotas: -2 on 1 [ 57.221056][ T943] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2 [ 57.228295][ T943] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [pid 943] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = 0 [pid 943] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 941] <... futex resumed>) = 0 [pid 941] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 941] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 943] openat(AT_FDCWD, "./file0", O_RDONLY) = 5 [pid 943] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 941] <... futex resumed>) = 0 [pid 941] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 941] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 943] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140) = 0 [pid 943] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 941] <... futex resumed>) = 0 [pid 941] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 941] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 943] prlimit64(0, RLIMIT_RTPRIO, NULL, NULL) = 0 [pid 943] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 941] <... futex resumed>) = 0 [pid 941] exit_group(0) = ? [pid 943] +++ exited with 0 +++ [pid 941] +++ exited with 0 +++ [pid 307] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=941, si_uid=0, si_status=0, si_utime=6, si_stime=14} --- [pid 307] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 307] umount2("./17", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 307] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 307] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 307] umount2("./17/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] newfstatat(AT_FDCWD, "./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 307] unlink("./17/binderfs") = 0 [pid 307] umount2("./17/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 946] <... write resumed>) = 20699119 [ 57.261177][ T944] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0 [pid 946] munmap(0x7f5376fec000, 138412032) = 0 [pid 946] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 944] <... mount resumed>) = 0 [pid 944] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 962] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 946] <... openat resumed>) = 4 [pid 944] <... openat resumed>) = 3 [pid 946] ioctl(4, LOOP_SET_FD, 3 [pid 944] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 946] <... ioctl resumed>) = 0 [pid 944] <... openat resumed>) = 4 [pid 944] ioctl(4, LOOP_CLR_FD [pid 946] close(3) = 0 [pid 946] close(4) = 0 [pid 946] mkdir("./file0", 0777 [pid 944] <... ioctl resumed>) = 0 [pid 946] <... mkdir resumed>) = 0 [pid 944] close(4 [pid 946] mount("/dev/loop3", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 944] <... close resumed>) = 0 [pid 944] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 942] <... futex resumed>) = 0 [pid 944] fspick(AT_FDCWD, "./file0", 0 [pid 942] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 944] <... fspick resumed>) = 4 [pid 942] <... futex resumed>) = 0 [pid 944] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 942] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 944] <... futex resumed>) = 0 [pid 942] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 944] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [ 57.302879][ T944] F2FS-fs (loop2): Cannot turn on quotas: -2 on 1 [ 57.313710][ T944] F2FS-fs (loop2): Cannot turn on quotas: -2 on 2 [ 57.320765][ T944] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [pid 942] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 944] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 942] <... futex resumed>) = 0 [pid 944] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 942] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 944] <... fsconfig resumed>) = 0 [pid 944] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 942] <... futex resumed>) = 0 [pid 942] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 944] openat(AT_FDCWD, "./file0", O_RDONLY [pid 942] <... futex resumed>) = 0 [pid 944] <... openat resumed>) = 5 [pid 942] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 944] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 942] <... futex resumed>) = 0 [pid 944] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 942] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 942] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 944] <... ioctl resumed>) = 0 [pid 944] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 942] <... futex resumed>) = 0 [pid 944] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 942] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 944] <... prlimit64 resumed>NULL) = 0 [pid 942] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 944] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 942] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 944] <... futex resumed>) = 0 [pid 942] exit_group(0 [pid 944] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 942] <... exit_group resumed>) = ? [pid 944] <... futex resumed>) = -1 (errno 18446744073709551414) [pid 944] +++ exited with 0 +++ [pid 942] +++ exited with 0 +++ [pid 309] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=942, si_uid=0, si_status=0, si_utime=4, si_stime=20} --- [pid 309] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 309] umount2("./16", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 309] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 309] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 309] umount2("./16/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] newfstatat(AT_FDCWD, "./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 309] unlink("./16/binderfs") = 0 [pid 309] umount2("./16/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 308] <... umount2 resumed>) = 0 [pid 308] umount2("./17/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] newfstatat(AT_FDCWD, "./17/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 308] umount2("./17/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] openat(AT_FDCWD, "./17/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 308] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 308] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 308] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 308] close(4) = 0 [pid 308] rmdir("./17/file0") = 0 [pid 308] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 308] close(3) = 0 [pid 308] rmdir("./17") = 0 [pid 308] mkdir("./18", 0777) = 0 [ 57.361672][ T946] F2FS-fs (loop3): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 57.398650][ T946] F2FS-fs (loop3): Found nat_bits in checkpoint [pid 308] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 308] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 308] close(3 [pid 946] <... mount resumed>) = 0 [pid 308] <... close resumed>) = 0 [pid 946] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 946] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 946] ioctl(4, LOOP_CLR_FD) = 0 [pid 946] close(4) = 0 [pid 946] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 946] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 945] <... futex resumed>) = 0 [pid 308] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 945] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 308] <... clone resumed>, child_tidptr=0x55555b716750) = 973 [pid 946] <... futex resumed>) = 0 [pid 946] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 946] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 946] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 945] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 945] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 946] <... futex resumed>) = 0 [pid 945] <... futex resumed>) = 1 [pid 946] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 945] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 973 attached [pid 973] set_robust_list(0x55555b716760, 24) = 0 [pid 973] chdir("./18") = 0 [pid 973] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 973] setpgid(0, 0) = 0 [pid 973] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 973] write(3, "1000", 4) = 4 [pid 973] close(3) = 0 [pid 973] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 973] write(1, "executing program\n", 18) = 18 [pid 973] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 973] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 973] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 973] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 973] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 973] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 973] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[975]}, 88) = 975 [pid 973] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 973] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 973] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 975 attached [pid 975] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 975] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 975] memfd_create("syzkaller", 0) = 3 [pid 975] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 307] <... umount2 resumed>) = 0 [pid 946] <... fsconfig resumed>) = 0 [pid 946] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 946] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 945] <... futex resumed>) = 0 [pid 945] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 946] <... futex resumed>) = 0 [pid 945] <... futex resumed>) = 1 [pid 946] openat(AT_FDCWD, "./file0", O_RDONLY) = 5 [pid 946] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 946] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 945] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 945] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 946] <... futex resumed>) = 0 [pid 945] <... futex resumed>) = 1 [pid 946] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 945] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 946] <... ioctl resumed>) = 0 [pid 946] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 946] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 945] <... futex resumed>) = 0 [pid 945] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 946] <... futex resumed>) = 0 [pid 945] <... futex resumed>) = 1 [pid 946] prlimit64(0, RLIMIT_RTPRIO, NULL, NULL) = 0 [pid 946] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 946] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 945] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 945] exit_group(0 [pid 946] <... futex resumed>) = ? [pid 946] +++ exited with 0 +++ [pid 945] <... exit_group resumed>) = ? [pid 945] +++ exited with 0 +++ [pid 310] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=945, si_uid=0, si_status=0, si_utime=5, si_stime=17} --- [ 57.443256][ T946] F2FS-fs (loop3): Cannot turn on quotas: -2 on 0 [ 57.450142][ T946] F2FS-fs (loop3): Cannot turn on quotas: -2 on 1 [ 57.456904][ T946] F2FS-fs (loop3): Cannot turn on quotas: -2 on 2 [ 57.464140][ T946] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [pid 310] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 307] umount2("./17/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 310] umount2("./18", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 310] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 307] newfstatat(AT_FDCWD, "./17/file0", [pid 310] <... openat resumed>) = 3 [pid 310] newfstatat(3, "", [pid 307] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 310] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 307] umount2("./17/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 310] getdents64(3, [pid 307] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 310] <... getdents64 resumed>0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 307] openat(AT_FDCWD, "./17/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 310] umount2("./18/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] newfstatat(AT_FDCWD, "./18/binderfs", [pid 307] <... openat resumed>) = 4 [pid 310] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 307] newfstatat(4, "", [pid 310] unlink("./18/binderfs") = 0 [pid 307] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 310] umount2("./18/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 307] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 307] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 307] close(4) = 0 [pid 307] rmdir("./17/file0") = 0 [pid 307] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 307] close(3) = 0 [pid 307] rmdir("./17") = 0 [pid 307] mkdir("./18", 0777) = 0 [pid 307] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 962] <... write resumed>) = 20699119 [pid 962] munmap(0x7f5376fec000, 138412032) = 0 [pid 962] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 309] <... umount2 resumed>) = 0 [pid 309] umount2("./16/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] newfstatat(AT_FDCWD, "./16/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 309] umount2("./16/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] openat(AT_FDCWD, "./16/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 309] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 309] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 309] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 309] close(4) = 0 [pid 309] rmdir("./16/file0") = 0 [pid 309] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 309] close(3) = 0 [pid 309] rmdir("./16" [pid 975] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 309] <... rmdir resumed>) = 0 [pid 309] mkdir("./17", 0777) = 0 [pid 309] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 962] <... openat resumed>) = 4 [pid 307] <... openat resumed>) = 3 [pid 309] <... openat resumed>) = 3 [pid 309] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 309] close(3 [pid 962] ioctl(4, LOOP_SET_FD, 3 [pid 307] ioctl(3, LOOP_CLR_FD [pid 962] <... ioctl resumed>) = 0 [pid 307] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 962] close(3 [pid 307] close(3 [pid 962] <... close resumed>) = 0 [pid 307] <... close resumed>) = 0 [pid 962] close(4 [pid 307] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 962] <... close resumed>) = 0 [pid 962] mkdir("./file0", 0777) = 0 [pid 307] <... clone resumed>, child_tidptr=0x55555b716750) = 978 [pid 962] mount("/dev/loop4", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 309] <... close resumed>) = 0 [pid 309] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 979 ./strace-static-x86_64: Process 978 attached [pid 978] set_robust_list(0x55555b716760, 24) = 0 [pid 978] chdir("./18") = 0 [pid 978] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 978] setpgid(0, 0) = 0 [pid 978] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 ./strace-static-x86_64: Process 979 attached [pid 979] set_robust_list(0x55555b716760, 24 [pid 978] write(3, "1000", 4) = 4 [pid 978] close(3 [pid 979] <... set_robust_list resumed>) = 0 [pid 978] <... close resumed>) = 0 [pid 979] chdir("./17" [pid 978] symlink("/dev/binderfs", "./binderfs") = 0 [pid 979] <... chdir resumed>) = 0 [pid 979] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 979] setpgid(0, 0) = 0 executing program [pid 979] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 978] write(1, "executing program\n", 18) = 18 [pid 978] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 979] <... openat resumed>) = 3 [pid 978] <... futex resumed>) = 0 [pid 978] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 978] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 978] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 978] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 979] write(3, "1000", 4 [pid 978] rt_sigprocmask(SIG_BLOCK, ~[], [pid 979] <... write resumed>) = 4 [pid 979] close(3) = 0 [pid 979] symlink("/dev/binderfs", "./binderfs") = 0 [pid 978] <... rt_sigprocmask resumed>[], 8) = 0 [pid 978] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} [pid 979] write(1, "executing program\n", 18executing program [pid 978] <... clone3 resumed> => {parent_tid=[980]}, 88) = 980 [pid 979] <... write resumed>) = 18 [pid 978] rt_sigprocmask(SIG_SETMASK, [], [pid 979] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 978] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 978] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 978] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 979] <... futex resumed>) = 0 [pid 979] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 979] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 979] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 979] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 979] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 979] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[981]}, 88) = 981 [pid 979] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 979] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 979] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 980 attached [pid 980] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 980] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 980] memfd_create("syzkaller", 0) = 3 [pid 980] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 ./strace-static-x86_64: Process 981 attached [pid 981] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 981] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 981] memfd_create("syzkaller", 0) = 3 [pid 981] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [ 57.604650][ T962] F2FS-fs (loop4): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 975] <... write resumed>) = 20699119 [pid 975] munmap(0x7f5376fec000, 138412032) = 0 [pid 975] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [ 57.646319][ T962] F2FS-fs (loop4): Found nat_bits in checkpoint [pid 975] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 975] close(3) = 0 [pid 975] close(4) = 0 [pid 975] mkdir("./file0", 0777) = 0 [pid 975] mount("/dev/loop1", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 962] <... mount resumed>) = 0 [pid 962] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 962] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 310] <... umount2 resumed>) = 0 [pid 310] umount2("./18/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] newfstatat(AT_FDCWD, "./18/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 310] umount2("./18/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] openat(AT_FDCWD, "./18/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 310] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 310] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 310] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 310] close(4) = 0 [pid 310] rmdir("./18/file0") = 0 [pid 310] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 310] close(3) = 0 [pid 310] rmdir("./18") = 0 [pid 310] mkdir("./19", 0777) = 0 [pid 310] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 962] <... openat resumed>) = 4 [pid 310] <... openat resumed>) = 3 [pid 310] ioctl(3, LOOP_CLR_FD [pid 962] ioctl(4, LOOP_CLR_FD) = 0 [pid 310] <... ioctl resumed>) = -1 ENXIO (No such device or address) [ 57.707415][ T962] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0 [ 57.714344][ T962] F2FS-fs (loop4): Cannot turn on quotas: -2 on 1 [ 57.722760][ T962] F2FS-fs (loop4): Cannot turn on quotas: -2 on 2 [ 57.732969][ T962] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [pid 962] close(4 [pid 310] close(3) = 0 [pid 962] <... close resumed>) = 0 [pid 962] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 310] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 962] <... futex resumed>) = 1 [pid 961] <... futex resumed>) = 0 [pid 961] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 961] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 962] fspick(AT_FDCWD, "./file0", 0 [pid 310] <... clone resumed>, child_tidptr=0x55555b716750) = 985 [pid 962] <... fspick resumed>) = 4 [pid 962] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 961] <... futex resumed>) = 0 [pid 961] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 961] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 962] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0executing program [pid 980] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119./strace-static-x86_64: Process 985 attached [pid 985] set_robust_list(0x55555b716760, 24) = 0 [pid 985] chdir("./19") = 0 [pid 985] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 985] setpgid(0, 0) = 0 [pid 985] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 985] write(3, "1000", 4) = 4 [pid 985] close(3) = 0 [pid 985] symlink("/dev/binderfs", "./binderfs") = 0 [pid 985] write(1, "executing program\n", 18) = 18 [pid 985] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 985] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 985] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 985] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 985] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 985] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 985] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[987]}, 88) = 987 [pid 985] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 985] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 985] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 987 attached [pid 987] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 987] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 987] memfd_create("syzkaller", 0) = 3 [pid 987] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 981] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 962] <... fsconfig resumed>) = 0 [pid 962] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 961] <... futex resumed>) = 0 [pid 961] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 961] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 962] openat(AT_FDCWD, "./file0", O_RDONLY) = 5 [pid 962] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 961] <... futex resumed>) = 0 [pid 961] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 961] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 962] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140) = 0 [pid 962] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 961] <... futex resumed>) = 0 [pid 961] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 961] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 962] prlimit64(0, RLIMIT_RTPRIO, NULL, NULL) = 0 [pid 962] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 961] <... futex resumed>) = 0 [pid 961] exit_group(0) = ? [pid 962] +++ exited with 0 +++ [pid 961] +++ exited with 0 +++ [pid 311] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=961, si_uid=0, si_status=0, si_utime=4, si_stime=18} --- [pid 311] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 311] umount2("./19", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 311] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 311] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [ 57.792116][ T975] F2FS-fs (loop1): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 311] umount2("./19/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] newfstatat(AT_FDCWD, "./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 311] unlink("./19/binderfs") = 0 [ 57.836795][ T975] F2FS-fs (loop1): Found nat_bits in checkpoint [ 57.878798][ T975] F2FS-fs (loop1): Cannot turn on quotas: -2 on 0 [ 57.886096][ T975] F2FS-fs (loop1): Cannot turn on quotas: -2 on 1 [ 57.903653][ T975] F2FS-fs (loop1): Cannot turn on quotas: -2 on 2 [pid 311] umount2("./19/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 975] <... mount resumed>) = 0 [pid 975] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 975] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 975] ioctl(4, LOOP_CLR_FD) = 0 [pid 975] close(4) = 0 [pid 975] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 973] <... futex resumed>) = 0 [pid 975] fspick(AT_FDCWD, "./file0", 0 [pid 973] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 975] <... fspick resumed>) = 4 [pid 973] <... futex resumed>) = 0 [pid 975] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 973] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 975] <... futex resumed>) = 0 [pid 973] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 975] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 973] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 975] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 973] <... futex resumed>) = 0 [pid 973] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 975] <... fsconfig resumed>) = 0 [pid 975] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 973] <... futex resumed>) = 0 [pid 975] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 973] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 975] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 973] <... futex resumed>) = 0 [pid 975] openat(AT_FDCWD, "./file0", O_RDONLY [pid 973] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 975] <... openat resumed>) = 5 [pid 975] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 973] <... futex resumed>) = 0 [pid 975] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 973] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 975] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 973] <... futex resumed>) = 0 [pid 975] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 973] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 975] <... ioctl resumed>) = 0 [pid 975] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 973] <... futex resumed>) = 0 [pid 975] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 973] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 975] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 973] <... futex resumed>) = 0 [pid 975] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 973] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 975] <... prlimit64 resumed>NULL) = 0 [pid 975] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 973] <... futex resumed>) = 0 [pid 975] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 973] exit_group(0 [pid 975] <... futex resumed>) = ? [pid 973] <... exit_group resumed>) = ? [pid 975] +++ exited with 0 +++ [pid 973] +++ exited with 0 +++ [pid 308] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=973, si_uid=0, si_status=0, si_utime=4, si_stime=16} --- [ 57.924549][ T975] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [pid 308] umount2("./18", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 308] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 308] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 308] umount2("./18/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] newfstatat(AT_FDCWD, "./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 308] unlink("./18/binderfs") = 0 [pid 308] umount2("./18/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 981] <... write resumed>) = 20699119 [pid 981] munmap(0x7f5376fec000, 138412032) = 0 [pid 981] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 311] <... umount2 resumed>) = 0 [pid 987] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 311] umount2("./19/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 980] <... write resumed>) = 20699119 [pid 311] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 980] munmap(0x7f5376fec000, 138412032 [pid 311] newfstatat(AT_FDCWD, "./19/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 311] umount2("./19/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] openat(AT_FDCWD, "./19/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 311] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 311] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 311] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 311] close(4) = 0 [pid 311] rmdir("./19/file0") = 0 [pid 311] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 311] close(3) = 0 [pid 311] rmdir("./19") = 0 [pid 311] mkdir("./20", 0777) = 0 [pid 311] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 980] <... munmap resumed>) = 0 [pid 980] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 981] <... openat resumed>) = 4 [pid 980] <... openat resumed>) = 4 [pid 311] <... openat resumed>) = 3 [pid 981] ioctl(4, LOOP_SET_FD, 3 [pid 980] ioctl(4, LOOP_SET_FD, 3 [pid 311] ioctl(3, LOOP_CLR_FD [pid 981] <... ioctl resumed>) = 0 [pid 981] close(3) = 0 [pid 981] close(4 [pid 980] <... ioctl resumed>) = 0 [pid 311] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 980] close(3 [pid 311] close(3 [pid 980] <... close resumed>) = 0 [pid 981] <... close resumed>) = 0 [pid 980] close(4 [pid 311] <... close resumed>) = 0 [pid 980] <... close resumed>) = 0 [pid 311] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 980] mkdir("./file0", 0777 [pid 981] mkdir("./file0", 0777) = 0 [pid 980] <... mkdir resumed>) = 0 [pid 311] <... clone resumed>, child_tidptr=0x55555b716750) = 995 [pid 980] mount("/dev/loop0", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 981] mount("/dev/loop2", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"..../strace-static-x86_64: Process 995 attached [pid 995] set_robust_list(0x55555b716760, 24) = 0 [pid 995] chdir("./20") = 0 [pid 995] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 995] setpgid(0, 0) = 0 [pid 995] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 995] write(3, "1000", 4) = 4 [pid 995] close(3) = 0 [pid 995] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 995] write(1, "executing program\n", 18) = 18 [pid 995] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 995] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 995] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 995] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 995] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 995] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 995] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[997]}, 88) = 997 [pid 995] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 995] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 995] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 997 attached [pid 997] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 997] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 997] memfd_create("syzkaller", 0) = 3 [pid 997] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 987] <... write resumed>) = 20699119 [ 58.047375][ T980] F2FS-fs (loop0): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 58.049514][ T981] F2FS-fs (loop2): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 987] munmap(0x7f5376fec000, 138412032) = 0 [pid 987] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 987] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 987] close(3) = 0 [pid 987] close(4) = 0 [pid 987] mkdir("./file0", 0777) = 0 [ 58.106286][ T980] F2FS-fs (loop0): Found nat_bits in checkpoint [ 58.130124][ T981] F2FS-fs (loop2): Found nat_bits in checkpoint [ 58.143219][ T987] F2FS-fs (loop3): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 987] mount("/dev/loop3", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 980] <... mount resumed>) = 0 [pid 980] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 980] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 980] ioctl(4, LOOP_CLR_FD) = 0 [pid 980] close(4) = 0 [pid 308] <... umount2 resumed>) = 0 [pid 980] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 308] umount2("./18/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 980] <... futex resumed>) = 1 [pid 978] <... futex resumed>) = 0 [pid 308] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 58.151281][ T980] F2FS-fs (loop0): Cannot turn on quotas: -2 on 0 [ 58.169658][ T980] F2FS-fs (loop0): Cannot turn on quotas: -2 on 1 [ 58.176992][ T980] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2 [ 58.184322][ T980] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 58.199824][ T987] F2FS-fs (loop3): Found nat_bits in checkpoint [pid 980] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 978] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 308] newfstatat(AT_FDCWD, "./18/file0", [pid 980] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 978] <... futex resumed>) = 0 [pid 980] fspick(AT_FDCWD, "./file0", 0 [pid 978] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 308] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 980] <... fspick resumed>) = 4 [pid 308] umount2("./18/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 980] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 978] <... futex resumed>) = 0 [pid 308] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 980] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 978] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 308] openat(AT_FDCWD, "./18/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 980] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 978] <... futex resumed>) = 0 [pid 980] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 978] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 308] <... openat resumed>) = 4 [pid 308] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 308] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 308] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 308] close(4) = 0 [pid 308] rmdir("./18/file0") = 0 [pid 308] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 308] close(3) = 0 [pid 308] rmdir("./18") = 0 [pid 308] mkdir("./19", 0777) = 0 [pid 308] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 308] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 308] close(3) = 0 [pid 308] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 1006 ./strace-static-x86_64: Process 1006 attached [pid 1006] set_robust_list(0x55555b716760, 24) = 0 [pid 1006] chdir("./19") = 0 [pid 1006] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1006] setpgid(0, 0) = 0 [pid 1006] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1006] write(3, "1000", 4) = 4 [pid 1006] close(3) = 0 [pid 1006] symlink("/dev/binderfs", "./binderfs") = 0 [pid 1006] write(1, "executing program\n", 18executing program ) = 18 [pid 1006] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1006] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 1006] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 1006] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 1006] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 1006] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1006] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[1008]}, 88) = 1008 [pid 1006] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1006] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1006] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 980] <... fsconfig resumed>) = 0 [pid 980] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 978] <... futex resumed>) = 0 [pid 980] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 978] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 980] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 978] <... futex resumed>) = 0 [pid 980] openat(AT_FDCWD, "./file0", O_RDONLY [pid 978] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 980] <... openat resumed>) = 5 [pid 980] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 1008 attached ) = 1 [pid 978] <... futex resumed>) = 0 [pid 1008] set_robust_list(0x7f537f40c9a0, 24 [pid 980] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 978] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1008] <... set_robust_list resumed>) = 0 [pid 980] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 978] <... futex resumed>) = 0 [pid 1008] rt_sigprocmask(SIG_SETMASK, [], [pid 980] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 978] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1008] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 1008] memfd_create("syzkaller", 0) = 3 [pid 1008] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 980] <... ioctl resumed>) = 0 [pid 980] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 978] <... futex resumed>) = 0 [pid 980] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 978] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 980] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 978] <... futex resumed>) = 0 [pid 980] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 978] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 980] <... prlimit64 resumed>NULL) = 0 [pid 980] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 978] <... futex resumed>) = 0 [pid 980] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 978] exit_group(0 [pid 980] <... futex resumed>) = ? [pid 978] <... exit_group resumed>) = ? [pid 980] +++ exited with 0 +++ [ 58.232549][ T981] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0 [ 58.259406][ T981] F2FS-fs (loop2): Cannot turn on quotas: -2 on 1 [ 58.266105][ T981] F2FS-fs (loop2): Cannot turn on quotas: -2 on 2 [pid 978] +++ exited with 0 +++ [pid 307] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=978, si_uid=0, si_status=0, si_utime=4, si_stime=14} --- [pid 307] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 307] umount2("./18", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 307] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 307] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 307] umount2("./18/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] newfstatat(AT_FDCWD, "./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 307] unlink("./18/binderfs") = 0 [pid 307] umount2("./18/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 997] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 981] <... mount resumed>) = 0 [pid 987] <... mount resumed>) = 0 [pid 981] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 987] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 981] <... openat resumed>) = 3 [pid 987] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 981] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 987] <... openat resumed>) = 4 [pid 987] ioctl(4, LOOP_CLR_FD) = 0 [pid 987] close(4) = 0 [pid 981] <... openat resumed>) = 4 [pid 987] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 985] <... futex resumed>) = 0 [pid 981] ioctl(4, LOOP_CLR_FD [pid 987] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 985] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 987] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 985] <... futex resumed>) = 0 [pid 987] fspick(AT_FDCWD, "./file0", 0 [pid 985] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 987] <... fspick resumed>) = 4 [pid 981] <... ioctl resumed>) = 0 [pid 987] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 985] <... futex resumed>) = 0 [pid 981] close(4 [pid 987] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 985] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 987] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 985] <... futex resumed>) = 0 [pid 987] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 985] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 981] <... close resumed>) = 0 [pid 981] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 979] <... futex resumed>) = 0 [pid 981] fspick(AT_FDCWD, "./file0", 0 [pid 979] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 981] <... fspick resumed>) = 4 [pid 979] <... futex resumed>) = 0 [pid 981] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 979] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 981] <... futex resumed>) = 0 [pid 979] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 981] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 979] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 58.275733][ T981] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 58.299097][ T987] F2FS-fs (loop3): Cannot turn on quotas: -2 on 0 [ 58.305998][ T987] F2FS-fs (loop3): Cannot turn on quotas: -2 on 1 [ 58.312593][ T987] F2FS-fs (loop3): Cannot turn on quotas: -2 on 2 [ 58.319733][ T987] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [pid 979] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 981] <... fsconfig resumed>) = 0 [pid 981] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 979] <... futex resumed>) = 0 [pid 979] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 979] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 981] openat(AT_FDCWD, "./file0", O_RDONLY) = 5 [pid 981] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 979] <... futex resumed>) = 0 [pid 981] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 979] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 981] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 979] <... futex resumed>) = 0 [pid 981] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 979] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 981] <... ioctl resumed>) = 0 [pid 981] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 979] <... futex resumed>) = 0 [pid 981] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 979] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 981] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 979] <... futex resumed>) = 0 [pid 981] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 979] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 981] <... prlimit64 resumed>NULL) = 0 [pid 981] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 979] <... futex resumed>) = 0 [pid 981] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 979] exit_group(0 [pid 981] <... futex resumed>) = ? [pid 979] <... exit_group resumed>) = ? [pid 981] +++ exited with 0 +++ [pid 979] +++ exited with 0 +++ [pid 309] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=979, si_uid=0, si_status=0, si_utime=7, si_stime=12} --- [pid 309] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 309] umount2("./17", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 309] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 309] getdents64(3, [pid 1008] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 309] <... getdents64 resumed>0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 309] umount2("./17/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] newfstatat(AT_FDCWD, "./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 309] unlink("./17/binderfs") = 0 [pid 309] umount2("./17/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 987] <... fsconfig resumed>) = 0 [pid 987] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 985] <... futex resumed>) = 0 [pid 987] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 985] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 987] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 985] <... futex resumed>) = 0 [pid 987] openat(AT_FDCWD, "./file0", O_RDONLY [pid 985] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 987] <... openat resumed>) = 5 [pid 987] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 985] <... futex resumed>) = 0 [pid 987] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 985] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 987] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 985] <... futex resumed>) = 0 [pid 985] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 987] <... ioctl resumed>) = 0 [pid 987] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 985] <... futex resumed>) = 0 [pid 987] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 985] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 987] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 985] <... futex resumed>) = 0 [pid 987] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 985] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 987] <... prlimit64 resumed>NULL) = 0 [pid 987] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 985] <... futex resumed>) = 0 [pid 987] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 985] exit_group(0 [pid 987] <... futex resumed>) = ? [pid 985] <... exit_group resumed>) = ? [pid 987] +++ exited with 0 +++ [pid 985] +++ exited with 0 +++ [pid 310] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=985, si_uid=0, si_status=0, si_utime=10, si_stime=18} --- [pid 310] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 310] umount2("./19", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 310] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 310] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 310] umount2("./19/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] newfstatat(AT_FDCWD, "./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 310] unlink("./19/binderfs") = 0 [pid 310] umount2("./19/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 997] <... write resumed>) = 20699119 [pid 997] munmap(0x7f5376fec000, 138412032) = 0 [pid 997] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 307] <... umount2 resumed>) = 0 [pid 307] umount2("./18/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] newfstatat(AT_FDCWD, "./18/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 307] umount2("./18/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] openat(AT_FDCWD, "./18/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 307] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 307] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 307] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 307] close(4) = 0 [pid 307] rmdir("./18/file0") = 0 [pid 307] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 307] close(3) = 0 [pid 307] rmdir("./18") = 0 [pid 307] mkdir("./19", 0777) = 0 [pid 307] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 997] <... openat resumed>) = 4 [pid 307] <... openat resumed>) = 3 [pid 997] ioctl(4, LOOP_SET_FD, 3 [pid 307] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 307] close(3 [pid 1008] <... write resumed>) = 20699119 [pid 1008] munmap(0x7f5376fec000, 138412032 [pid 997] <... ioctl resumed>) = 0 [pid 307] <... close resumed>) = 0 [pid 997] close(3 [pid 307] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 997] <... close resumed>) = 0 [pid 997] close(4 [pid 307] <... clone resumed>, child_tidptr=0x55555b716750) = 1014 [pid 1008] <... munmap resumed>) = 0 [pid 1008] openat(AT_FDCWD, "/dev/loop1", O_RDWR./strace-static-x86_64: Process 1014 attached [pid 1014] set_robust_list(0x55555b716760, 24) = 0 [pid 1014] chdir("./19") = 0 [pid 1014] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1014] setpgid(0, 0) = 0 [pid 1014] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1014] write(3, "1000", 4) = 4 [pid 1014] close(3) = 0 [pid 1014] symlink("/dev/binderfs", "./binderfs") = 0 [pid 1014] write(1, "executing program\n", 18executing program ) = 18 [pid 1014] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1014] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 1014] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 1014] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 1014] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 1014] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1014] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[1015]}, 88) = 1015 [pid 1014] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1014] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1014] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 1015 attached [pid 1015] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 