./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor514954504 <...> Warning: Permanently added '10.128.1.76' (ED25519) to the list of known hosts. execve("./syz-executor514954504", ["./syz-executor514954504"], 0x7ffcb07e42e0 /* 10 vars */) = 0 brk(NULL) = 0x55555563d000 brk(0x55555563de00) = 0x55555563de00 arch_prctl(ARCH_SET_FS, 0x55555563d480) = 0 set_tid_address(0x55555563d750) = 5061 set_robust_list(0x55555563d760, 24) = 0 rseq(0x55555563dda0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor514954504", 4096) = 27 getrandom("\xbd\x32\x3e\x7f\x76\xcb\x56\x33", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55555563de00 brk(0x55555565ee00) = 0x55555565ee00 brk(0x55555565f000) = 0x55555565f000 mprotect(0x7f8f4c5f0000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 rt_sigaction(SIGRTMIN, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0 rt_sigaction(SIGSEGV, {sa_handler=0x7f8f4c545940, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f8f4c54e180}, NULL, 8) = 0 rt_sigaction(SIGBUS, {sa_handler=0x7f8f4c545940, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f8f4c54e180}, NULL, 8) = 0 [ 72.467843][ T27] audit: type=1400 audit(1703847388.437:83): avc: denied { execmem } for pid=5061 comm="syz-executor514" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 mkdir("./syzkaller.rUEc1j", 0700) = 0 chmod("./syzkaller.rUEc1j", 0777) = 0 chdir("./syzkaller.rUEc1j") = 0 mkdir("./0", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555563d750) = 5062 ./strace-static-x86_64: Process 5062 attached [pid 5062] set_robust_list(0x55555563d760, 24) = 0 [pid 5062] chdir("./0") = 0 [pid 5062] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5062] setpgid(0, 0) = 0 [pid 5062] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5062] write(3, "1000", 4) = 4 [pid 5062] close(3) = 0 [pid 5062] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5062] memfd_create("syzkaller", 0) = 3 [pid 5062] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [ 72.556981][ T27] audit: type=1400 audit(1703847388.527:84): avc: denied { read write } for pid=5061 comm="syz-executor514" name="loop0" dev="devtmpfs" ino=648 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 72.582182][ T27] audit: type=1400 audit(1703847388.527:85): avc: denied { open } for pid=5061 comm="syz-executor514" path="/dev/loop0" dev="devtmpfs" ino=648 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 72.608615][ T27] audit: type=1400 audit(1703847388.537:86): avc: denied { ioctl } for pid=5061 comm="syz-executor514" path="/dev/loop0" dev="devtmpfs" ino=648 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [pid 5062] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5062] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5062] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5062] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5062] close(3) = 0 [pid 5062] mkdir("./file0", 0777) = 0 [ 72.715162][ T5062] loop0: detected capacity change from 0 to 8192 [ 72.739962][ T27] audit: type=1400 audit(1703847388.707:87): avc: denied { mounton } for pid=5062 comm="syz-executor514" path="/root/syzkaller.rUEc1j/0/file0" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 72.756839][ T5062] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 72.777736][ T5062] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 72.787211][ T5062] REISERFS (device loop0): using ordered data mode [ 72.793742][ T5062] reiserfs: using flush barriers [pid 5062] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5062] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5062] chdir("./file0") = 0 [ 72.800623][ T5062] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 72.817326][ T5062] REISERFS (device loop0): checking transaction log (loop0) [ 72.827491][ T5062] REISERFS (device loop0): Using tea hash to sort names [ 72.835883][ T5062] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5062] ioctl(4, LOOP_CLR_FD) = 0 [pid 5062] close(4) = 0 [pid 5062] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5062] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5062] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5062] exit_group(0) = ? [ 72.846570][ T27] audit: type=1400 audit(1703847388.817:88): avc: denied { mount } for pid=5062 comm="syz-executor514" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [pid 5062] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5062, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=14 /* 0.14 s */} --- umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./0/binderfs") = 0 [ 72.966644][ T27] audit: type=1400 audit(1703847388.937:89): avc: denied { unmount } for pid=5061 comm="syz-executor514" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./0/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./0/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./0") = 0 mkdir("./1", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5065 attached , child_tidptr=0x55555563d750) = 5065 [pid 5065] set_robust_list(0x55555563d760, 24) = 0 [pid 5065] chdir("./1") = 0 [pid 5065] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5065] setpgid(0, 0) = 0 [pid 5065] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5065] write(3, "1000", 4) = 4 [pid 5065] close(3) = 0 [pid 5065] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5065] memfd_create("syzkaller", 0) = 3 [pid 5065] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5065] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5065] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5065] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5065] close(3) = 0 [pid 5065] mkdir("./file0", 0777) = 0 [ 73.248108][ T5065] loop0: detected capacity change from 0 to 8192 [ 73.255990][ T27] audit: type=1400 audit(1703847389.227:90): avc: denied { append } for pid=4493 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 73.279173][ T27] audit: type=1400 audit(1703847389.227:91): avc: denied { open } for pid=4493 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 73.302213][ T27] audit: type=1400 audit(1703847389.227:92): avc: denied { getattr } for pid=4493 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 73.312806][ T5065] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 73.337995][ T5065] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 73.347432][ T5065] REISERFS (device loop0): using ordered data mode [ 73.353994][ T5065] reiserfs: using flush barriers [ 73.360668][ T5065] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 73.377165][ T5065] REISERFS (device loop0): checking transaction log (loop0) [ 73.385313][ T5065] REISERFS (device loop0): Using tea hash to sort names [pid 5065] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5065] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5065] chdir("./file0") = 0 [pid 5065] ioctl(4, LOOP_CLR_FD) = 0 [pid 5065] close(4) = 0 [pid 5065] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5065] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5065] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [ 73.392855][ T5065] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5065] exit_group(0) = ? [pid 5065] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5065, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./1/binderfs") = 0 umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./1/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1") = 0 mkdir("./2", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5067 attached , child_tidptr=0x55555563d750) = 5067 [pid 5067] set_robust_list(0x55555563d760, 24) = 0 [pid 5067] chdir("./2") = 0 [pid 5067] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5067] setpgid(0, 0) = 0 [pid 5067] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5067] write(3, "1000", 4) = 4 [pid 5067] close(3) = 0 [pid 5067] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5067] memfd_create("syzkaller", 0) = 3 [pid 5067] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5067] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5067] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5067] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5067] close(3) = 0 [pid 5067] mkdir("./file0", 0777) = 0 [ 73.777889][ T5067] loop0: detected capacity change from 0 to 8192 [ 73.799655][ T5067] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 73.812697][ T5067] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [pid 5067] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5067] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5067] chdir("./file0") = 0 [pid 5067] ioctl(4, LOOP_CLR_FD) = 0 [pid 5067] close(4) = 0 [ 73.822170][ T5067] REISERFS (device loop0): using ordered data mode [ 73.828751][ T5067] reiserfs: using flush barriers [ 73.835112][ T5067] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 73.851762][ T5067] REISERFS (device loop0): checking transaction log (loop0) [ 73.859937][ T5067] REISERFS (device loop0): Using tea hash to sort names [ 73.867446][ T5067] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5067] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5067] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5067] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5067] exit_group(0) = ? [pid 5067] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5067, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./2/binderfs") = 0 umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./2/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./2/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./2") = 0 mkdir("./3", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5069 attached , child_tidptr=0x55555563d750) = 5069 [pid 5069] set_robust_list(0x55555563d760, 24) = 0 [pid 5069] chdir("./3") = 0 [pid 5069] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5069] setpgid(0, 0) = 0 [pid 5069] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5069] write(3, "1000", 4) = 4 [pid 5069] close(3) = 0 [pid 5069] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5069] memfd_create("syzkaller", 0) = 3 [pid 5069] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5069] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5069] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5069] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5069] close(3) = 0 [pid 5069] mkdir("./file0", 0777) = 0 [ 74.215956][ T5069] loop0: detected capacity change from 0 to 8192 [ 74.231332][ T5069] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 74.244507][ T5069] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 74.253824][ T5069] REISERFS (device loop0): using ordered data mode [ 74.260528][ T5069] reiserfs: using flush barriers [pid 5069] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5069] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5069] chdir("./file0") = 0 [pid 5069] ioctl(4, LOOP_CLR_FD) = 0 [pid 5069] close(4) = 0 [pid 5069] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5069] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [ 74.267245][ T5069] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 74.284165][ T5069] REISERFS (device loop0): checking transaction log (loop0) [ 74.292665][ T5069] REISERFS (device loop0): Using tea hash to sort names [ 74.300224][ T5069] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5069] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5069] exit_group(0) = ? [pid 5069] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5069, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./3/binderfs") = 0 umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./3/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./3/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./3") = 0 mkdir("./4", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5071 attached , child_tidptr=0x55555563d750) = 5071 [pid 5071] set_robust_list(0x55555563d760, 24) = 0 [pid 5071] chdir("./4") = 0 [pid 5071] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5071] setpgid(0, 0) = 0 [pid 5071] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5071] write(3, "1000", 4) = 4 [pid 5071] close(3) = 0 [pid 5071] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5071] memfd_create("syzkaller", 0) = 3 [pid 5071] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5071] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5071] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5071] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5071] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5071] close(3) = 0 [pid 5071] mkdir("./file0", 0777) = 0 [ 74.788328][ T5071] loop0: detected capacity change from 0 to 8192 [ 74.804619][ T5071] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 74.817868][ T5071] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 74.827602][ T5071] REISERFS (device loop0): using ordered data mode [pid 