1015] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1015] memfd_create("syzkaller", 0) = 3 [pid 1015] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 309] <... umount2 resumed>) = 0 [pid 309] umount2("./17/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] newfstatat(AT_FDCWD, "./17/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 309] umount2("./17/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] openat(AT_FDCWD, "./17/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 309] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 309] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 309] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 309] close(4) = 0 [pid 309] rmdir("./17/file0") = 0 [pid 309] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 309] close(3) = 0 [pid 309] rmdir("./17") = 0 [pid 309] mkdir("./18", 0777) = 0 [pid 309] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 1008] <... openat resumed>) = 4 [pid 997] <... close resumed>) = 0 [pid 1008] ioctl(4, LOOP_SET_FD, 3 [pid 997] mkdir("./file0", 0777 [pid 309] <... openat resumed>) = 3 [pid 997] <... mkdir resumed>) = 0 [pid 309] ioctl(3, LOOP_CLR_FD [pid 997] mount("/dev/loop4", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 310] <... umount2 resumed>) = 0 [pid 310] umount2("./19/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] newfstatat(AT_FDCWD, "./19/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 310] umount2("./19/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] openat(AT_FDCWD, "./19/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 310] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 310] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 310] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 310] close(4) = 0 [pid 310] rmdir("./19/file0") = 0 [pid 310] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 310] close(3) = 0 [pid 310] rmdir("./19" [pid 1008] <... ioctl resumed>) = 0 [pid 309] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 1008] close(3 [pid 309] close(3 [pid 1008] <... close resumed>) = 0 [pid 309] <... close resumed>) = 0 [pid 1008] close(4 [pid 309] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 1017 ./strace-static-x86_64: Process 1017 attached [pid 1017] set_robust_list(0x55555b716760, 24) = 0 [pid 1017] chdir("./18") = 0 [pid 1017] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1017] setpgid(0, 0) = 0 [pid 1017] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1017] write(3, "1000", 4) = 4 [pid 1017] close(3) = 0 [pid 1017] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 1017] write(1, "executing program\n", 18) = 18 [pid 1017] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1017] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 1017] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 1017] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 1017] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 1017] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1017] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[1018]}, 88) = 1018 [pid 1017] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1017] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1017] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 310] <... rmdir resumed>) = 0 [pid 310] mkdir("./20", 0777) = 0 [pid 310] openat(AT_FDCWD, "/dev/loop3", O_RDWR./strace-static-x86_64: Process 1018 attached [pid 1018] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 1018] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1018] memfd_create("syzkaller", 0) = 3 [pid 1018] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 1015] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 1008] <... close resumed>) = 0 [pid 1008] mkdir("./file0", 0777) = 0 [ 58.582240][ T997] F2FS-fs (loop4): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 1008] mount("/dev/loop1", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 310] <... openat resumed>) = 3 [pid 310] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 310] close(3) = 0 [pid 310] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 1021 [ 58.634071][ T997] F2FS-fs (loop4): Found nat_bits in checkpoint ./strace-static-x86_64: Process 1021 attached [pid 1021] set_robust_list(0x55555b716760, 24) = 0 [pid 1021] chdir("./20") = 0 [pid 1021] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1021] setpgid(0, 0) = 0 [pid 1021] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1021] write(3, "1000", 4) = 4 [pid 1021] close(3) = 0 [pid 1021] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 1021] write(1, "executing program\n", 18) = 18 [pid 1021] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1021] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 1021] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 1021] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 1015] <... write resumed>) = 20699119 [pid 1021] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 1021] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1021] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} [pid 1015] munmap(0x7f5376fec000, 138412032 [pid 1021] <... clone3 resumed> => {parent_tid=[1022]}, 88) = 1022 [pid 1021] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1021] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1021] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 1015] <... munmap resumed>) = 0 [pid 1015] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 1015] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 1022 attached [pid 1022] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 1022] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1022] memfd_create("syzkaller", 0) = 3 [pid 1022] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 1015] <... ioctl resumed>) = 0 [pid 1015] close(3) = 0 [ 58.678340][ T1008] F2FS-fs (loop1): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 1015] close(4) = 0 [pid 1015] mkdir("./file0", 0777) = 0 [ 58.727058][ T997] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0 [ 58.734105][ T997] F2FS-fs (loop4): Cannot turn on quotas: -2 on 1 [ 58.741844][ T1008] F2FS-fs (loop1): Found nat_bits in checkpoint [ 58.758834][ T997] F2FS-fs (loop4): Cannot turn on quotas: -2 on 2 [pid 1015] mount("/dev/loop0", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 1018] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 1022] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 997] <... mount resumed>) = 0 [pid 997] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 997] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 997] ioctl(4, LOOP_CLR_FD) = 0 [pid 997] close(4) = 0 [pid 997] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 995] <... futex resumed>) = 0 [pid 997] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 995] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 997] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 995] <... futex resumed>) = 0 [pid 997] fspick(AT_FDCWD, "./file0", 0 [pid 995] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 997] <... fspick resumed>) = 4 [pid 997] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 995] <... futex resumed>) = 0 [pid 997] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 995] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 997] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 995] <... futex resumed>) = 0 [pid 997] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [ 58.777223][ T1015] F2FS-fs (loop0): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 58.809981][ T997] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [pid 995] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 997] <... fsconfig resumed>) = 0 [pid 997] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 995] <... futex resumed>) = 0 [pid 997] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 995] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 997] openat(AT_FDCWD, "./file0", O_RDONLY [pid 995] <... futex resumed>) = 0 [pid 997] <... openat resumed>) = 5 [pid 995] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 997] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 995] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 997] <... futex resumed>) = 0 [pid 995] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 997] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 995] <... futex resumed>) = 0 [pid 995] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 997] <... ioctl resumed>) = 0 [pid 997] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 995] <... futex resumed>) = 0 [pid 997] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 995] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 997] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 995] <... futex resumed>) = 0 [pid 997] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 995] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 997] <... prlimit64 resumed>NULL) = 0 [pid 997] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 995] <... futex resumed>) = 0 [pid 997] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 995] exit_group(0 [pid 997] <... futex resumed>) = ? [pid 995] <... exit_group resumed>) = ? [pid 997] +++ exited with 0 +++ [pid 995] +++ exited with 0 +++ [pid 311] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=995, si_uid=0, si_status=0, si_utime=7, si_stime=18} --- [pid 311] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 311] umount2("./20", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 311] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 311] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 311] umount2("./20/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] newfstatat(AT_FDCWD, "./20/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 311] unlink("./20/binderfs") = 0 [pid 311] umount2("./20/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1022] <... write resumed>) = 20699119 [pid 1022] munmap(0x7f5376fec000, 138412032) = 0 [ 58.862045][ T1015] F2FS-fs (loop0): Found nat_bits in checkpoint [ 58.870798][ T1008] F2FS-fs (loop1): Cannot turn on quotas: -2 on 0 [ 58.892350][ T1008] F2FS-fs (loop1): Cannot turn on quotas: -2 on 1 [pid 1022] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 1022] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 1022] close(3) = 0 [pid 1022] close(4 [pid 1018] <... write resumed>) = 20699119 [pid 1018] munmap(0x7f5376fec000, 138412032) = 0 [pid 1018] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 1008] <... mount resumed>) = 0 [pid 1008] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [ 58.929377][ T1008] F2FS-fs (loop1): Cannot turn on quotas: -2 on 2 [ 58.940075][ T1008] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [pid 1008] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 1022] <... close resumed>) = 0 [pid 1022] mkdir("./file0", 0777) = 0 [pid 1022] mount("/dev/loop3", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 1018] <... openat resumed>) = 4 [pid 1008] <... openat resumed>) = 4 [pid 1018] ioctl(4, LOOP_SET_FD, 3 [pid 1008] ioctl(4, LOOP_CLR_FD) = 0 [pid 1008] close(4 [pid 1018] <... ioctl resumed>) = 0 [pid 1008] <... close resumed>) = 0 [pid 1018] close(3 [pid 1008] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1018] <... close resumed>) = 0 [pid 1008] <... futex resumed>) = 1 [pid 1018] close(4 [pid 1008] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1018] <... close resumed>) = 0 [pid 1018] mkdir("./file0", 0777) = 0 [pid 1018] mount("/dev/loop2", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 1015] <... mount resumed>) = 0 [pid 1006] <... futex resumed>) = 0 [pid 1015] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 1006] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1008] <... futex resumed>) = 0 [pid 1006] <... futex resumed>) = 1 [pid 1008] fspick(AT_FDCWD, "./file0", 0 [pid 1006] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1008] <... fspick resumed>) = 4 [pid 1008] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1008] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1015] <... openat resumed>) = 3 [pid 1006] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [ 58.971290][ T1015] F2FS-fs (loop0): Cannot turn on quotas: -2 on 0 [ 58.978230][ T1015] F2FS-fs (loop0): Cannot turn on quotas: -2 on 1 [ 58.984725][ T1015] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2 [ 58.994910][ T1022] F2FS-fs (loop3): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 59.004594][ T1015] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [pid 1015] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 1006] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1015] <... openat resumed>) = 4 [pid 1008] <... futex resumed>) = 0 [pid 1006] <... futex resumed>) = 1 [pid 1008] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 1015] ioctl(4, LOOP_CLR_FD [pid 1006] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1015] <... ioctl resumed>) = 0 [pid 1015] close(4) = 0 [pid 311] <... umount2 resumed>) = 0 [pid 1015] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 311] umount2("./20/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1015] <... futex resumed>) = 1 [pid 1014] <... futex resumed>) = 0 [pid 311] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 1015] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1014] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 311] newfstatat(AT_FDCWD, "./20/file0", [pid 1014] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1015] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1015] fspick(AT_FDCWD, "./file0", 0 [pid 311] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 1015] <... fspick resumed>) = 4 [pid 311] umount2("./20/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1015] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 311] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 1015] <... futex resumed>) = 1 [pid 1014] <... futex resumed>) = 0 [pid 1014] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 311] openat(AT_FDCWD, "./20/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 1015] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 1014] <... futex resumed>) = 0 [pid 311] <... openat resumed>) = 4 [pid 1014] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 311] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 311] getdents64(4, [pid 1008] <... fsconfig resumed>) = 0 [pid 1008] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1008] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 311] <... getdents64 resumed>0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 1006] <... futex resumed>) = 0 [pid 1006] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 311] getdents64(4, [pid 1008] <... futex resumed>) = 0 [pid 1006] <... futex resumed>) = 1 [pid 311] <... getdents64 resumed>0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 1008] openat(AT_FDCWD, "./file0", O_RDONLY) = 5 [pid 1006] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 311] close(4 [pid 1008] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1008] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1006] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 311] <... close resumed>) = 0 [pid 1006] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1008] <... futex resumed>) = 0 [pid 1006] <... futex resumed>) = 1 [pid 311] rmdir("./20/file0" [pid 1008] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 1006] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 311] <... rmdir resumed>) = 0 [pid 311] getdents64(3, [pid 1008] <... ioctl resumed>) = 0 [pid 1008] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1008] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1006] <... futex resumed>) = 0 [pid 311] <... getdents64 resumed>0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 1006] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1008] <... futex resumed>) = 0 [pid 1006] <... futex resumed>) = 1 [pid 311] close(3 [pid 1008] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 1006] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1008] <... prlimit64 resumed>NULL) = 0 [pid 1008] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 311] <... close resumed>) = 0 [pid 1008] <... futex resumed>) = 1 [pid 1008] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1006] <... futex resumed>) = 0 [pid 311] rmdir("./20" [pid 1006] exit_group(0 [pid 311] <... rmdir resumed>) = 0 [pid 1008] <... futex resumed>) = ? [pid 1006] <... exit_group resumed>) = ? [pid 1008] +++ exited with 0 +++ [pid 1006] +++ exited with 0 +++ [pid 311] mkdir("./21", 0777 [pid 308] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1006, si_uid=0, si_status=0, si_utime=5, si_stime=15} --- [pid 308] restart_syscall(<... resuming interrupted clone ...> [pid 311] <... mkdir resumed>) = 0 [pid 311] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 311] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 311] close(3) = 0 [pid 308] <... restart_syscall resumed>) = 0 [pid 308] umount2("./19", MNT_FORCE|UMOUNT_NOFOLLOW [pid 311] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 308] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 308] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 308] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 308] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 308] umount2("./19/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] newfstatat(AT_FDCWD, "./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 308] unlink("./19/binderfs") = 0 [ 59.017546][ T1018] F2FS-fs (loop2): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 59.034585][ T1022] F2FS-fs (loop3): Found nat_bits in checkpoint [pid 308] umount2("./19/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1015] <... fsconfig resumed>) = 0 [pid 1015] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 311] <... clone resumed>, child_tidptr=0x55555b716750) = 1040 [pid 1015] <... futex resumed>) = 1 [pid 1014] <... futex resumed>) = 0 ./strace-static-x86_64: Process 1040 attached [pid 1015] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1014] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1015] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1040] set_robust_list(0x55555b716760, 24) = 0 [pid 1040] chdir("./21") = 0 [pid 1040] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1040] setpgid(0, 0) = 0 [pid 1040] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1040] write(3, "1000", 4) = 4 [pid 1040] close(3 [pid 1014] <... futex resumed>) = 0 [pid 1040] <... close resumed>) = 0 [pid 1040] symlink("/dev/binderfs", "./binderfs" [pid 1015] openat(AT_FDCWD, "./file0", O_RDONLY [pid 1014] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1040] <... symlink resumed>) = 0 [pid 1040] write(1, "executing program\n", 18executing program [pid 1015] <... openat resumed>) = 5 [pid 1040] <... write resumed>) = 18 [pid 1040] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1040] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 1040] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 1040] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 1040] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 1040] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1040] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} [pid 1015] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1040] <... clone3 resumed> => {parent_tid=[1041]}, 88) = 1041 [pid 1015] <... futex resumed>) = 1 [pid 1014] <... futex resumed>) = 0 [pid 1015] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1014] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1015] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1014] <... futex resumed>) = 0 [pid 1015] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 1014] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1040] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1040] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1040] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 1015] <... ioctl resumed>) = 0 [pid 1015] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1014] <... futex resumed>) = 0 [pid 1015] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1014] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1015] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1014] <... futex resumed>) = 0 [pid 1015] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 1014] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1015] <... prlimit64 resumed>NULL) = 0 [pid 1015] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1014] <... futex resumed>) = 0 [pid 1015] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1014] exit_group(0 [pid 1015] <... futex resumed>) = ? [pid 1014] <... exit_group resumed>) = ? [pid 1015] +++ exited with 0 +++ [pid 1014] +++ exited with 0 +++ [pid 307] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1014, si_uid=0, si_status=0, si_utime=4, si_stime=20} --- [pid 307] restart_syscall(<... resuming interrupted clone ...