5071] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5071] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5071] chdir("./file0") = 0 [pid 5071] ioctl(4, LOOP_CLR_FD) = 0 [pid 5071] close(4) = 0 [pid 5071] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5071] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5071] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5071] exit_group(0) = ? [ 74.834129][ T5071] reiserfs: using flush barriers [ 74.840884][ T5071] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 74.857420][ T5071] REISERFS (device loop0): checking transaction log (loop0) [ 74.866309][ T5071] REISERFS (device loop0): Using tea hash to sort names [ 74.873565][ T5071] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5071] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5071, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./4/binderfs") = 0 umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./4/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./4/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./4") = 0 mkdir("./5", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5073 attached , child_tidptr=0x55555563d750) = 5073 [pid 5073] set_robust_list(0x55555563d760, 24) = 0 [pid 5073] chdir("./5") = 0 [pid 5073] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5073] setpgid(0, 0) = 0 [pid 5073] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5073] write(3, "1000", 4) = 4 [pid 5073] close(3) = 0 [pid 5073] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5073] memfd_create("syzkaller", 0) = 3 [pid 5073] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5073] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5073] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5073] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5073] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5073] close(3) = 0 [pid 5073] mkdir("./file0", 0777) = 0 [ 75.276151][ T5073] loop0: detected capacity change from 0 to 8192 [ 75.290491][ T5073] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 75.303729][ T5073] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 75.313596][ T5073] REISERFS (device loop0): using ordered data mode [ 75.320695][ T5073] reiserfs: using flush barriers [pid 5073] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5073] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5073] chdir("./file0") = 0 [pid 5073] ioctl(4, LOOP_CLR_FD) = 0 [pid 5073] close(4) = 0 [ 75.327341][ T5073] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 75.345468][ T5073] REISERFS (device loop0): checking transaction log (loop0) [ 75.353926][ T5073] REISERFS (device loop0): Using tea hash to sort names [ 75.361363][ T5073] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5073] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5073] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5073] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5073] exit_group(0) = ? [pid 5073] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5073, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./5/binderfs") = 0 umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./5/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./5/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./5") = 0 mkdir("./6", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5075 attached , child_tidptr=0x55555563d750) = 5075 [pid 5075] set_robust_list(0x55555563d760, 24) = 0 [pid 5075] chdir("./6") = 0 [pid 5075] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5075] setpgid(0, 0) = 0 [pid 5075] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5075] write(3, "1000", 4) = 4 [pid 5075] close(3) = 0 [pid 5075] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5075] memfd_create("syzkaller", 0) = 3 [pid 5075] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5075] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5075] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5075] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5075] close(3) = 0 [pid 5075] mkdir("./file0", 0777) = 0 [ 75.710803][ T5075] loop0: detected capacity change from 0 to 8192 [ 75.736487][ T5075] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 75.749634][ T5075] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 75.758919][ T5075] REISERFS (device loop0): using ordered data mode [ 75.765506][ T5075] reiserfs: using flush barriers [ 75.772118][ T5075] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 75.789368][ T5075] REISERFS (device loop0): checking transaction log (loop0) [ 75.797983][ T5075] REISERFS (device loop0): Using tea hash to sort names [pid 5075] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5075] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5075] chdir("./file0") = 0 [pid 5075] ioctl(4, LOOP_CLR_FD) = 0 [pid 5075] close(4) = 0 [pid 5075] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5075] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [ 75.805264][ T5075] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5075] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5075] exit_group(0) = ? [pid 5075] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5075, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./6/binderfs") = 0 umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./6/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./6/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./6") = 0 mkdir("./7", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5077 attached , child_tidptr=0x55555563d750) = 5077 [pid 5077] set_robust_list(0x55555563d760, 24) = 0 [pid 5077] chdir("./7") = 0 [pid 5077] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5077] setpgid(0, 0) = 0 [pid 5077] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5077] write(3, "1000", 4) = 4 [pid 5077] close(3) = 0 [pid 5077] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5077] memfd_create("syzkaller", 0) = 3 [pid 5077] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5077] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5077] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5077] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5077] close(3) = 0 [pid 5077] mkdir("./file0", 0777) = 0 [ 76.189594][ T5077] loop0: detected capacity change from 0 to 8192 [ 76.215369][ T5077] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 76.228790][ T5077] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 76.238218][ T5077] REISERFS (device loop0): using ordered data mode [ 76.244895][ T5077] reiserfs: using flush barriers [ 76.251402][ T5077] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 76.268532][ T5077] REISERFS (device loop0): checking transaction log (loop0) [ 76.276906][ T5077] REISERFS (device loop0): Using tea hash to sort names [pid 5077] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5077] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5077] chdir("./file0") = 0 [pid 5077] ioctl(4, LOOP_CLR_FD) = 0 [pid 5077] close(4) = 0 [pid 5077] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 76.284247][ T5077] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5077] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5077] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5077] exit_group(0) = ? [pid 5077] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5077, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./7/binderfs") = 0 umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./7/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./7/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./7") = 0 mkdir("./8", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5079 attached , child_tidptr=0x55555563d750) = 5079 [pid 5079] set_robust_list(0x55555563d760, 24) = 0 [pid 5079] chdir("./8") = 0 [pid 5079] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5079] setpgid(0, 0) = 0 [pid 5079] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5079] write(3, "1000", 4) = 4 [pid 5079] close(3) = 0 [pid 5079] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5079] memfd_create("syzkaller", 0) = 3 [pid 5079] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5079] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5079] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5079] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5079] close(3) = 0 [pid 5079] mkdir("./file0", 0777) = 0 [ 76.716985][ T5079] loop0: detected capacity change from 0 to 8192 [ 76.733162][ T5079] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 76.746344][ T5079] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 76.755601][ T5079] REISERFS (device loop0): using ordered data mode [ 76.762119][ T5079] reiserfs: using flush barriers [pid 5079] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5079] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5079] chdir("./file0") = 0 [pid 5079] ioctl(4, LOOP_CLR_FD) = 0 [pid 5079] close(4) = 0 [pid 5079] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5079] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5079] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5079] exit_group(0) = ? [ 76.768941][ T5079] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 76.785821][ T5079] REISERFS (device loop0): checking transaction log (loop0) [ 76.794485][ T5079] REISERFS (device loop0): Using tea hash to sort names [ 76.802105][ T5079] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5079] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5079, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./8/binderfs") = 0 umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./8/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./8/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./8") = 0 mkdir("./9", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5081 attached , child_tidptr=0x55555563d750) = 5081 [pid 5081] set_robust_list(0x55555563d760, 24) = 0 [pid 5081] chdir("./9") = 0 [pid 5081] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5081] setpgid(0, 0) = 0 [pid 5081] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5081] write(3, "1000", 4) = 4 [pid 5081] close(3) = 0 [pid 5081] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5081] memfd_create("syzkaller", 0) = 3 [pid 5081] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5081] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5081] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5081] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5081] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5081] close(3) = 0 [pid 5081] mkdir("./file0", 0777) = 0 [ 77.199204][ T5081] loop0: detected capacity change from 0 to 8192 [ 77.223587][ T5081] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 77.237246][ T5081] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 77.246803][ T5081] REISERFS (device loop0): using ordered data mode [ 77.253409][ T5081] reiserfs: using flush barriers [ 77.259993][ T5081] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 77.277360][ T5081] REISERFS (device loop0): checking transaction log (loop0) [ 77.286132][ T5081] REISERFS (device loop0): Using tea hash to sort names [pid 5081] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5081] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5081] chdir("./file0") = 0 [pid 5081] ioctl(4, LOOP_CLR_FD) = 0 [pid 5081] close(4) = 0 [pid 5081] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5081] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5081] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5081] exit_group(0) = ? [pid 5081] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5081, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 77.293505][ T5081] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./9/binderfs") = 0 umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./9/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./9/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./9") = 0 mkdir("./10", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5083 attached , child_tidptr=0x55555563d750) = 5083 [pid 5083] set_robust_list(0x55555563d760, 24) = 0 [pid 5083] chdir("./10") = 0 [pid 5083] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5083] setpgid(0, 0) = 0 [pid 5083] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5083] write(3, "1000", 4) = 4 [pid 5083] close(3) = 0 [pid 5083] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5083] memfd_create("syzkaller", 0) = 3 [pid 5083] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5083] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5083] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5083] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5083] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5083] close(3) = 0 [pid 5083] mkdir("./file0", 0777) = 0 [ 77.688822][ T5083] loop0: detected capacity change from 0 to 8192 [ 77.707062][ T5083] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 77.720204][ T5083] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 77.730066][ T5083] REISERFS (device loop0): using ordered data mode [pid 5083] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5083] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5083] chdir("./file0") = 0 [ 77.736702][ T5083] reiserfs: using flush barriers [ 77.743571][ T5083] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 77.760967][ T5083] REISERFS (device loop0): checking transaction log (loop0) [ 77.769778][ T5083] REISERFS (device loop0): Using tea hash to sort names [ 77.777582][ T5083] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5083] ioctl(4, LOOP_CLR_FD) = 0 [pid 5083] close(4) = 0 [pid 5083] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5083] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5083] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5083] exit_group(0) = ? [pid 5083] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5083, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./10/binderfs") = 0 umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./10/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./10/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./10") = 0 mkdir("./11", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5085 attached , child_tidptr=0x55555563d750) = 5085 [pid 5085] set_robust_list(0x55555563d760, 24) = 0 [pid 5085] chdir("./11") = 0 [pid 5085] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5085] setpgid(0, 0) = 0 [pid 5085] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5085] write(3, "1000", 4) = 4 [pid 5085] close(3) = 0 [pid 5085] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5085] memfd_create("syzkaller", 0) = 3 [pid 5085] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5085] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5085] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5085] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5085] close(3) = 0 [pid 5085] mkdir("./file0", 0777) = 0 [ 78.165556][ T5085] loop0: detected capacity change from 0 to 8192 [ 78.191708][ T5085] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 78.204936][ T5085] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 78.214295][ T5085] REISERFS (device loop0): using ordered data mode [ 78.221219][ T5085] reiserfs: using flush barriers [ 78.228014][ T5085] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 78.245048][ T5085] REISERFS (device loop0): checking transaction log (loop0) [ 78.253996][ T5085] REISERFS (device loop0): Using tea hash to sort names [pid 5085] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5085] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5085] chdir("./file0") = 0 [ 78.261555][ T5085] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5085] ioctl(4, LOOP_CLR_FD) = 0 [pid 5085] close(4) = 0 [pid 5085] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5085] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5085] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5085] exit_group(0) = ? [pid 5085] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5085, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./11/binderfs") = 0 umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./11/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./11/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./11") = 0 mkdir("./12", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5087 attached [pid 5087] set_robust_list(0x55555563d760, 24) = 0 [pid 5087] chdir("./12") = 0 [pid 5061] <... clone resumed>, child_tidptr=0x55555563d750) = 5087 [pid 5087] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5087] setpgid(0, 0) = 0 [pid 5087] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5087] write(3, "1000", 4) = 4 [pid 5087] close(3) = 0 [pid 5087] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5087] memfd_create("syzkaller", 0) = 3 [pid 5087] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5087] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5087] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5087] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5087] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5087] close(3) = 0 [pid 5087] mkdir("./file0", 0777) = 0 [ 78.776011][ T5087] loop0: detected capacity change from 0 to 8192 [ 78.790994][ T5087] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 78.804663][ T5087] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 78.814069][ T5087] REISERFS (device loop0): using ordered data mode [ 78.821051][ T5087] reiserfs: using flush barriers [pid 5087] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5087] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5087] chdir("./file0") = 0 [pid 5087] ioctl(4, LOOP_CLR_FD) = 0 [pid 5087] close(4) = 0 [pid 5087] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5087] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5087] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [ 78.827921][ T5087] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 78.844554][ T5087] REISERFS (device loop0): checking transaction log (loop0) [ 78.853469][ T5087] REISERFS (device loop0): Using tea hash to sort names [ 78.861779][ T5087] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5087] exit_group(0) = ? [pid 5087] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5087, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./12/binderfs") = 0 umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./12/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./12/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./12") = 0 mkdir("./13", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5089 attached , child_tidptr=0x55555563d750) = 5089 [pid 5089] set_robust_list(0x55555563d760, 24) = 0 [pid 5089] chdir("./13") = 0 [pid 5089] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5089] setpgid(0, 0) = 0 [pid 5089] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5089] write(3, "1000", 4) = 4 [pid 5089] close(3) = 0 [pid 5089] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5089] memfd_create("syzkaller", 0) = 3 [pid 5089] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5089] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5089] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5089] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5089] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5089] close(3) = 