>./strace-static-x86_64: Process 1041 attached [pid 1041] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 1041] rt_sigprocmask(SIG_SETMASK, [], [pid 307] <... restart_syscall resumed>) = 0 [pid 1041] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 307] umount2("./19", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 1041] memfd_create("syzkaller", 0 [pid 307] <... openat resumed>) = 3 [pid 307] newfstatat(3, "", [pid 1041] <... memfd_create resumed>) = 3 [pid 307] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 1041] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 307] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 307] umount2("./19/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] newfstatat(AT_FDCWD, "./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 307] unlink("./19/binderfs") = 0 [ 59.067401][ T1018] F2FS-fs (loop2): Found nat_bits in checkpoint [ 59.120833][ T1018] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0 [ 59.127394][ T1018] F2FS-fs (loop2): Cannot turn on quotas: -2 on 1 [pid 307] umount2("./19/file0", MNT_FORCE|UMOUNT_NOFOLLOW [ 59.166780][ T1018] F2FS-fs (loop2): Cannot turn on quotas: -2 on 2 [ 59.186776][ T1022] F2FS-fs (loop3): Cannot turn on quotas: -2 on 0 [ 59.209676][ T1022] F2FS-fs (loop3): Cannot turn on quotas: -2 on 1 [pid 1041] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 1018] <... mount resumed>) = 0 [pid 1018] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 1018] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 1018] ioctl(4, LOOP_CLR_FD) = 0 [pid 1018] close(4 [pid 1041] <... write resumed>) = 20699119 [pid 308] <... umount2 resumed>) = 0 [pid 1041] munmap(0x7f5376fec000, 138412032 [pid 1018] <... close resumed>) = 0 [pid 308] umount2("./19/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1018] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1017] <... futex resumed>) = 0 [pid 1017] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1017] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1018] <... futex resumed>) = 1 [pid 1018] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 1018] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1017] <... futex resumed>) = 0 [pid 1017] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1017] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1018] <... futex resumed>) = 1 [pid 1018] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 1041] <... munmap resumed>) = 0 [ 59.216510][ T1018] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 59.247457][ T1022] F2FS-fs (loop3): Cannot turn on quotas: -2 on 2 [pid 1041] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 308] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 1041] <... openat resumed>) = 4 [pid 308] newfstatat(AT_FDCWD, "./19/file0", [pid 1022] <... mount resumed>) = 0 [pid 1022] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 1022] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 1022] ioctl(4, LOOP_CLR_FD) = 0 [pid 1022] close(4 [pid 1041] ioctl(4, LOOP_SET_FD, 3 [pid 308] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 1022] <... close resumed>) = 0 [pid 1022] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1021] <... futex resumed>) = 0 [pid 1021] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 308] umount2("./19/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1021] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1022] <... futex resumed>) = 1 [pid 1022] fspick(AT_FDCWD, "./file0", 0 [pid 308] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 1022] <... fspick resumed>) = 4 [pid 1022] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1021] <... futex resumed>) = 0 [pid 1021] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1021] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1022] <... futex resumed>) = 1 [pid 1022] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 1018] <... fsconfig resumed>) = 0 [pid 1018] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1017] <... futex resumed>) = 0 [pid 1018] openat(AT_FDCWD, "./file0", O_RDONLY [pid 1017] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1018] <... openat resumed>) = 5 [pid 1017] <... futex resumed>) = 0 [pid 1018] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1017] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1018] <... futex resumed>) = 0 [pid 1017] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1018] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 1017] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1017] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1018] <... ioctl resumed>) = 0 [pid 308] openat(AT_FDCWD, "./19/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 1018] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1017] <... futex resumed>) = 0 [pid 1018] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 1017] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1018] <... prlimit64 resumed>NULL) = 0 [pid 1017] <... futex resumed>) = 0 [pid 1018] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1017] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1018] <... futex resumed>) = 0 [pid 1017] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1018] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1017] exit_group(0 [pid 1018] <... futex resumed>) = ? [pid 1017] <... exit_group resumed>) = ? [pid 1041] <... ioctl resumed>) = 0 [pid 1018] +++ exited with 0 +++ [pid 1017] +++ exited with 0 +++ [pid 308] <... openat resumed>) = 4 [pid 1041] close(3 [pid 309] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1017, si_uid=0, si_status=0, si_utime=6, si_stime=18} --- [pid 308] newfstatat(4, "", [pid 1041] <... close resumed>) = 0 [pid 309] restart_syscall(<... resuming interrupted clone ...> [pid 308] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 308] getdents64(4, [pid 1041] close(4) = 0 [pid 308] <... getdents64 resumed>0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 1041] mkdir("./file0", 0777) = 0 [pid 308] getdents64(4, [pid 1041] mount("/dev/loop4", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 308] <... getdents64 resumed>0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 308] close(4) = 0 [pid 1022] <... fsconfig resumed>) = 0 [pid 1022] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1021] <... futex resumed>) = 0 [pid 1021] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1021] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1022] openat(AT_FDCWD, "./file0", O_RDONLY) = 5 [pid 1022] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1021] <... futex resumed>) = 0 [pid 1021] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1021] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1022] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 308] rmdir("./19/file0") = 0 [pid 308] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 308] close(3 [pid 309] <... restart_syscall resumed>) = 0 [pid 308] <... close resumed>) = 0 [pid 308] rmdir("./19") = 0 [pid 309] umount2("./18", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] mkdir("./20", 0777 [pid 309] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 308] <... mkdir resumed>) = 0 [pid 309] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 308] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 309] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 308] <... openat resumed>) = 3 [pid 309] umount2("./18/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] ioctl(3, LOOP_CLR_FD [pid 309] newfstatat(AT_FDCWD, "./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 308] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 309] unlink("./18/binderfs" [pid 308] close(3 [pid 309] <... unlink resumed>) = 0 [pid 309] umount2("./18/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 308] <... close resumed>) = 0 [pid 307] <... umount2 resumed>) = 0 [pid 307] umount2("./19/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] newfstatat(AT_FDCWD, "./19/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 307] umount2("./19/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] openat(AT_FDCWD, "./19/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 307] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 307] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 307] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 307] close(4) = 0 [pid 307] rmdir("./19/file0") = 0 [pid 307] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 307] close(3) = 0 [pid 307] rmdir("./19") = 0 [pid 307] mkdir("./20", 0777) = 0 [pid 307] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 307] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 307] close(3 [pid 308] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 307] <... close resumed>) = 0 [pid 307] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 1049 ./strace-static-x86_64: Process 1048 attached [pid 1048] set_robust_list(0x55555b716760, 24) = 0 [pid 308] <... clone resumed>, child_tidptr=0x55555b716750) = 1048 [pid 1048] chdir("./20") = 0 [pid 1048] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1048] setpgid(0, 0) = 0 ./strace-static-x86_64: Process 1049 attached [pid 1049] set_robust_list(0x55555b716760, 24) = 0 [pid 1049] chdir("./20" [pid 1048] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 1022] <... ioctl resumed>) = 0 [pid 1022] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1021] <... futex resumed>) = 0 [pid 1022] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 1021] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1022] <... prlimit64 resumed>NULL) = 0 [pid 1021] <... futex resumed>) = 0 [pid 1022] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1021] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1022] <... futex resumed>) = 0 [pid 1021] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1022] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1021] exit_group(0 [pid 1022] <... futex resumed>) = ? [pid 1021] <... exit_group resumed>) = ? [pid 1049] <... chdir resumed>) = 0 [pid 1048] <... openat resumed>) = 3 [pid 1022] +++ exited with 0 +++ [pid 1021] +++ exited with 0 +++ [pid 310] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1021, si_uid=0, si_status=0, si_utime=5, si_stime=11} --- [pid 1049] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 1048] write(3, "1000", 4 [pid 310] restart_syscall(<... resuming interrupted clone ...> [pid 1049] <... prctl resumed>) = 0 [pid 1048] <... write resumed>) = 4 [pid 310] <... restart_syscall resumed>) = 0 [pid 1049] setpgid(0, 0) = 0 [pid 1049] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1049] write(3, "1000", 4) = 4 [pid 1049] close(3 [pid 1048] close(3 [pid 1049] <... close resumed>) = 0 [pid 1049] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 1049] write(1, "executing program\n", 18) = 18 [pid 1048] <... close resumed>) = 0 [pid 310] umount2("./20", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1048] symlink("/dev/binderfs", "./binderfs" [pid 1049] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1049] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 1049] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 1049] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 1049] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 1049] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1049] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[1052]}, 88) = 1052 [pid 1049] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1049] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1049] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 1052 attached [pid 1052] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 1052] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1052] memfd_create("syzkaller", 0) = 3 [pid 1052] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 310] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 1048] <... symlink resumed>) = 0 [pid 310] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 1048] write(1, "executing program\n", 18 [pid 310] newfstatat(3, "", executing program {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 1048] <... write resumed>) = 18 [pid 310] getdents64(3, [pid 1048] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 310] <... getdents64 resumed>0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 1048] <... futex resumed>) = 0 [pid 310] umount2("./20/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1048] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, [pid 310] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 1048] <... rt_sigaction resumed>NULL, 8) = 0 [pid 310] newfstatat(AT_FDCWD, "./20/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 1048] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 310] unlink("./20/binderfs" [pid 1048] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 310] <... unlink resumed>) = 0 [pid 1048] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 310] umount2("./20/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1048] <... mmap resumed>) = 0x7f537f3ec000 [pid 1048] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 1048] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1048] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[1053]}, 88) = 1053 [pid 1048] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1048] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 59.271337][ T1022] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 59.303552][ T1041] F2FS-fs (loop4): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 1048] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 1053 attached [pid 1053] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 1053] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1053] memfd_create("syzkaller", 0) = 3 [pid 1053] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [ 59.343415][ T1041] F2FS-fs (loop4): Found nat_bits in checkpoint [pid 309] <... umount2 resumed>) = 0 [pid 309] umount2("./18/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] newfstatat(AT_FDCWD, "./18/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 309] umount2("./18/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] openat(AT_FDCWD, "./18/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 309] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 309] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 309] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 309] close(4) = 0 [pid 309] rmdir("./18/file0") = 0 [pid 309] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 309] close(3) = 0 [pid 309] rmdir("./18") = 0 [pid 309] mkdir("./19", 0777) = 0 [pid 309] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 309] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 309] close(3) = 0 [pid 309] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 1054 ./strace-static-x86_64: Process 1054 attached [pid 310] <... umount2 resumed>) = 0 [pid 310] umount2("./20/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1054] set_robust_list(0x55555b716760, 24) = 0 [pid 310] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 1054] chdir("./19" [pid 310] newfstatat(AT_FDCWD, "./20/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 310] umount2("./20/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1054] <... chdir resumed>) = 0 [pid 1054] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 310] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 310] openat(AT_FDCWD, "./20/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 1054] <... prctl resumed>) = 0 [pid 1054] setpgid(0, 0 [pid 310] <... openat resumed>) = 4 [pid 1054] <... setpgid resumed>) = 0 [pid 1054] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 310] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 310] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 310] getdents64(4, [pid 1054] <... openat resumed>) = 3 [pid 310] <... getdents64 resumed>0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 1054] write(3, "1000", 4 [pid 310] close(4 [pid 1054] <... write resumed>) = 4 [pid 310] <... close resumed>) = 0 [pid 1054] close(3) = 0 [pid 310] rmdir("./20/file0") = 0 [pid 1054] symlink("/dev/binderfs", "./binderfs") = 0 [pid 310] getdents64(3, [pid 1054] write(1, "executing program\n", 18 [pid 310] <... getdents64 resumed>0x55555b7177f0 /* 0 entries */, 32768) = 0 executing program [pid 1054] <... write resumed>) = 18 [pid 310] close(3) = 0 [pid 1054] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 310] rmdir("./20") = 0 [pid 1054] <... futex resumed>) = 0 [pid 1054] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, [pid 310] mkdir("./21", 0777 [pid 1054] <... rt_sigaction resumed>NULL, 8) = 0 [pid 1054] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 310] <... mkdir resumed>) = 0 [pid 1054] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 1054] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 310] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 1054] <... mmap resumed>) = 0x7f537f3ec000 [pid 310] <... openat resumed>) = 3 [pid 1054] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 310] ioctl(3, LOOP_CLR_FD [pid 1054] rt_sigprocmask(SIG_BLOCK, ~[], [pid 310] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 1054] <... rt_sigprocmask resumed>[], 8) = 0 [pid 310] close(3 [pid 1054] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[1055]}, 88) = 1055 [pid 310] <... close resumed>) = 0 [pid 1054] rt_sigprocmask(SIG_SETMASK, [], [pid 310] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 1054] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 1054] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 310] <... clone resumed>, child_tidptr=0x55555b716750) = 1056 [pid 1054] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 1052] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119./strace-static-x86_64: Process 1056 attached [pid 1056] set_robust_list(0x55555b716760, 24) = 0 [pid 1056] chdir("./21") = 0 ./strace-static-x86_64: Process 1055 attached [pid 1055] set_robust_list(0x7f537f40c9a0, 24 [pid 1056] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 1055] <... set_robust_list resumed>) = 0 [pid 1055] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1056] <... prctl resumed>) = 0 [pid 1055] memfd_create("syzkaller", 0 [pid 1056] setpgid(0, 0) = 0 [pid 1056] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1055] <... memfd_create resumed>) = 3 [pid 1055] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 1056] write(3, "1000", 4) = 4 [pid 1056] close(3) = 0 [pid 1056] symlink("/dev/binderfs", "./binderfs") = 0 [pid 1056] write(1, "executing program\n", 18executing program ) = 18 [pid 1056] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1056] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 1056] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 1056] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 1056] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 1056] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1056] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[1057]}, 88) = 1057 [pid 1056] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1056] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 59.469570][ T1041] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0 [ 59.479377][ T1041] F2FS-fs (loop4): Cannot turn on quotas: -2 on 1 [ 59.494411][ T1041] F2FS-fs (loop4): Cannot turn on quotas: -2 on 2 [pid 1056] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 1057 attached [pid 1057] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 1057] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1057] memfd_create("syzkaller", 0) = 3 [pid 1057] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 1041] <... mount resumed>) = 0 [pid 1041] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 1041] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 1041] ioctl(4, LOOP_CLR_FD) = 0 [pid 1041] close(4) = 0 [pid 1041] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1040] <... futex resumed>) = 0 [pid 1040] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1040] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1053] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 1041] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 1041] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1040] <... futex resumed>) = 0 [pid 1040] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1040] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1041] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = 0 [pid 1041] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1040] <... futex resumed>) = 0 [pid 1040] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1040] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1041] openat(AT_FDCWD, "./file0", O_RDONLY) = 5 [pid 1041] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1040] <... futex resumed>) = 0 [pid 1040] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1040] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1041] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140) = 0 [pid 1041] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1040] <... futex resumed>) = 0 [pid 1040] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1040] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1041] prlimit64(0, RLIMIT_RTPRIO, NULL, NULL) = 0 [pid 1041] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1040] <... futex resumed>) = 0 [pid 1040] exit_group(0 [pid 1041] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL) = ? [pid 1040] <... exit_group resumed>) = ? [pid 1041] +++ exited with 0 +++ [pid 1040] +++ exited with 0 +++ [pid 311] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1040, si_uid=0, si_status=0, si_utime=7, si_stime=15} --- [ 59.525748][ T1041] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [pid 311] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 311] umount2("./21", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 311] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 311] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 311] umount2("./21/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] newfstatat(AT_FDCWD, "./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 311] unlink("./21/binderfs") = 0 [pid 311] umount2("./21/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1052] <... write resumed>) = 20699119 [pid 1052] munmap(0x7f5376fec000, 138412032) = 0 [pid 1052] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 1052] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 1052] close(3) = 0 [pid 1052] close(4) = 0 [pid 1052] mkdir("./file0", 0777) = 0 [pid 1052] mount("/dev/loop0", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 1057] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [ 59.675603][ T1052] F2FS-fs (loop0): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 59.710497][ T1052] F2FS-fs (loop0): Found nat_bits in checkpoint [pid 1055] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 1057] <... write resumed>) = 20699119 [pid 1057] munmap(0x7f5376fec000, 138412032) = 0 [pid 1057] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 1057] ioctl(4, LOOP_SET_FD, 3 [pid 1053] <... write resumed>) = 20699119 [pid 1053] munmap(0x7f5376fec000, 138412032) = 0 [pid 311] <... umount2 resumed>) = 0 [pid 1053] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 311] umount2("./21/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] newfstatat(AT_FDCWD, "./21/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 311] umount2("./21/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] openat(AT_FDCWD, "./21/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 311] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 1057] <... ioctl resumed>) = 0 [pid 1057] close(3 [pid 1053] <... openat resumed>) = 4 [pid 311] getdents64(4, [pid 1057] <... close resumed>) = 0 [pid 1057] close(4) = 0 [pid 1057] mkdir("./file0", 0777) = 0 [pid 1053] ioctl(4, LOOP_SET_FD, 3 [pid 311] <... getdents64 resumed>0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 1057] mount("/dev/loop3", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 311] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 311] close(4) = 0 [pid 311] rmdir("./21/file0") = 0 [pid 311] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 311] close(3) = 0 [pid 311] rmdir("./21") = 0 [pid 311] mkdir("./22", 0777) = 0 [pid 311] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 1053] <... ioctl resumed>) = 0 [pid 1053] close(3 [pid 311] <... openat resumed>) = 3 [pid 1053] <... close resumed>) = 0 [pid 311] ioctl(3, LOOP_CLR_FD [pid 1053] close(4 [pid 311] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 1053] <... close resumed>) = 0 [pid 311] close(3 [pid 1053] mkdir("./file0", 0777 [pid 311] <... close resumed>) = 0 [pid 1053] <... mkdir resumed>) = 0 [pid 311] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 1053] mount("/dev/loop1", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 311] <... clone resumed>, child_tidptr=0x55555b716750) = 1065 executing program ./strace-static-x86_64: Process 1065 attached [pid 1065] set_robust_list(0x55555b716760, 24) = 0 [pid 1065] chdir("./22") = 0 [pid 1065] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1065] setpgid(0, 0) = 0 [pid 1065] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1065] write(3, "1000", 4) = 4 [pid 1065] close(3) = 0 [pid 1065] symlink("/dev/binderfs", "./binderfs") = 0 [pid 1065] write(1, "executing program\n", 18) = 18 [pid 1065] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1065] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 1065] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 1065] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 1065] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 1065] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1065] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[1066]}, 88) = 1066 [pid 1065] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1065] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1065] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 1066 attached [pid 1066] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 1066] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1066] memfd_create("syzkaller", 0) = 3 [pid 1066] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [ 59.814416][ T1057] F2FS-fs (loop3): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 59.823024][ T1052] F2FS-fs (loop0): Cannot turn on quotas: -2 on 0 [ 59.836348][ T1053] F2FS-fs (loop1): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 59.845256][ T1052] F2FS-fs (loop0): Cannot turn on quotas: -2 on 1 [ 59.853500][ T1052] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2 [pid 1052] <... mount resumed>) = 0 [pid 1052] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 1052] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 1052] ioctl(4, LOOP_CLR_FD) = 0 [pid 1052] close(4) = 0 [pid 1052] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1049] <... futex resumed>) = 0 [pid 1049] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1052] fspick(AT_FDCWD, "./file0", 0 [pid 1049] <... futex resumed>) = 0 [pid 1049] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1052] <... fspick resumed>) = 4 [pid 1052] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1049] <... futex resumed>) = 0 [pid 1049] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1049] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 59.860989][ T1052] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [pid 1052] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = 0 [pid 1052] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1049] <... futex resumed>) = 0 [pid 1049] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1049] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1052] openat(AT_FDCWD, "./file0", O_RDONLY) = 5 [pid 1052] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1049] <... futex resumed>) = 0 [pid 1049] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1049] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1052] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140) = 0 [pid 1052] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1049] <... futex resumed>) = 0 [pid 1049] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1049] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1052] prlimit64(0, RLIMIT_RTPRIO, NULL, NULL) = 0 [pid 1052] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1049] <... futex resumed>) = 0 [pid 1049] exit_group(0) = ? [pid 1052] +++ exited with 0 +++ [pid 1049] +++ exited with 0 +++ [pid 307] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1049, si_uid=0, si_status=0, si_utime=5, si_stime=13} --- [pid 307] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 307] umount2("./20", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 307] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 307] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 307] umount2("./20/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] newfstatat(AT_FDCWD, "./20/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 307] unlink("./20/binderfs") = 0 [ 59.890086][ T1057] F2FS-fs (loop3): Found nat_bits in checkpoint [ 59.899034][ T1053] F2FS-fs (loop1): Found nat_bits in checkpoint [pid 307] umount2("./20/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1055] <... write resumed>) = 20699119 [pid 1055] munmap(0x7f5376fec000, 138412032) = 0 [pid 1055] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 1055] ioctl(4, LOOP_SET_FD, 3 [pid 1053] <... mount resumed>) = 0 [pid 1053] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 1053] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 1055] <... ioctl resumed>) = 0 [pid 1055] close(3) = 0 [pid 1055] close(4) = 0 [pid 1055] mkdir("./file0", 0777) = 0 [pid 1055] mount("/dev/loop2", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 1053] <... openat resumed>) = 4 [pid 1053] ioctl(4, LOOP_CLR_FD) = 0 [pid 1053] close(4) = 0 [pid 1053] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1048] <... futex resumed>) = 0 [pid 1048] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1053] fspick(AT_FDCWD, "./file0", 0 [pid 1048] <... futex resumed>) = 0 [pid 1053] <... fspick resumed>) = 4 [ 59.962409][ T1053] F2FS-fs (loop1): Cannot turn on quotas: -2 on 0 [ 59.969325][ T1053] F2FS-fs (loop1): Cannot turn on quotas: -2 on 1 [ 59.977833][ T1053] F2FS-fs (loop1): Cannot turn on quotas: -2 on 2 [ 59.985130][ T1053] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 60.001800][ T1057] F2FS-fs (loop3): Cannot turn on quotas: -2 on 0 [pid 1048] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1066] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 1053] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1048] <... futex resumed>) = 0 [pid 1048] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1053] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 1048] <... futex resumed>) = 0 [pid 1048] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1053] <... fsconfig resumed>) = 0 [pid 1053] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1048] <... futex resumed>) = 0 [pid 1053] openat(AT_FDCWD, "./file0", O_RDONLY [pid 1048] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1053] <... openat resumed>) = 5 [pid 1048] <... futex resumed>) = 0 [pid 1053] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1048] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1053] <... futex resumed>) = 0 [pid 1048] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1053] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 1048] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1048] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1053] <... ioctl resumed>) = 0 [pid 1053] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1048] <... futex resumed>) = 0 [pid 1053] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 1048] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1053] <... prlimit64 resumed>NULL) = 0 [pid 1048] <... futex resumed>) = 0 [pid 1053] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1048] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1053] <... futex resumed>) = 0 [pid 1048] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1053] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1048] exit_group(0 [pid 1053] <... futex resumed>) = ? [pid 1048] <... exit_group resumed>) = ? [pid 1053] +++ exited with 0 +++ [pid 1048] +++ exited with 0 +++ [pid 308] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1048, si_uid=0, si_status=0, si_utime=7, si_stime=18} --- [pid 308] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 308] umount2("./20", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 308] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 308] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 308] umount2("./20/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] newfstatat(AT_FDCWD, "./20/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 308] unlink("./20/binderfs") = 0 [ 60.020636][ T1055] F2FS-fs (loop2): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 60.036762][ T1057] F2FS-fs (loop3): Cannot turn on quotas: -2 on 1 [ 60.043573][ T24] audit: type=1400 audit(1743587981.480:73): avc: denied { remove_name } for pid=77 comm="syslogd" name="messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 60.069048][ T24] audit: type=1400 audit(1743587981.480:74): avc: denied { rename } for pid=77 comm="syslogd" name="messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 60.069743][ T1057] F2FS-fs (loop3): Cannot turn on quotas: -2 on 2 [ 60.112662][ T1055] F2FS-fs (loop2): Found nat_bits in checkpoint [pid 308] umount2("./20/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1057] <... mount resumed>) = 0 [pid 307] <... umount2 resumed>) = 0 [pid 1057] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 307] umount2("./20/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] newfstatat(AT_FDCWD, "./20/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 307] umount2("./20/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] openat(AT_FDCWD, "./20/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 1057] <... openat resumed>) = 3 [pid 1057] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 307] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 307] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 307] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 307] close(4) = 0 [pid 307] rmdir("./20/file0") = 0 [pid 307] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 307] close(3) = 0 [pid 307] rmdir("./20") = 0 [pid 307] mkdir("./21", 0777) = 0 [pid 1057] <... openat resumed>) = 4 [pid 1057] ioctl(4, LOOP_CLR_FD [pid 1055] <... mount resumed>) = 0 [pid 1057] <... ioctl resumed>) = 0 [pid 1057] close(4 [pid 1055] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 1057] <... close resumed>) = 0 [pid 1057] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1055] <... openat resumed>) = 3 [pid 1057] <... futex resumed>) = 1 [pid 1056] <... futex resumed>) = 0 [pid 1055] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 1057] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1056] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1057] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1055] <... openat resumed>) = 4 [pid 1057] fspick(AT_FDCWD, "./file0", 0 [pid 1056] <... futex resumed>) = 0 [pid 1055] ioctl(4, LOOP_CLR_FD [pid 1057] <... fspick resumed>) = 4 [pid 1056] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1055] <... ioctl resumed>) = 0 [pid 1057] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1056] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1055] close(4 [pid 1057] <... futex resumed>) = 0 [pid 1056] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1057] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 1056] <... futex resumed>) = 0 [pid 1055] <... close resumed>) = 0 [pid 1056] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1055] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1054] <... futex resumed>) = 0 [pid 1055] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1054] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1055] <... futex resumed>) = 0 [pid 1054] <... futex resumed>) = 1 [pid 1055] fspick(AT_FDCWD, "./file0", 0 [pid 1054] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1055] <... fspick resumed>) = 4 [pid 1055] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1054] <... futex resumed>) = 0 [pid 1055] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1054] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1055] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1054] <... futex resumed>) = 0 [pid 1055] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 1054] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 307] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 307] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 307] close(3) = 0 [pid 1057] <... fsconfig resumed>) = 0 [pid 1057] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1056] <... futex resumed>) = 0 [pid 1057] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1056] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1057] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1056] <... futex resumed>) = 0 [pid 1057] openat(AT_FDCWD, "./file0", O_RDONLY [pid 1056] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1057] <... openat resumed>) = 5 [pid 1057] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1056] <... futex resumed>) = 0 [pid 1057] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1056] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1057] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1056] <... futex resumed>) = 0 [pid 1057] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 1056] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 307] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 1057] <... ioctl resumed>) = 0 [pid 1057] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1056] <... futex resumed>) = 0 [pid 1057] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1056] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1057] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1056] <... futex resumed>) = 0 [pid 1057] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 1056] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1057] <... prlimit64 resumed>NULL) = 0 [pid 1057] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1056] <... futex resumed>) = 0 [pid 1057] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1056] exit_group(0 [pid 1057] <... futex resumed>) = ? [pid 1056] <... exit_group resumed>) = ? [pid 1057] +++ exited with 0 +++ [pid 1056] +++ exited with 0 +++ [pid 310] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1056, si_uid=0, si_status=0, si_utime=6, si_stime=16} --- [pid 310] restart_syscall(<... resuming interrupted clone ...> [pid 307] <... clone resumed>, child_tidptr=0x55555b716750) = 1082 [pid 310] <... restart_syscall resumed>) = 0 [pid 310] umount2("./21", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 310] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 310] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 310] umount2("./21/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] newfstatat(AT_FDCWD, "./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 310] unlink("./21/binderfs") = 0 [pid 310] umount2("./21/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 308] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 1082 attached [pid 1082] set_robust_list(0x55555b716760, 24 [pid 1055] <... fsconfig resumed>) = 0 [pid 308] umount2("./20/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1082] <... set_robust_list resumed>) = 0 [pid 1055] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1082] chdir("./21" [pid 1055] <... futex resumed>) = 1 [pid 1054] <... futex resumed>) = 0 [pid 308] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 1082] <... chdir resumed>) = 0 [pid 1055] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1054] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 308] newfstatat(AT_FDCWD, "./20/file0", [pid 1082] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 1055] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1054] <... futex resumed>) = 0 [pid 1082] <... prctl resumed>) = 0 [pid 1055] openat(AT_FDCWD, "./file0", O_RDONLY [pid 1054] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 308] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 1082] setpgid(0, 0 [pid 1055] <... openat resumed>) = 5 [pid 308] umount2("./20/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1082] <... setpgid resumed>) = 0 [pid 1055] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1082] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 1055] <... futex resumed>) = 1 [pid 1054] <... futex resumed>) = 0 [ 60.162727][ T1055] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0 [ 60.170459][ T1057] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 60.179060][ T1055] F2FS-fs (loop2): Cannot turn on quotas: -2 on 1 [ 60.185859][ T1055] F2FS-fs (loop2): Cannot turn on quotas: -2 on 2 [ 60.193538][ T1055] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [pid 308] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 1082] <... openat resumed>) = 3 [pid 1055] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1054] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 308] openat(AT_FDCWD, "./20/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 1082] write(3, "1000", 4 [pid 1055] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1054] <... futex resumed>) = 0 [pid 1082] <... write resumed>) = 4 [pid 1055] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 1054] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 308] <... openat resumed>) = 4 [pid 1082] close(3 [pid 308] newfstatat(4, "", [pid 1082] <... close resumed>) = 0 [pid 1082] symlink("/dev/binderfs", "./binderfs" [pid 308] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 1082] <... symlink resumed>) = 0 [pid 308] getdents64(4, [pid 1055] <... ioctl resumed>) = 0 executing program [pid 1082] write(1, "executing program\n", 18 [pid 1055] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 308] <... getdents64 resumed>0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 1082] <... write resumed>) = 18 [pid 1055] <... futex resumed>) = 1 [pid 1054] <... futex resumed>) = 0 [pid 308] getdents64(4, [pid 1082] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1055] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1054] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 308] <... getdents64 resumed>0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 1082] <... futex resumed>) = 0 [pid 1055] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1054] <... futex resumed>) = 0 [pid 308] close(4 [pid 1082] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, [pid 1055] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 1054] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1082] <... rt_sigaction resumed>NULL, 8) = 0 [pid 1055] <... prlimit64 resumed>NULL) = 0 [pid 308] <... close resumed>) = 0 [pid 1082] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 1055] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 308] rmdir("./20/file0" [pid 1082] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 1055] <... futex resumed>) = 1 [pid 1054] <... futex resumed>) = 0 [pid 1054] exit_group(0 [pid 1082] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 1054] <... exit_group resumed>) = ? [pid 308] <... rmdir resumed>) = 0 [pid 1082] <... mmap resumed>) = 0x7f537f3ec000 [pid 1055] +++ exited with 0 +++ [pid 1054] +++ exited with 0 +++ [pid 308] getdents64(3, [pid 1082] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE [pid 309] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1054, si_uid=0, si_status=0, si_utime=4, si_stime=16} --- [pid 1082] <... mprotect resumed>) = 0 [pid 309] restart_syscall(<... resuming interrupted clone ...> [pid 308] <... getdents64 resumed>0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 1082] rt_sigprocmask(SIG_BLOCK, ~[], [pid 308] close(3 [pid 1082] <... rt_sigprocmask resumed>[], 8) = 0 [pid 308] <... close resumed>) = 0 [pid 1082] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} [pid 308] rmdir("./20"./strace-static-x86_64: Process 1084 attached ) = 0 [pid 1082] <... clone3 resumed> => {parent_tid=[1084]}, 88) = 1084 [pid 308] mkdir("./21", 0777 [pid 1082] rt_sigprocmask(SIG_SETMASK, [], [pid 1084] set_robust_list(0x7f537f40c9a0, 24 [pid 1082] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 308] <... mkdir resumed>) = 0 [pid 1082] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 308] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 1082] <... futex resumed>) = 0 [pid 1082] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 1084] <... set_robust_list resumed>) = 0 [pid 1084] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1084] memfd_create("syzkaller", 0 [pid 309] <... restart_syscall resumed>) = 0 [pid 309] umount2("./19", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 309] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 309] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 309] umount2("./19/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] newfstatat(AT_FDCWD, "./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 309] unlink("./19/binderfs") = 0 [pid 309] umount2("./19/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1084] <... memfd_create resumed>) = 3 [pid 1084] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 1066] <... write resumed>) = 20699119 [pid 1066] munmap(0x7f5376fec000, 138412032) = 0 [pid 1066] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 308] <... openat resumed>) = 3 [pid 1066] ioctl(4, LOOP_SET_FD, 3 [pid 308] ioctl(3, LOOP_CLR_FD [pid 310] <... umount2 resumed>) = 0 [pid 310] umount2("./21/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1066] <... ioctl resumed>) = 0 [pid 1066] close(3 [pid 308] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 1066] <... close resumed>) = 0 [pid 308] close(3 [pid 1066] close(4 [pid 308] <... close resumed>) = 0 [pid 1066] <... close resumed>) = 0 [pid 308] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 1066] mkdir("./file0", 0777) = 0 [pid 308] <... clone resumed>, child_tidptr=0x55555b716750) = 1086 [pid 1066] mount("/dev/loop4", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 310] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 310] newfstatat(AT_FDCWD, "./21/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 310] umount2("./21/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] openat(AT_FDCWD, "./21/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 310] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 310] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 310] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 310] close(4) = 0 [pid 310] rmdir("./21/file0") = 0 [pid 310] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 310] close(3) = 0 [pid 310] rmdir("./21") = 0 [pid 310] mkdir("./22", 0777) = 0 [pid 310] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 310] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 310] close(3./strace-static-x86_64: Process 1086 attached [pid 1086] set_robust_list(0x55555b716760, 24) = 0 [pid 1086] chdir("./21") = 0 [pid 1086] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1086] setpgid(0, 0) = 0 [pid 1086] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1086] write(3, "1000", 4) = 4 [pid 1086] close(3) = 0 [pid 1086] symlink("/dev/binderfs", "./binderfs") = 0 [pid 1086] write(1, "executing program\n", 18executing program ) = 18 [pid 1086] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1086] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 1086] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 1086] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 1086] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 1086] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1086] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[1087]}, 88) = 1087 [pid 1086] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1086] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1086] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 1087 attached [pid 1087] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 1087] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1087] memfd_create("syzkaller", 0) = 3 [pid 1087] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 310] <... close resumed>) = 0 [pid 1087] <... mmap resumed>) = 0x7f5376fec000 [pid 310] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 1088 ./strace-static-x86_64: Process 1088 attached [pid 1088] set_robust_list(0x55555b716760, 24) = 0 [pid 1088] chdir("./22") = 0 [pid 1088] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1088] setpgid(0, 0) = 0 [pid 1088] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1088] write(3, "1000", 4) = 4 [pid 1088] close(3) = 0 [pid 1088] symlink("/dev/binderfs", "./binderfs") = 0 [pid 1088] write(1, "executing program\n", 18executing program ) = 18 [pid 1088] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1088] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 1084] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 1088] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 1088] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 1088] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 1088] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1088] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[1090]}, 88) = 1090 [pid 