0 [pid 5089] mkdir("./file0", 0777) = 0 [ 79.301891][ T5089] loop0: detected capacity change from 0 to 8192 [ 79.322573][ T5089] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 79.335618][ T5089] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 79.344862][ T5089] REISERFS (device loop0): using ordered data mode [pid 5089] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5089] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5089] chdir("./file0") = 0 [pid 5089] ioctl(4, LOOP_CLR_FD) = 0 [pid 5089] close(4) = 0 [ 79.351427][ T5089] reiserfs: using flush barriers [ 79.357968][ T5089] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 79.375633][ T5089] REISERFS (device loop0): checking transaction log (loop0) [ 79.383888][ T5089] REISERFS (device loop0): Using tea hash to sort names [ 79.392042][ T5089] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5089] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5089] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5089] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5089] exit_group(0) = ? [pid 5089] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5089, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./13/binderfs") = 0 umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./13/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./13/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./13") = 0 mkdir("./14", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5091 attached , child_tidptr=0x55555563d750) = 5091 [pid 5091] set_robust_list(0x55555563d760, 24) = 0 [pid 5091] chdir("./14") = 0 [pid 5091] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5091] setpgid(0, 0) = 0 [pid 5091] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5091] write(3, "1000", 4) = 4 [pid 5091] close(3) = 0 [pid 5091] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5091] memfd_create("syzkaller", 0) = 3 [pid 5091] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5091] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5091] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5091] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5091] close(3) = 0 [pid 5091] mkdir("./file0", 0777) = 0 [ 79.800757][ T5091] loop0: detected capacity change from 0 to 8192 [ 79.811418][ T5091] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 79.824925][ T5091] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 79.834358][ T5091] REISERFS (device loop0): using ordered data mode [ 79.840938][ T5091] reiserfs: using flush barriers [pid 5091] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5091] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5091] chdir("./file0") = 0 [pid 5091] ioctl(4, LOOP_CLR_FD) = 0 [ 79.847559][ T5091] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 79.864247][ T5091] REISERFS (device loop0): checking transaction log (loop0) [ 79.872785][ T5091] REISERFS (device loop0): Using tea hash to sort names [ 79.880225][ T5091] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5091] close(4) = 0 [pid 5091] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5091] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5091] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5091] exit_group(0) = ? [pid 5091] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5091, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./14/binderfs") = 0 umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./14/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./14/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./14") = 0 mkdir("./15", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5093 attached , child_tidptr=0x55555563d750) = 5093 [pid 5093] set_robust_list(0x55555563d760, 24) = 0 [pid 5093] chdir("./15") = 0 [pid 5093] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5093] setpgid(0, 0) = 0 [pid 5093] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5093] write(3, "1000", 4) = 4 [pid 5093] close(3) = 0 [pid 5093] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5093] memfd_create("syzkaller", 0) = 3 [pid 5093] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5093] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5093] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5093] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5093] close(3) = 0 [pid 5093] mkdir("./file0", 0777) = 0 [ 80.268739][ T5093] loop0: detected capacity change from 0 to 8192 [ 80.294947][ T5093] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 80.308141][ T5093] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 80.317597][ T5093] REISERFS (device loop0): using ordered data mode [ 80.324126][ T5093] reiserfs: using flush barriers [ 80.330784][ T5093] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 80.347455][ T5093] REISERFS (device loop0): checking transaction log (loop0) [ 80.356186][ T5093] REISERFS (device loop0): Using tea hash to sort names [pid 5093] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5093] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5093] chdir("./file0") = 0 [pid 5093] ioctl(4, LOOP_CLR_FD) = 0 [pid 5093] close(4) = 0 [pid 5093] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 80.363556][ T5093] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5093] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5093] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5093] exit_group(0) = ? [pid 5093] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5093, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./15/binderfs") = 0 umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./15/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./15/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./15") = 0 mkdir("./16", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5095 attached , child_tidptr=0x55555563d750) = 5095 [pid 5095] set_robust_list(0x55555563d760, 24) = 0 [pid 5095] chdir("./16") = 0 [pid 5095] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5095] setpgid(0, 0) = 0 [pid 5095] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5095] write(3, "1000", 4) = 4 [pid 5095] close(3) = 0 [pid 5095] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5095] memfd_create("syzkaller", 0) = 3 [pid 5095] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5095] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5095] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5095] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5095] close(3) = 0 [pid 5095] mkdir("./file0", 0777) = 0 [ 80.710397][ T5095] loop0: detected capacity change from 0 to 8192 [ 80.725522][ T5095] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 80.738562][ T5095] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 80.747833][ T5095] REISERFS (device loop0): using ordered data mode [ 80.754349][ T5095] reiserfs: using flush barriers [pid 5095] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5095] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5095] chdir("./file0") = 0 [pid 5095] ioctl(4, LOOP_CLR_FD) = 0 [pid 5095] close(4) = 0 [pid 5095] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 80.760857][ T5095] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 80.777686][ T5095] REISERFS (device loop0): checking transaction log (loop0) [ 80.786414][ T5095] REISERFS (device loop0): Using tea hash to sort names [ 80.793901][ T5095] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5095] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5095] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5095] exit_group(0) = ? [pid 5095] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5095, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./16/binderfs") = 0 umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./16/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./16/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./16/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./16") = 0 mkdir("./17", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5097 attached [pid 5097] set_robust_list(0x55555563d760, 24 [pid 5061] <... clone resumed>, child_tidptr=0x55555563d750) = 5097 [pid 5097] <... set_robust_list resumed>) = 0 [pid 5097] chdir("./17") = 0 [pid 5097] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5097] setpgid(0, 0) = 0 [pid 5097] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5097] write(3, "1000", 4) = 4 [pid 5097] close(3) = 0 [pid 5097] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5097] memfd_create("syzkaller", 0) = 3 [pid 5097] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5097] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5097] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5097] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5097] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5097] close(3) = 0 [pid 5097] mkdir("./file0", 0777) = 0 [ 81.177066][ T5097] loop0: detected capacity change from 0 to 8192 [ 81.193470][ T5097] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 81.206668][ T5097] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 81.216141][ T5097] REISERFS (device loop0): using ordered data mode [pid 5097] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5097] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5097] chdir("./file0") = 0 [pid 5097] ioctl(4, LOOP_CLR_FD) = 0 [pid 5097] close(4) = 0 [pid 5097] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 81.222753][ T5097] reiserfs: using flush barriers [ 81.229481][ T5097] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 81.246479][ T5097] REISERFS (device loop0): checking transaction log (loop0) [ 81.254957][ T5097] REISERFS (device loop0): Using tea hash to sort names [ 81.262561][ T5097] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5097] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5097] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5097] exit_group(0) = ? [pid 5097] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5097, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./17/binderfs") = 0 umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./17/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./17/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./17/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./17") = 0 mkdir("./18", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5099 attached [pid 5099] set_robust_list(0x55555563d760, 24 [pid 5061] <... clone resumed>, child_tidptr=0x55555563d750) = 5099 [pid 5099] <... set_robust_list resumed>) = 0 [pid 5099] chdir("./18") = 0 [pid 5099] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5099] setpgid(0, 0) = 0 [pid 5099] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5099] write(3, "1000", 4) = 4 [pid 5099] close(3) = 0 [pid 5099] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5099] memfd_create("syzkaller", 0) = 3 [pid 5099] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5099] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5099] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5099] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5099] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5099] close(3) = 0 [pid 5099] mkdir("./file0", 0777) = 0 [ 81.727746][ T5099] loop0: detected capacity change from 0 to 8192 [ 81.744372][ T5099] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 81.757540][ T5099] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 81.767678][ T5099] REISERFS (device loop0): using ordered data mode [pid 5099] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5099] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5099] chdir("./file0") = 0 [pid 5099] ioctl(4, LOOP_CLR_FD) = 0 [pid 5099] close(4) = 0 [pid 5099] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 81.774304][ T5099] reiserfs: using flush barriers [ 81.781161][ T5099] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 81.797937][ T5099] REISERFS (device loop0): checking transaction log (loop0) [ 81.806851][ T5099] REISERFS (device loop0): Using tea hash to sort names [ 81.814417][ T5099] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5099] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5099] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5099] exit_group(0) = ? [pid 5099] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5099, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./18/binderfs") = 0 umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./18/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./18/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./18/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./18") = 0 mkdir("./19", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5101 attached , child_tidptr=0x55555563d750) = 5101 [pid 5101] set_robust_list(0x55555563d760, 24) = 0 [pid 5101] chdir("./19") = 0 [pid 