1088] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1088] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1088] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 1090 attached [pid 1090] set_robust_list(0x7f537f40c9a0, 24) = 0 [ 60.349550][ T1066] F2FS-fs (loop4): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 1090] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1090] memfd_create("syzkaller", 0) = 3 [pid 1090] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 309] <... umount2 resumed>) = 0 [pid 309] umount2("./19/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] newfstatat(AT_FDCWD, "./19/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 309] umount2("./19/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] openat(AT_FDCWD, "./19/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 309] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 309] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 309] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 309] close(4) = 0 [pid 309] rmdir("./19/file0") = 0 [pid 309] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 309] close(3) = 0 [pid 309] rmdir("./19") = 0 [pid 309] mkdir("./20", 0777) = 0 [pid 309] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 309] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 309] close(3) = 0 [pid 309] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 1092 ./strace-static-x86_64: Process 1092 attached [pid 1092] set_robust_list(0x55555b716760, 24) = 0 [pid 1092] chdir("./20") = 0 [pid 1092] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1092] setpgid(0, 0) = 0 [pid 1092] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1092] write(3, "1000", 4) = 4 [pid 1092] close(3) = 0 [pid 1092] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 1092] write(1, "executing program\n", 18) = 18 [pid 1092] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1092] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 1092] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 1092] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 1092] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 1092] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1092] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[1093]}, 88) = 1093 [pid 1092] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1092] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1092] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 1093 attached [pid 1093] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 1093] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1093] memfd_create("syzkaller", 0) = 3 [pid 1093] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [ 60.405035][ T1066] F2FS-fs (loop4): Found nat_bits in checkpoint [pid 1093] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119 [pid 1093] munmap(0x7f5376fec000, 138412032) = 0 [pid 1093] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 1093] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 1093] close(3) = 0 [pid 1093] close(4) = 0 [pid 1093] mkdir("./file0", 0777) = 0 [ 60.569035][ T1066] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0 [ 60.596420][ T1066] F2FS-fs (loop4): Cannot turn on quotas: -2 on 1 [ 60.598921][ T1093] F2FS-fs (loop2): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 1093] mount("/dev/loop2", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 1066] <... mount resumed>) = 0 [pid 1066] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 1066] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 1066] ioctl(4, LOOP_CLR_FD) = 0 [pid 1066] close(4 [pid 1090] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 1066] <... close resumed>) = 0 [pid 1066] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1065] <... futex resumed>) = 0 [pid 1066] <... futex resumed>) = 1 [pid 1065] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1066] fspick(AT_FDCWD, "./file0", 0 [pid 1065] <... futex resumed>) = 0 [pid 1066] <... fspick resumed>) = 4 [pid 1065] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1066] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1065] <... futex resumed>) = 0 [pid 1065] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1066] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 1065] <... futex resumed>) = 0 [pid 1065] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 60.612599][ T1066] F2FS-fs (loop4): Cannot turn on quotas: -2 on 2 [ 60.619786][ T1066] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [pid 1087] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 1066] <... fsconfig resumed>) = 0 [pid 1066] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1065] <... futex resumed>) = 0 [pid 1066] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1065] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1066] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1065] <... futex resumed>) = 0 [pid 1066] openat(AT_FDCWD, "./file0", O_RDONLY [pid 1065] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1066] <... openat resumed>) = 5 [pid 1066] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1065] <... futex resumed>) = 0 [pid 1066] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1065] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1066] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1065] <... futex resumed>) = 0 [pid 1066] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 1065] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1066] <... ioctl resumed>) = 0 [pid 1066] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1065] <... futex resumed>) = 0 [pid 1066] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1065] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1066] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1065] <... futex resumed>) = 0 [pid 1066] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 1065] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1066] <... prlimit64 resumed>NULL) = 0 [pid 1066] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1065] <... futex resumed>) = 0 [pid 1066] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1065] exit_group(0 [pid 1066] <... futex resumed>) = ? [pid 1065] <... exit_group resumed>) = ? [pid 1066] +++ exited with 0 +++ [pid 1065] +++ exited with 0 +++ [pid 311] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1065, si_uid=0, si_status=0, si_utime=4, si_stime=20} --- [pid 311] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 311] umount2("./22", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 1084] <... write resumed>) = 20699119 [pid 311] <... openat resumed>) = 3 [pid 1084] munmap(0x7f5376fec000, 138412032 [pid 311] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 311] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 311] umount2("./22/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] newfstatat(AT_FDCWD, "./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 311] unlink("./22/binderfs") = 0 [pid 311] umount2("./22/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1084] <... munmap resumed>) = 0 [pid 1084] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 1084] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 1084] close(3) = 0 [ 60.680790][ T1093] F2FS-fs (loop2): Found nat_bits in checkpoint [pid 1084] close(4 [pid 1093] <... mount resumed>) = 0 [pid 1093] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 1093] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 1084] <... close resumed>) = 0 [pid 1093] <... openat resumed>) = 4 [pid 1093] ioctl(4, LOOP_CLR_FD [pid 1084] mkdir("./file0", 0777) = 0 [pid 1093] <... ioctl resumed>) = 0 [pid 1093] close(4 [pid 1084] mount("/dev/loop0", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 1093] <... close resumed>) = 0 [pid 1093] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1092] <... futex resumed>) = 0 [pid 1092] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1092] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1093] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 1093] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1092] <... futex resumed>) = 0 [pid 1092] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1092] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1093] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 1090] <... write resumed>) = 20699119 [pid 1090] munmap(0x7f5376fec000, 138412032) = 0 [pid 1090] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 1093] <... fsconfig resumed>) = 0 [pid 1093] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1092] <... futex resumed>) = 0 [pid 1092] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1092] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1093] openat(AT_FDCWD, "./file0", O_RDONLY) = 5 [pid 1093] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1092] <... futex resumed>) = 0 [pid 1092] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1092] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1093] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140) = 0 [pid 1093] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1092] <... futex resumed>) = 0 [pid 1092] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1092] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1093] prlimit64(0, RLIMIT_RTPRIO, NULL, NULL) = 0 [pid 1093] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1092] <... futex resumed>) = 0 [pid 1092] exit_group(0) = ? [pid 1093] +++ exited with 0 +++ [pid 1092] +++ exited with 0 +++ [pid 309] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1092, si_uid=0, si_status=0, si_utime=5, si_stime=16} --- [ 60.735792][ T1093] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0 [ 60.742897][ T1093] F2FS-fs (loop2): Cannot turn on quotas: -2 on 1 [ 60.750425][ T1093] F2FS-fs (loop2): Cannot turn on quotas: -2 on 2 [ 60.757401][ T1093] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [pid 309] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 309] umount2("./20", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 309] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 309] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 309] umount2("./20/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] newfstatat(AT_FDCWD, "./20/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 309] unlink("./20/binderfs") = 0 [pid 309] umount2("./20/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1090] <... openat resumed>) = 4 [pid 1090] ioctl(4, LOOP_SET_FD, 3 [pid 1087] <... write resumed>) = 20699119 [pid 1087] munmap(0x7f5376fec000, 138412032) = 0 [pid 1087] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 1090] <... ioctl resumed>) = 0 [pid 1090] close(3) = 0 [pid 1090] close(4 [pid 311] <... umount2 resumed>) = 0 [pid 311] umount2("./22/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] newfstatat(AT_FDCWD, "./22/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 311] umount2("./22/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] openat(AT_FDCWD, "./22/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 311] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 311] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 311] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 311] close(4) = 0 [pid 311] rmdir("./22/file0") = 0 [pid 311] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 311] close(3) = 0 [pid 311] rmdir("./22") = 0 [pid 311] mkdir("./23", 0777) = 0 [pid 311] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 1090] <... close resumed>) = 0 [pid 1090] mkdir("./file0", 0777 [pid 1087] <... openat resumed>) = 4 [pid 309] <... umount2 resumed>) = 0 [pid 309] umount2("./20/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 1087] ioctl(4, LOOP_SET_FD, 3 [pid 309] newfstatat(AT_FDCWD, "./20/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 309] umount2("./20/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] openat(AT_FDCWD, "./20/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 309] newfstatat(4, "", [pid 1090] <... mkdir resumed>) = 0 [pid 309] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 1090] mount("/dev/loop3", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 309] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 309] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 309] close(4) = 0 [pid 309] rmdir("./20/file0") = 0 [pid 309] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 309] close(3) = 0 [pid 309] rmdir("./20") = 0 [pid 309] mkdir("./21", 0777) = 0 [pid 309] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 1087] <... ioctl resumed>) = 0 [pid 311] <... openat resumed>) = 3 [pid 1087] close(3) = 0 [pid 311] ioctl(3, LOOP_CLR_FD [ 60.860999][ T1084] F2FS-fs (loop0): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 60.878556][ T1090] F2FS-fs (loop3): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 60.879038][ T1084] F2FS-fs (loop0): Found nat_bits in checkpoint [ 60.895597][ T1090] F2FS-fs (loop3): Found nat_bits in checkpoint [pid 1087] close(4) = 0 [pid 311] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 309] <... openat resumed>) = 3 [pid 1087] mkdir("./file0", 0777 [pid 311] close(3 [pid 309] ioctl(3, LOOP_CLR_FD [pid 1087] <... mkdir resumed>) = 0 [pid 311] <... close resumed>) = 0 [pid 309] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 311] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 309] close(3 [pid 1087] mount("/dev/loop1", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 309] <... close resumed>) = 0 [pid 311] <... clone resumed>, child_tidptr=0x55555b716750) = 1108 [pid 309] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 1109 ./strace-static-x86_64: Process 1108 attached ./strace-static-x86_64: Process 1109 attached [pid 1108] set_robust_list(0x55555b716760, 24 [pid 1109] set_robust_list(0x55555b716760, 24) = 0 [pid 1108] <... set_robust_list resumed>) = 0 [pid 1108] chdir("./23" [pid 1109] chdir("./21" [pid 1108] <... chdir resumed>) = 0 [pid 1109] <... chdir resumed>) = 0 [pid 1108] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1108] setpgid(0, 0 [pid 1109] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 1108] <... setpgid resumed>) = 0 [pid 1109] <... prctl resumed>) = 0 [pid 1109] setpgid(0, 0 [pid 1108] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 1109] <... setpgid resumed>) = 0 [pid 1108] <... openat resumed>) = 3 [pid 1109] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 1108] write(3, "1000", 4) = 4 [pid 1109] <... openat resumed>) = 3 [pid 1109] write(3, "1000", 4 [pid 1108] close(3) = 0 [pid 1109] <... write resumed>) = 4 [pid 1108] symlink("/dev/binderfs", "./binderfs" [pid 1109] close(3 [pid 1108] <... symlink resumed>) = 0 [pid 1109] <... close resumed>) = 0 executing program [pid 1108] write(1, "executing program\n", 18 [pid 1109] symlink("/dev/binderfs", "./binderfs" [pid 1108] <... write resumed>) = 18 [pid 1109] <... symlink resumed>) = 0 [pid 1108] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1109] write(1, "executing program\n", 18executing program ) = 18 [pid 1108] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, [pid 1109] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1108] <... rt_sigaction resumed>NULL, 8) = 0 [pid 1109] <... futex resumed>) = 0 [pid 1108] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 1109] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, [pid 1108] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 1109] <... rt_sigaction resumed>NULL, 8) = 0 [pid 1108] <... mmap resumed>) = 0x7f537f3ec000 [pid 1108] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE [pid 1109] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 1108] <... mprotect resumed>) = 0 [pid 1109] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 1108] rt_sigprocmask(SIG_BLOCK, ~[], [pid 1109] <... mmap resumed>) = 0x7f537f3ec000 [ 60.952452][ T1090] F2FS-fs (loop3): Cannot turn on quotas: -2 on 0 [ 60.954762][ T1084] F2FS-fs (loop0): Cannot turn on quotas: -2 on 0 [ 60.960920][ T1090] F2FS-fs (loop3): Cannot turn on quotas: -2 on 1 [ 60.974830][ T1090] F2FS-fs (loop3): Cannot turn on quotas: -2 on 2 [ 60.982697][ T1084] F2FS-fs (loop0): Cannot turn on quotas: -2 on 1 [ 60.991532][ T1087] F2FS-fs (loop1): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 1109] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE [pid 1108] <... rt_sigprocmask resumed>[], 8) = 0 [pid 1109] <... mprotect resumed>) = 0 [pid 1108] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} [pid 1109] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1108] <... clone3 resumed> => {parent_tid=[1112]}, 88) = 1112 [pid 1109] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} [pid 1108] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1109] <... clone3 resumed> => {parent_tid=[1113]}, 88) = 1113 [pid 1108] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1109] rt_sigprocmask(SIG_SETMASK, [], [pid 1108] <... futex resumed>) = 0 [pid 1109] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 1108] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 1109] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1109] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 1112 attached [pid 1112] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 1112] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1112] memfd_create("syzkaller", 0) = 3 [pid 1112] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 ./strace-static-x86_64: Process 1113 attached [pid 1113] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 1113] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1113] memfd_create("syzkaller", 0) = 3 [pid 1113] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 1090] <... mount resumed>) = 0 [pid 1090] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 1090] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 1090] ioctl(4, LOOP_CLR_FD) = 0 [pid 1090] close(4) = 0 [pid 1090] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1088] <... futex resumed>) = 0 [pid 1088] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1088] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1090] <... futex resumed>) = 1 [pid 1090] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 1090] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1088] <... futex resumed>) = 0 [pid 1088] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1088] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1090] <... futex resumed>) = 1 [ 60.997530][ T1090] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 61.001058][ T1087] F2FS-fs (loop1): Found nat_bits in checkpoint [ 61.011119][ T1084] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2 [pid 1090] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = 0 [pid 1090] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1088] <... futex resumed>) = 0 [pid 1090] openat(AT_FDCWD, "./file0", O_RDONLY [pid 1088] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1090] <... openat resumed>) = 5 [pid 1088] <... futex resumed>) = 0 [pid 1090] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1088] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1090] <... futex resumed>) = 0 [pid 1088] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1090] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 1088] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1090] <... ioctl resumed>) = 0 [pid 1088] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1090] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1088] <... futex resumed>) = 0 [pid 1090] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 1088] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1090] <... prlimit64 resumed>NULL) = 0 [pid 1088] <... futex resumed>) = 0 [pid 1090] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1088] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1090] <... futex resumed>) = 0 [pid 1088] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1090] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1088] exit_group(0 [pid 1090] <... futex resumed>) = ? [pid 1088] <... exit_group resumed>) = ? [pid 1090] +++ exited with 0 +++ [pid 1088] +++ exited with 0 +++ [pid 310] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1088, si_uid=0, si_status=0, si_utime=3, si_stime=16} --- [pid 310] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 310] umount2("./22", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 310] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 310] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 310] umount2("./22/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] newfstatat(AT_FDCWD, "./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 310] unlink("./22/binderfs") = 0 [pid 310] umount2("./22/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1084] <... mount resumed>) = 0 [pid 1084] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 1084] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 1084] ioctl(4, LOOP_CLR_FD) = 0 [ 61.065486][ T1084] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 61.093580][ T1087] F2FS-fs (loop1): Cannot turn on quotas: -2 on 0 [pid 1084] close(4) = 0 [pid 1084] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1082] <... futex resumed>) = 0 [pid 1082] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1082] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1084] <... futex resumed>) = 1 [pid 1084] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 1084] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1082] <... futex resumed>) = 0 [pid 1082] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1082] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1084] <... futex resumed>) = 1 [pid 1084] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 1087] <... mount resumed>) = 0 [pid 1087] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 1087] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 1084] <... fsconfig resumed>) = 0 [pid 1084] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1082] <... futex resumed>) = 0 [pid 1084] openat(AT_FDCWD, "./file0", O_RDONLY [pid 1082] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1084] <... openat resumed>) = 5 [pid 1082] <... futex resumed>) = 0 [pid 1084] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1082] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1084] <... futex resumed>) = 0 [pid 1082] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1084] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 1082] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1082] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1084] <... ioctl resumed>) = 0 [pid 1084] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1082] <... futex resumed>) = 0 [pid 1084] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 1082] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1084] <... prlimit64 resumed>NULL) = 0 [pid 1082] <... futex resumed>) = 0 [pid 1084] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1082] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1084] <... futex resumed>) = 0 [pid 1082] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1084] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1082] exit_group(0 [pid 1084] <... futex resumed>) = ? [pid 1082] <... exit_group resumed>) = ? [pid 1084] +++ exited with 0 +++ [pid 1082] +++ exited with 0 +++ [pid 307] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1082, si_uid=0, si_status=0, si_utime=4, si_stime=20} --- [pid 307] restart_syscall(<... resuming interrupted clone ...> [pid 1112] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 307] <... restart_syscall resumed>) = 0 [pid 307] umount2("./21", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 307] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 307] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 307] umount2("./21/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] newfstatat(AT_FDCWD, "./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 307] unlink("./21/binderfs") = 0 [ 61.109326][ T1087] F2FS-fs (loop1): Cannot turn on quotas: -2 on 1 [ 61.119701][ T1087] F2FS-fs (loop1): Cannot turn on quotas: -2 on 2 [ 61.126720][ T1087] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [pid 307] umount2("./21/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1087] <... openat resumed>) = 4 [pid 1087] ioctl(4, LOOP_CLR_FD [pid 1113] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 1087] <... ioctl resumed>) = 0 [pid 1087] close(4) = 0 [pid 1087] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1086] <... futex resumed>) = 0 [pid 1087] fspick(AT_FDCWD, "./file0", 0 [pid 1086] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1087] <... fspick resumed>) = 4 [pid 1086] <... futex resumed>) = 0 [pid 1087] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1086] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1087] <... futex resumed>) = 0 [pid 1086] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1087] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 1086] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1086] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1087] <... fsconfig resumed>) = 0 [pid 1087] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1087] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1086] <... futex resumed>) = 0 [pid 1086] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1087] <... futex resumed>) = 0 [pid 1086] <... futex resumed>) = 1 [pid 1087] openat(AT_FDCWD, "./file0", O_RDONLY) = 5 [pid 1086] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1087] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1087] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1086] <... futex resumed>) = 0 [pid 1086] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1087] <... futex resumed>) = 0 [pid 1086] <... futex resumed>) = 1 [pid 1087] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 1086] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1087] <... ioctl resumed>) = 0 [pid 1087] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1086] <... futex resumed>) = 0 [pid 1087] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1086] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1087] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1086] <... futex resumed>) = 0 [pid 1087] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 1086] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1087] <... prlimit64 resumed>NULL) = 0 [pid 1087] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1087] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1086] <... futex resumed>) = 0 [pid 1086] exit_group(0 [pid 1087] <... futex resumed>) = ? [pid 1086] <... exit_group resumed>) = ? [pid 1087] +++ exited with 0 +++ [pid 1086] +++ exited with 0 +++ [pid 308] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1086, si_uid=0, si_status=0, si_utime=5, si_stime=17} --- [pid 308] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 308] umount2("./21", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 308] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 308] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 308] umount2("./21/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] newfstatat(AT_FDCWD, "./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 308] unlink("./21/binderfs") = 0 [pid 308] umount2("./21/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1112] <... write resumed>) = 20699119 [pid 1112] munmap(0x7f5376fec000, 138412032) = 0 [pid 1113] <... write resumed>) = 20699119 [pid 1112] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 310] <... umount2 resumed>) = 0 [pid 310] umount2("./22/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] newfstatat(AT_FDCWD, "./22/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 310] umount2("./22/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 310] openat(AT_FDCWD, "./22/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 310] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 310] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 310] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 310] close(4) = 0 [pid 310] rmdir("./22/file0") = 0 [pid 310] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 310] close(3) = 0 [pid 310] rmdir("./22") = 0 [pid 310] mkdir("./23", 0777) = 0 [pid 310] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 1113] munmap(0x7f5376fec000, 138412032) = 0 [pid 1113] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 307] <... umount2 resumed>) = 0 [pid 307] umount2("./21/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] newfstatat(AT_FDCWD, "./21/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 307] umount2("./21/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 307] openat(AT_FDCWD, "./21/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 307] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 307] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 307] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 307] close(4) = 0 [pid 307] rmdir("./21/file0") = 0 [pid 307] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 307] close(3) = 0 [pid 307] rmdir("./21") = 0 [pid 307] mkdir("./22", 0777) = 0 [pid 307] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 1112] <... openat resumed>) = 4 [pid 1112] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 310] <... openat resumed>) = 3 [pid 310] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 310] close(3 [pid 1113] <... openat resumed>) = 4 [pid 1112] close(3 [pid 310] <... close resumed>) = 0 [pid 307] <... openat resumed>) = 3 [pid 1113] ioctl(4, LOOP_SET_FD, 3 [pid 307] ioctl(3, LOOP_CLR_FD [pid 1112] <... close resumed>) = 0 [pid 310] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 1112] close(4 [pid 310] <... clone resumed>, child_tidptr=0x55555b716750) = 1123 [pid 1113] <... ioctl resumed>) = 0 [pid 1112] <... close resumed>) = 0 [pid 307] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 1112] mkdir("./file0", 0777) = 0 [pid 1112] mount("/dev/loop4", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 307] close(3 [pid 1113] close(3 [pid 307] <... close resumed>) = 0 [pid 1113] <... close resumed>) = 0 [pid 307] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 1113] close(4) = 0 [pid 307] <... clone resumed>, child_tidptr=0x55555b716750) = 1124 [pid 1113] mkdir("./file0", 0777) = 0 [pid 1113] mount("/dev/loop2", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"..../strace-static-x86_64: Process 1124 attached ./strace-static-x86_64: Process 1123 attached [pid 1124] set_robust_list(0x55555b716760, 24 [pid 1123] set_robust_list(0x55555b716760, 24 [pid 1124] <... set_robust_list resumed>) = 0 [pid 1123] <... set_robust_list resumed>) = 0 [pid 1124] chdir("./22" [pid 1123] chdir("./23" [pid 1124] <... chdir resumed>) = 0 [pid 1124] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 1123] <... chdir resumed>) = 0 [pid 1124] <... prctl resumed>) = 0 [pid 1123] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 1124] setpgid(0, 0 [pid 1123] <... prctl resumed>) = 0 [pid 1124] <... setpgid resumed>) = 0 [pid 1123] setpgid(0, 0 [pid 1124] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 1123] <... setpgid resumed>) = 0 [pid 1124] <... openat resumed>) = 3 [pid 1124] write(3, "1000", 4 [pid 1123] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 1124] <... write resumed>) = 4 [pid 1123] <... openat resumed>) = 3 [pid 1124] close(3 [pid 1123] write(3, "1000", 4 [pid 1124] <... close resumed>) = 0 [pid 1123] <... write resumed>) = 4 [pid 1124] symlink("/dev/binderfs", "./binderfs" [pid 1123] close(3executing program [pid 1124] <... symlink resumed>) = 0 [pid 1124] write(1, "executing program\n", 18 [pid 1123] <... close resumed>) = 0 [pid 1124] <... write resumed>) = 18 [pid 1123] symlink("/dev/binderfs", "./binderfs" [pid 1124] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000executing program ) = 0 [pid 1123] <... symlink resumed>) = 0 [pid 1124] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, [pid 1123] write(1, "executing program\n", 18 [pid 1124] <... rt_sigaction resumed>NULL, 8) = 0 [pid 1123] <... write resumed>) = 18 [pid 1124] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 1123] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1124] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 1123] <... futex resumed>) = 0 [pid 1124] <... mmap resumed>) = 0x7f537f3ec000 [pid 1123] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, [pid 1124] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE [pid 1123] <... rt_sigaction resumed>NULL, 8) = 0 [pid 1124] <... mprotect resumed>) = 0 [pid 1123] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 1124] rt_sigprocmask(SIG_BLOCK, ~[], [pid 1123] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 1124] <... rt_sigprocmask resumed>[], 8) = 0 [pid 1123] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 1124] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} [pid 1123] <... mmap resumed>) = 0x7f537f3ec000 [pid 1123] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE [pid 1124] <... clone3 resumed> => {parent_tid=[1129]}, 88) = 1129 [pid 1123] <... mprotect resumed>) = 0 [pid 1124] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1123] rt_sigprocmask(SIG_BLOCK, ~[], [pid 1124] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1123] <... rt_sigprocmask resumed>[], 8) = 0 [pid 1124] <... futex resumed>) = 0 [pid 1123] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} [pid 1124] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 1123] <... clone3 resumed> => {parent_tid=[1130]}, 88) = 1130 [pid 1123] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1123] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1123] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 1130 attached ./strace-static-x86_64: Process 1129 attached [pid 1130] set_robust_list(0x7f537f40c9a0, 24 [pid 1129] set_robust_list(0x7f537f40c9a0, 24 [pid 1130] <... set_robust_list resumed>) = 0 [pid 1129] <... set_robust_list resumed>) = 0 [pid 1130] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1129] rt_sigprocmask(SIG_SETMASK, [], [pid 1130] memfd_create("syzkaller", 0 [pid 1129] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 1130] <... memfd_create resumed>) = 3 [pid 1130] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 1129] memfd_create("syzkaller", 0 [pid 1130] <... mmap resumed>) = 0x7f5376fec000 [pid 1129] <... memfd_create resumed>) = 3 [pid 1129] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [ 61.355828][ T1112] F2FS-fs (loop4): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 61.370225][ T1113] F2FS-fs (loop2): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 61.373914][ T1112] F2FS-fs (loop4): Found nat_bits in checkpoint [ 61.397589][ T1113] F2FS-fs (loop2): Found nat_bits in checkpoint [pid 1112] <... mount resumed>) = 0 [pid 1112] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 1112] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 1112] ioctl(4, LOOP_CLR_FD) = 0 [pid 1112] close(4) = 0 [pid 1112] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1108] <... futex resumed>) = 0 [pid 1108] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1108] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1112] <... futex resumed>) = 1 [pid 1112] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 1112] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1108] <... futex resumed>) = 0 [pid 1108] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1108] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1112] <... futex resumed>) = 1 [pid 1112] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 308] <... umount2 resumed>) = 0 [pid 1112] <... fsconfig resumed>) = 0 [pid 1112] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1108] <... futex resumed>) = 0 [pid 1108] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1108] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1112] openat(AT_FDCWD, "./file0", O_RDONLY) = 5 [pid 1112] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1108] <... futex resumed>) = 0 [pid 1108] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1112] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 1108] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1112] <... ioctl resumed>) = 0 [pid 1112] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1108] <... futex resumed>) = 0 [pid 1112] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 1108] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1112] <... prlimit64 resumed>NULL) = 0 [pid 1108] <... futex resumed>) = 0 [pid 1112] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1108] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1112] <... futex resumed>) = 0 [pid 1108] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1112] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1108] exit_group(0 [pid 1112] <... futex resumed>) = ? [pid 1108] <... exit_group resumed>) = ? [pid 1112] +++ exited with 0 +++ [pid 1108] +++ exited with 0 +++ [pid 311] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1108, si_uid=0, si_status=0, si_utime=5, si_stime=17} --- [pid 311] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 311] umount2("./23", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 311] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 311] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 311] umount2("./23/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 311] newfstatat(AT_FDCWD, "./23/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 311] unlink("./23/binderfs") = 0 [pid 311] umount2("./23/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 308] umount2("./21/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] newfstatat(AT_FDCWD, "./21/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 308] umount2("./21/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 308] openat(AT_FDCWD, "./21/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 308] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 308] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 308] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 308] close(4) = 0 [pid 308] rmdir("./21/file0") = 0 [pid 308] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 308] close(3) = 0 [pid 308] rmdir("./21") = 0 [ 61.433946][ T1112] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0 [ 61.441418][ T1112] F2FS-fs (loop4): Cannot turn on quotas: -2 on 1 [ 61.448655][ T1112] F2FS-fs (loop4): Cannot turn on quotas: -2 on 2 [ 61.456203][ T1112] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [pid 308] mkdir("./22", 0777) = 0 [pid 308] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 308] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 308] close(3) = 0 [pid 308] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555b716750) = 1133 ./strace-static-x86_64: Process 1133 attached [pid 1130] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 1133] set_robust_list(0x55555b716760, 24) = 0 [pid 1133] chdir("./22") = 0 [pid 1133] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1133] setpgid(0, 0) = 0 [pid 1133] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1133] write(3, "1000", 4) = 4 [pid 1133] close(3) = 0 [pid 1133] symlink("/dev/binderfs", "./binderfs") = 0 [pid 1133] write(1, "executing program\n", 18executing program ) = 18 [pid 1133] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1133] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 1133] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 1133] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 1133] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 1133] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1133] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[1134]}, 88) = 1134 [pid 1133] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1133] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1133] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 1134 attached [pid 1134] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 1134] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1134] memfd_create("syzkaller", 0) = 3 [pid 1134] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [ 61.563803][ T1113] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0 [ 61.579427][ T1113] F2FS-fs (loop2): Cannot turn on quotas: -2 on 1 [ 61.597725][ T1113] F2FS-fs (loop2): Cannot turn on quotas: -2 on 2 [pid 1129] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 1113] <... mount resumed>) = 0 [pid 1113] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 1113] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 1113] ioctl(4, LOOP_CLR_FD) = 0 [pid 1113] close(4) = 0 [pid 1113] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1113] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1109] <... futex resumed>) = 0 [pid 1109] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1113] <... futex resumed>) = 0 [pid 1109] <... futex resumed>) = 1 [pid 1113] fspick(AT_FDCWD, "./file0", 0 [pid 1109] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1113] <... fspick resumed>) = 4 [pid 1113] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1113] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1109] <... futex resumed>) = 0 [pid 1109] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1113] <... futex resumed>) = 0 [pid 1109] <... futex resumed>) = 1 [pid 1113] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 1109] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 311] <... umount2 resumed>) = 0 [pid 311] umount2("./23/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1113] <... fsconfig resumed>) = 0 [pid 1113] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 311] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 1113] <... futex resumed>) = 1 [pid 1109] <... futex resumed>) = 0 [pid 311] newfstatat(AT_FDCWD, "./23/file0", [pid 1113] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 311] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 1109] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1113] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 311] umount2("./23/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1113] openat(AT_FDCWD, "./file0", O_RDONLY [pid 1109] <... futex resumed>) = 0 [pid 311] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 1113] <... openat resumed>) = 5 [pid 311] openat(AT_FDCWD, "./23/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 1113] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 311] <... openat resumed>) = 4 [pid 1109] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1113] <... futex resumed>) = 0 [pid 311] newfstatat(4, "", [pid 1113] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [ 61.627333][ T1113] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [pid 311] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 1109] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 311] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 1109] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 311] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 311] close(4) = 0 [pid 311] rmdir("./23/file0" [pid 1109] <... futex resumed>) = 1 [pid 1113] <... futex resumed>) = 0 [pid 1109] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 311] <... rmdir resumed>) = 0 [pid 1113] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 311] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 311] close(3) = 0 [pid 311] rmdir("./23" [pid 1113] <... ioctl resumed>) = 0 [pid 311] <... rmdir resumed>) = 0 [pid 1113] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 311] mkdir("./24", 0777 [pid 1113] <... futex resumed>) = 1 [pid 1109] <... futex resumed>) = 0 [pid 311] <... mkdir resumed>) = 0 [pid 1109] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1113] prlimit64(0, RLIMIT_RTPRIO, NULL, [pid 1109] <... futex resumed>) = 0 [pid 311] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 1113] <... prlimit64 resumed>NULL) = 0 [pid 1109] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1113] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 311] <... openat resumed>) = 3 [pid 1109] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1113] <... futex resumed>) = 0 [pid 1109] exit_group(0 [pid 1113] exit_group(0 [pid 311] ioctl(3, LOOP_CLR_FD [pid 1113] +++ exited with 0 +++ [pid 1109] <... exit_group resumed>) = ? [pid 311] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 311] close(3 [pid 1109] +++ exited with 0 +++ [pid 311] <... close resumed>) = 0 [pid 311] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 309] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1109, si_uid=0, si_status=0, si_utime=6, si_stime=15} --- [pid 311] <... clone resumed>, child_tidptr=0x55555b716750) = 1137 [pid 309] umount2("./21", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 309] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 309] getdents64(3, 0x55555b7177f0 /* 4 entries */, 32768) = 112 [pid 309] umount2("./21/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] newfstatat(AT_FDCWD, "./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 309] unlink("./21/binderfs") = 0 [pid 309] umount2("./21/file0", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 1137 attached [pid 1137] set_robust_list(0x55555b716760, 24) = 0 [pid 1137] chdir("./24") = 0 [pid 1137] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1137] setpgid(0, 0) = 0 [pid 1137] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1137] write(3, "1000", 4) = 4 [pid 1137] close(3) = 0 [pid 1137] symlink("/dev/binderfs", "./binderfs") = 0 [pid 1137] write(1, "executing program\n", 18executing program ) = 18 [pid 1137] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1137] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 1137] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 1137] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 1137] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 1137] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1137] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[1138]}, 88) = 1138 [pid 1137] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1137] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1137] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 1138 attached [pid 1138] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 1138] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1138] memfd_create("syzkaller", 0) = 3 [pid 1138] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [pid 1130] <... write resumed>) = 20699119 [pid 1129] <... write resumed>) = 20699119 [pid 1129] munmap(0x7f5376fec000, 138412032) = 0 [pid 1129] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 1130] munmap(0x7f5376fec000, 138412032) = 0 [pid 1130] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 1134] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 1129] <... openat resumed>) = 4 [pid 1130] <... openat resumed>) = 4 [pid 1129] ioctl(4, LOOP_SET_FD, 3 [pid 1130] ioctl(4, LOOP_SET_FD, 3 [pid 1129] <... ioctl resumed>) = 0 [pid 1129] close(3) = 0 [pid 1129] close(4 [pid 1130] <... ioctl resumed>) = 0 [pid 1130] close(3) = 0 [pid 1130] close(4 [pid 1134] <... write resumed>) = 20699119 [pid 1134] munmap(0x7f5376fec000, 138412032) = 0 [pid 1129] <... close resumed>) = 0 [pid 1129] mkdir("./file0", 0777) = 0 [pid 1129] mount("/dev/loop0", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 1134] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 1138] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 309] <... umount2 resumed>) = 0 [pid 309] umount2("./21/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] newfstatat(AT_FDCWD, "./21/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 309] umount2("./21/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 309] openat(AT_FDCWD, "./21/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 309] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 309] getdents64(4, 0x55555b71f830 /* 2 entries */, 32768) = 48 [pid 309] getdents64(4, 0x55555b71f830 /* 0 entries */, 32768) = 0 [pid 309] close(4) = 0 [pid 309] rmdir("./21/file0") = 0 [pid 309] getdents64(3, 0x55555b7177f0 /* 0 entries */, 32768) = 0 [pid 309] close(3) = 0 [pid 309] rmdir("./21") = 0 [pid 309] mkdir("./22", 0777) = 0 [pid 309] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 1130] <... close resumed>) = 0 [pid 1130] mkdir("./file0", 0777) = 0 [pid 1130] mount("/dev/loop3", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 1138] <... write resumed>) = 20699119 [pid 1138] munmap(0x7f5376fec000, 138412032) = 0 [pid 1138] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 1134] <... openat resumed>) = 4 [pid 309] <... openat resumed>) = 3 [pid 1134] ioctl(4, LOOP_SET_FD, 3 [pid 309] ioctl(3, LOOP_CLR_FD [pid 1134] <... ioctl resumed>) = 0 [pid 1134] close(3) = 0 [pid 1134] close(4) = 0 [pid 309] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 1134] mkdir("./file0", 0777 [pid 309] close(3 [pid 1134] <... mkdir resumed>) = 0 [pid 309] <... close resumed>) = 0 [pid 309] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 1134] mount("/dev/loop1", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 309] <... clone resumed>, child_tidptr=0x55555b716750) = 1144 [pid 1138] <... openat resumed>) = 4 [pid 1138] ioctl(4, LOOP_SET_FD, 3executing program ./strace-static-x86_64: Process 1144 attached [pid 1144] set_robust_list(0x55555b716760, 24) = 0 [pid 1144] chdir("./22") = 0 [pid 1144] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1144] setpgid(0, 0) = 0 [pid 1144] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1144] write(3, "1000", 4) = 4 [pid 1144] close(3) = 0 [pid 1144] symlink("/dev/binderfs", "./binderfs") = 0 [pid 1144] write(1, "executing program\n", 18) = 18 [pid 1144] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1144] rt_sigaction(SIGRT_1, {sa_handler=0x7f537f476840, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f537f41fc40}, NULL, 8) = 0 [pid 1144] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 1144] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3ec000 [pid 1144] mprotect(0x7f537f3ed000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 1144] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1144] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f40c990, parent_tid=0x7f537f40c990, exit_signal=0, stack=0x7f537f3ec000, stack_size=0x20240, tls=0x7f537f40c6c0} => {parent_tid=[1146]}, 88) = 1146 [pid 1144] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1144] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1144] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 1138] <... ioctl resumed>) = 0 [pid 1138] close(3) = 0 [pid 1138] close(4) = 0 [pid 1138] mkdir("./file0", 0777) = 0 [ 61.960788][ T1130] F2FS-fs (loop3): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 61.979519][ T1134] F2FS-fs (loop1): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 61.995051][ T1130] F2FS-fs (loop3): Found nat_bits in checkpoint [pid 1138] mount("/dev/loop4", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"..../strace-static-x86_64: Process 1146 attached [pid 1146] set_robust_list(0x7f537f40c9a0, 24) = 0 [pid 1146] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1146] memfd_create("syzkaller", 0) = 3 [pid 1146] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5376fec000 [ 62.007692][ T1129] F2FS-fs (loop0): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 62.018040][ T1138] F2FS-fs (loop4): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 62.051260][ T1129] F2FS-fs (loop0): Found nat_bits in checkpoint [ 62.059561][ T1134] F2FS-fs (loop1): Found nat_bits in checkpoint [ 62.068740][ T1138] F2FS-fs (loop4): Found nat_bits in checkpoint [ 62.079465][ T1130] F2FS-fs (loop3): Cannot turn on quotas: -2 on 0 [ 62.085916][ T1130] F2FS-fs (loop3): Cannot turn on quotas: -2 on 1 [pid 1146] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119 [pid 1146] munmap(0x7f5376fec000, 138412032) = 0 [pid 1146] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 1146] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 1146] close(3) = 0 [ 62.156465][ T1130] F2FS-fs (loop3): Cannot turn on quotas: -2 on 2 [ 62.192863][ T1130] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [pid 1146] close(4 [pid 1130] <... mount resumed>) = 0 [pid 1130] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 1146] <... close resumed>) = 0 [pid 1130] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 1146] mkdir("./file0", 0777 [pid 1130] <... openat resumed>) = 4 [pid 1146] <... mkdir resumed>) = 0 [pid 1146] mount("/dev/loop2", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 1130] ioctl(4, LOOP_CLR_FD) = 0 [pid 1130] close(4) = 0 [pid 1130] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1138] <... mount resumed>) = 0 [pid 1138] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 1138] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 1138] ioctl(4, LOOP_CLR_FD) = 0 [pid 1138] close(4) = 0 [pid 1138] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1137] <... futex resumed>) = 0 [pid 1137] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1137] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1138] <... futex resumed>) = 1 [pid 1138] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 1138] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1137] <... futex resumed>) = 0 [pid 1137] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1137] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1138] <... futex resumed>) = 1 [pid 1138] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 1130] <... futex resumed>) = 1 [pid 1123] <... futex resumed>) = 0 [pid 1123] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1130] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 1123] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1130] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1123] <... futex resumed>) = 0 [pid 1130] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 1123] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1130] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 1123] <... futex resumed>) = 0 [ 62.203527][ T1138] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0 [ 62.210420][ T1138] F2FS-fs (loop4): Cannot turn on quotas: -2 on 1 [ 62.218366][ T1138] F2FS-fs (loop4): Cannot turn on quotas: -2 on 2 [ 62.226139][ T1138] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [pid 1123] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1137] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 1137] futex(0x7f537f4dd6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1137] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f537f3cb000 [pid 1137] mprotect(0x7f537f3cc000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 1137] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1137] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f3eb990, parent_tid=0x7f537f3eb990, exit_signal=0, stack=0x7f537f3cb000, stack_size=0x20240, tls=0x7f537f3eb6c0} => {parent_tid=[1158]}, 88) = 1158 [pid 1137] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1137] futex(0x7f537f4dd6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1137] futex(0x7f537f4dd6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1134] <... mount resumed>) = 0 [pid 1134] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 1134] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 1134] ioctl(4, LOOP_CLR_FD) = 0 [pid 1134] close(4) = 0 [pid 1134] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1133] <... futex resumed>) = 0 [pid 1134] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1133] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1123] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 1133] <... futex resumed>) = 1 [pid 1123] futex(0x7f537f4dd6dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1133] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1123] <... futex resumed>) = 0 [pid 1123] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 1134] <... futex resumed>) = 0 [pid 1123] <... mmap resumed>) = 0x7f537f3cb000 [pid 1123] mprotect(0x7f537f3cc000, 131072, PROT_READ|PROT_WRITE [pid 1134] fspick(AT_FDCWD, "./file0", 0 [pid 1123] <... mprotect resumed>) = 0 [pid 1134] <... fspick resumed>) = 4 [pid 1123] rt_sigprocmask(SIG_BLOCK, ~[], [pid 1134] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1123] <... rt_sigprocmask resumed>[], 8) = 0 [pid 1134] <... futex resumed>) = 1 [pid 1134] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1133] <... futex resumed>) = 0 [pid 1123] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f3eb990, parent_tid=0x7f537f3eb990, exit_signal=0, stack=0x7f537f3cb000, stack_size=0x20240, tls=0x7f537f3eb6c0} [pid 1133] futex(0x7f537f4dd6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1134] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1134] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 1133] <... futex resumed>) = 0 [pid 1123] <... clone3 resumed> => {parent_tid=[1159]}, 88) = 1159 [pid 1133] futex(0x7f537f4dd6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1123] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1123] futex(0x7f537f4dd6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 ./strace-static-x86_64: Process 1159 attached [pid 1123] futex(0x7f537f4dd6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1159] set_robust_list(0x7f537f3eb9a0, 24) = 0 [pid 1159] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [ 62.248896][ T1146] F2FS-fs (loop2): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 62.249889][ T1134] F2FS-fs (loop1): Cannot turn on quotas: -2 on 0 [ 62.264933][ T1134] F2FS-fs (loop1): Cannot turn on quotas: -2 on 1 [ 62.272294][ T1134] F2FS-fs (loop1): Cannot turn on quotas: -2 on 2 [ 62.273306][ T1129] F2FS-fs (loop0): Cannot turn on quotas: -2 on 0 [ 62.279019][ T1134] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 62.301845][ T1159] ================================================================== [ 62.302208][ T1129] F2FS-fs (loop0): Cannot turn on quotas: -2 on 1 [ 62.310981][ T1159] BUG: KASAN: null-ptr-deref in kthread_stop+0x3b/0x410 [ 62.310992][ T1159] Write of size 4 at addr 0000000000000020 by task syz-executor860/1159 [ 62.310994][ T1159] [ 62.311012][ T1159] CPU: 1 PID: 1159 Comm: syz-executor860 Not tainted 5.10.234-syzkaller-00033-g094fc3778d6b #0 [ 62.311018][ T1159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 62.311032][ T1159] Call Trace: [ 62.318577][ T1129] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2 [ 62.325976][ T1159] dump_stack_lvl+0x1e2/0x24b [ 62.325987][ T1159] ? panic+0x812/0x812 [ 62.325998][ T1159] ? bfq_pos_tree_add_move+0x43b/0x43b [ 62.326018][ T1159] ? __wake_up+0x120/0x1c0 [ 62.391645][ T1159] kasan_report+0x167/0x1c0 [ 62.397528][ T1159] ? f2fs_sanity_check_ckpt+0x3040/0x3040 [ 62.404407][ T1159] ? kthread_stop+0x3b/0x410 [ 62.409219][ T1159] ? kthread_stop+0x3b/0x410 [ 62.414734][ T1159] kasan_check_range+0x293/0x2a0 [ 62.419895][ T1159] __kasan_check_write+0x14/0x20 [ 62.425210][ T1159] kthread_stop+0x3b/0x410 [ 62.429737][ T1159] f2fs_stop_gc_thread+0x65/0xb0 [ 62.435448][ T1159] __f2fs_ioctl+0x7830/0xda80 [ 62.440216][ T1159] ? _raw_spin_unlock_irq+0x4e/0x70 [ 62.445463][ T1159] ? finish_task_switch+0x130/0x5a0 [ 62.451298][ T1159] ? switch_mm_irqs_off+0x71b/0x9a0 [ 62.456632][ T1159] ? __switch_to_asm+0x34/0x60 [ 62.461672][ T1159] ? __schedule+0xbee/0x1330 [ 62.466617][ T1159] ? release_firmware_map_entry+0x18d/0x18d [ 62.472776][ T1159] ? f2fs_ioctl+0x550/0x550 [ 62.477921][ T1159] ? preempt_schedule_irq+0xe7/0x140 [ 62.483200][ T1159] ? preempt_schedule_notrace+0x140/0x140 [ 62.489329][ T1159] ? irqentry_exit+0x4f/0x60 [ 62.494271][ T1159] ? sysvec_reschedule_ipi+0x83/0x160 [ 62.500221][ T1159] ? asm_sysvec_reschedule_ipi+0x12/0x20 [ 62.506143][ T1159] ? do_vfs_ioctl+0xf6/0x1a30 [ 62.511069][ T1159] ? do_vfs_ioctl+0x33e/0x1a30 [ 62.515965][ T1159] ? do_vfs_ioctl+0x793/0x1a30 [ 62.521040][ T1159] ? do_vfs_ioctl+0x798/0x1a30 [ 62.526205][ T1159] ? ioctl_has_perm+0x3f0/0x560 [ 62.531396][ T1159] ? __x32_compat_sys_ioctl+0x90/0x90 [ 62.537046][ T1159] ? has_cap_mac_admin+0x3c0/0x3c0 [ 62.542887][ T1159] ? __kasan_check_write+0x14/0x20 [ 62.548029][ T1159] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 62.553205][ T1159] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 62.558414][ T1159] ? _raw_spin_unlock_irq+0x4e/0x70 [ 62.564233][ T1159] ? cgroup_leave_frozen+0x164/0x2c0 [ 62.569807][ T1159] ? selinux_file_ioctl+0x3cc/0x540 [ 62.575020][ T1159] ? selinux_file_alloc_security+0x120/0x120 [ 62.582054][ T1159] ? __fget_files+0x31e/0x380 [ 62.587239][ T1159] f2fs_ioctl+0x170/0x550 [ 62.591856][ T1159] ? f2fs_precache_extents+0x440/0x440 [ 62.597392][ T1159] __se_sys_ioctl+0x114/0x190 [ 62.602261][ T1159] __x64_sys_ioctl+0x7b/0x90 [ 62.607322][ T1159] do_syscall_64+0x34/0x70 [ 62.612148][ T1159] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 62.619067][ T1159] RIP: 0033:0x7f537f450649 [ 62.623429][ T1159] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 62.645167][ T1159] RSP: 002b:00007f537f3eb168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 62.653616][ T1159] RAX: ffffffffffffffda RBX: 00007f537f4dd6d8 RCX: 00007f537f450649 [ 62.661907][ T1159] RDX: 0000200000000140 RSI: 000000008004587d RDI: 0000000000000005 [ 62.670250][ T1159] RBP: 00007f537f4dd6d0 R08: 00007f537f3eb6c0 R09: 0000000000000000 [ 62.679154][ T1159] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f537f4dd6dc [ 62.687211][ T1159] R13: 000000000000006e R14: 00007fff71741240 R15: 00007fff71741328 [ 62.696137][ T1159] ================================================================== [pid 1159] openat(AT_FDCWD, "./file0", O_RDONLY) = 5 [pid 1159] futex(0x7f537f4dd6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1123] <... futex resumed>) = 0 [pid 1159] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 1123] futex(0x7f537f4dd6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1123] futex(0x7f537f4dd6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1138] <... fsconfig resumed>) = 0 [pid 1138] futex(0x7f537f4dd6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1138] futex(0x7f537f4dd6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1137] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 1133] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 1123] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 1133] futex(0x7f537f4dd6dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1123] futex(0x7f537f4dd6ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 1133] <... futex resumed>) = 0 [pid 1123] <... futex resumed>) = 0 [pid 1133] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 1123] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 1133] <... mmap resumed>) = 0x7f537f3cb000 [pid 1123] <... mmap resumed>) = 0x7f537f3aa000 [pid 1133] mprotect(0x7f537f3cc000, 131072, PROT_READ|PROT_WRITE [pid 1123] mprotect(0x7f537f3ab000, 131072, PROT_READ|PROT_WRITE [pid 1133] <... mprotect resumed>) = 0 [pid 1123] <... mprotect resumed>) = 0 [pid 1133] rt_sigprocmask(SIG_BLOCK, ~[], [pid 1123] rt_sigprocmask(SIG_BLOCK, ~[], [pid 1133] <... rt_sigprocmask resumed>[], 8) = 0 [pid 1123] <... rt_sigprocmask resumed>[], 8) = 0 [pid 1133] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f3eb990, parent_tid=0x7f537f3eb990, exit_signal=0, stack=0x7f537f3cb000, stack_size=0x20240, tls=0x7f537f3eb6c0} [pid 1123] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f537f3ca990, parent_tid=0x7f537f3ca990, exit_signal=0, stack=0x7f537f3aa000, stack_size=0x20240, tls=0x7f537f3ca6c0} [pid 1133] <... clone3 resumed> => {parent_tid=[1164]}, 88) = 1164 [pid 1123] <... clone3 resumed> => {parent_tid=[1163]}, 88) = 1163 [pid 1133] rt_sigprocmask(SIG_SETMASK, [], [pid 1123] rt_sigprocmask(SIG_SETMASK, [], [pid 1133] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 1123] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 1133] futex(0x7f537f4dd6d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1123] futex(0x7f537f4dd6e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1133] <... futex resumed>) = 0 [pid 1123] <... futex resumed>) = 0 [pid 1133] futex(0x7f537f4dd6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 62.704533][ T1159] Disabling lock debugging due to kernel taint [ 62.712986][ T1129] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 62.716541][ T1159] BUG: kernel NULL pointer dereference, address: 0000000000000020 [ 62.729779][ T1159] #PF: supervisor write access in kernel mode [ 62.736374][ T1159] #PF: error_code(0x0002) - not-present page [ 62.743036][ T1159] PGD 0 P4D 0 [ 62.747010][ T1159] Oops: 0002 [#1] PREEMPT SMP KASAN [ 62.752751][ T1159] CPU: 1 PID: 1159 Comm: syz-executor860 Tainted: G B 5.10.234-syzkaller-00033-g094fc3778d6b #0 [ 62.764641][ T1159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 62.775049][ T1159] RIP: 0010:kthread_stop+0x40/0x410 [ 62.780334][ T1159] Code: 00 fc ff df e8 31 26 24 00 0f 1f 44 00 00 e8 27 26 24 00 4d 8d 74 24 20 4c 89 f7 be 04 00 00 00 e8 55 c7 61 00 bb 01 00 00 00 41 0f c1 5c 24 20 31 ff 89 de e8 b0 29 24 00 85 db 0f 84 2f 01 [ 62.800404][ T1159] RSP: 0018:ffffc90002eb7838 EFLAGS: 00010246 [ 62.806281][ T1159] RAX: ffff8881198a1300 RBX: 0000000000000001 RCX: ffff8881198a13c0 [ 62.814452][ T1159] RDX: 0000000000000000 RSI: 0000000000000282 RDI: 00000000ffffffff [ 62.822560][ T1159] RBP: ffffc90002eb7860 R08: ffffffff813e2b8b R09: 0000000000000003 [ 62.831086][ T1159] R10: fffffbfff0e11248 R11: dffffc0000000001 R12: 0000000000000000 [ 62.839267][ T1159] R13: dffffc0000000000 R14: 0000000000000020 R15: dffffc0000000000 [ 62.847251][ T1159] FS: 00007f537f3eb6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 62.856558][ T1159] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 62.863205][ T1159] CR2: 0000000000000020 CR3: 0000000117ba5000 CR4: 00000000003506a0 [ 62.871277][ T1159] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 62.879850][ T1159] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 62.887828][ T1159] Call Trace: [ 62.891057][ T1159] ? __die_body+0x62/0xb0 [ 62.896074][ T1159] ? __die+0x7e/0x90 [ 62.900088][ T1159] ? no_context+0x9f9/0xd20 [ 62.904468][ T1159] ? is_prefetch+0x5c0/0x5c0 [ 62.909191][ T1159] ? preempt_schedule+0xd9/0xe0 [ 62.914773][ T1159] ? __kasan_check_read+0x11/0x20 [ 62.920099][ T1159] ? preempt_schedule_common+0xbe/0xf0 [ 62.925999][ T1159] ? preempt_schedule+0xd9/0xe0 [ 62.930783][ T1159] ? __bad_area_nosemaphore+0xc4/0x430 [ 62.936530][ T1159] ? bad_area_nosemaphore+0x2d/0x40 [ 62.941740][ T1159] ? exc_page_fault+0x3df/0x5b0 [ 62.946961][ T1159] ? asm_exc_page_fault+0x1e/0x30 [ 62.952183][ T1159] ? check_panic_on_warn+0x5b/0xb0 [ 62.957348][ T1159] ? kthread_stop+0x40/0x410 [ 62.961703][ T1159] ? kthread_stop+0x3b/0x410 [ 62.966128][ T1159] f2fs_stop_gc_thread+0x65/0xb0 [ 62.971041][ T1159] __f2fs_ioctl+0x7830/0xda80 [ 62.975830][ T1159] ? _raw_spin_unlock_irq+0x4e/0x70 [ 62.980886][ T1159] ? finish_task_switch+0x130/0x5a0 [ 62.986161][ T1159] ? switch_mm_irqs_off+0x71b/0x9a0 [ 62.991328][ T1159] ? __switch_to_asm+0x34/0x60 [ 62.995919][ T1159] ? __schedule+0xbee/0x1330 [ 63.000608][ T1159] ? release_firmware_map_entry+0x18d/0x18d [ 63.006772][ T1159] ? f2fs_ioctl+0x550/0x550 [ 63.011401][ T1159] ? preempt_schedule_irq+0xe7/0x140 [ 63.017201][ T1159] ? preempt_schedule_notrace+0x140/0x140 [ 63.023119][ T1159] ? irqentry_exit+0x4f/0x60 [ 63.028263][ T1159] ? sysvec_reschedule_ipi+0x83/0x160 [ 63.033499][ T1159] ? asm_sysvec_reschedule_ipi+0x12/0x20 [ 63.039172][ T1159] ? do_vfs_ioctl+0xf6/0x1a30 [ 63.043733][ T1159] ? do_vfs_ioctl+0x33e/0x1a30 [ 63.048400][ T1159] ? do_vfs_ioctl+0x793/0x1a30 [ 63.053812][ T1159] ? do_vfs_ioctl+0x798/0x1a30 [ 63.059454][ T1159] ? ioctl_has_perm+0x3f0/0x560 [ 63.064744][ T1159] ? __x32_compat_sys_ioctl+0x90/0x90 [ 63.070437][ T1159] ? has_cap_mac_admin+0x3c0/0x3c0 [ 63.075466][ T1159] ? __kasan_check_write+0x14/0x20 [ 63.080827][ T1159] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 63.085937][ T1159] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 63.091423][ T1159] ? _raw_spin_unlock_irq+0x4e/0x70 [ 63.097859][ T1159] ? cgroup_leave_frozen+0x164/0x2c0 [ 63.103426][ T1159] ? selinux_file_ioctl+0x3cc/0x540 [ 63.109693][ T1159] ? selinux_file_alloc_security+0x120/0x120 [ 63.115681][ T1159] ? __fget_files+0x31e/0x380 [ 63.120180][ T1159] f2fs_ioctl+0x170/0x550 [ 63.124429][ T1159] ? f2fs_precache_extents+0x440/0x440 [ 63.130113][ T1159] __se_sys_ioctl+0x114/0x190 [ 63.134880][ T1159] __x64_sys_ioctl+0x7b/0x90 [ 63.139424][ T1159] do_syscall_64+0x34/0x70 [ 63.143736][ T1159] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 63.150191][ T1159] RIP: 0033:0x7f537f450649 [ 63.155185][ T1159] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 63.175623][ T1159] RSP: 002b:00007f537f3eb168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 63.184679][ T1159] RAX: ffffffffffffffda RBX: 00007f537f4dd6d8 RCX: 00007f537f450649 [ 63.193031][ T1159] RDX: 0000200000000140 RSI: 000000008004587d RDI: 0000000000000005 [ 63.201270][ T1159] RBP: 00007f537f4dd6d0 R08: 00007f537f3eb6c0 R09: 0000000000000000 [ 63.209616][ T1159] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f537f4dd6dc [ 63.217661][ T1159] R13: 000000000000006e R14: 00007fff71741240 R15: 00007fff71741328 [ 63.226120][ T1159] Modules linked in: [ 63.230402][ T1159] CR2: 0000000000000020 [ 63.234720][ T1159] ---[ end trace dffac2f5d630d574 ]--- [ 63.240966][ T1159] RIP: 0010:kthread_stop+0x40/0x410 [ 63.249308][ T1159] Code: 00 fc ff df e8 31 26 24 00 0f 1f 44 00 00 e8 27 26 24 00 4d 8d 74 24 20 4c 89 f7 be 04 00 00 00 e8 55 c7 61 00 bb 01 00 00 00 41 0f c1 5c 24 20 31 ff 89 de e8 b0 29 24 00 85 db 0f 84 2f 01 [ 63.270599][ T1159] RSP: 0018:ffffc90002eb7838 EFLAGS: 00010246 [ 63.277524][ T1159] RAX: ffff8881198a1300 RBX: 0000000000000001 RCX: ffff8881198a13c0 [ 63.288043][ T1159] RDX: 0000000000000000 RSI: 0000000000000282 RDI: 00000000ffffffff [ 63.297278][ T1159] RBP: ffffc90002eb7860 R08: ffffffff813e2b8b R09: 0000000000000003 [ 63.306140][ T1159] R10: fffffbfff0e11248 R11: dffffc0000000001 R12: 0000000000000000 [ 63.315306][ T1159] R13: dffffc0000000000 R14: 0000000000000020 R15: dffffc0000000000 [ 63.323939][ T1159] FS: 00007f537f3eb6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 63.333982][ T1159] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 63.344403][ T1159] CR2: 0000000000000020 CR3: 0000000117ba5000 CR4: 00000000003506a0 [ 63.354630][ T1159] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 63.364303][ T1159] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 63.374283][ T1159] Kernel panic - not syncing: Fatal exception [ 63.381348][ T1159] Kernel Offset: disabled [ 63.385966][ T1159] Rebooting in 86400 seconds..