5101] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5101] setpgid(0, 0) = 0 [pid 5101] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5101] write(3, "1000", 4) = 4 [pid 5101] close(3) = 0 [pid 5101] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5101] memfd_create("syzkaller", 0) = 3 [pid 5101] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5101] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5101] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5101] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5101] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5101] close(3) = 0 [pid 5101] mkdir("./file0", 0777) = 0 [ 82.375036][ T5101] loop0: detected capacity change from 0 to 8192 [ 82.397061][ T5101] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 82.411329][ T5101] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [pid 5101] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5101] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5101] chdir("./file0") = 0 [pid 5101] ioctl(4, LOOP_CLR_FD) = 0 [pid 5101] close(4) = 0 [ 82.420828][ T5101] REISERFS (device loop0): using ordered data mode [ 82.427574][ T5101] reiserfs: using flush barriers [ 82.434349][ T5101] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 82.450993][ T5101] REISERFS (device loop0): checking transaction log (loop0) [ 82.459255][ T5101] REISERFS (device loop0): Using tea hash to sort names [ 82.466760][ T5101] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5101] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5101] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5101] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5101] exit_group(0) = ? [pid 5101] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5101, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=12 /* 0.12 s */} --- umount2("./19", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./19/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./19/binderfs") = 0 umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./19/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./19/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./19/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./19") = 0 mkdir("./20", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5103 attached , child_tidptr=0x55555563d750) = 5103 [pid 5103] set_robust_list(0x55555563d760, 24) = 0 [pid 5103] chdir("./20") = 0 [pid 5103] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5103] setpgid(0, 0) = 0 [pid 5103] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5103] write(3, "1000", 4) = 4 [pid 5103] close(3) = 0 [pid 5103] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5103] memfd_create("syzkaller", 0) = 3 [pid 5103] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5103] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5103] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5103] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5103] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5103] close(3) = 0 [pid 5103] mkdir("./file0", 0777) = 0 [ 82.804997][ T5103] loop0: detected capacity change from 0 to 8192 [ 82.820348][ T5103] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 82.833790][ T5103] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 82.843275][ T5103] REISERFS (device loop0): using ordered data mode [ 82.850085][ T5103] reiserfs: using flush barriers [pid 5103] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5103] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5103] chdir("./file0") = 0 [pid 5103] ioctl(4, LOOP_CLR_FD) = 0 [pid 5103] close(4) = 0 [pid 5103] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5103] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [ 82.857012][ T5103] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 82.874232][ T5103] REISERFS (device loop0): checking transaction log (loop0) [ 82.882347][ T5103] REISERFS (device loop0): Using tea hash to sort names [ 82.890200][ T5103] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5103] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5103] exit_group(0) = ? [pid 5103] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5103, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- umount2("./20", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./20/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./20/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./20/binderfs") = 0 umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./20/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./20/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./20/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./20") = 0 mkdir("./21", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5105 attached , child_tidptr=0x55555563d750) = 5105 [pid 5105] set_robust_list(0x55555563d760, 24) = 0 [pid 5105] chdir("./21") = 0 [pid 5105] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5105] setpgid(0, 0) = 0 [pid 5105] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5105] write(3, "1000", 4) = 4 [pid 5105] close(3) = 0 [pid 5105] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5105] memfd_create("syzkaller", 0) = 3 [pid 5105] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5105] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5105] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5105] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5105] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5105] close(3) = 0 [pid 5105] mkdir("./file0", 0777) = 0 [ 83.291487][ T5105] loop0: detected capacity change from 0 to 8192 [ 83.317483][ T5105] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 83.330501][ T5105] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 83.339760][ T5105] REISERFS (device loop0): using ordered data mode [ 83.346440][ T5105] reiserfs: using flush barriers [ 83.352744][ T5105] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 83.369845][ T5105] REISERFS (device loop0): checking transaction log (loop0) [ 83.378296][ T5105] REISERFS (device loop0): Using tea hash to sort names [pid 5105] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5105] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5105] chdir("./file0") = 0 [pid 5105] ioctl(4, LOOP_CLR_FD) = 0 [pid 5105] close(4) = 0 [pid 5105] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5105] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [ 83.385762][ T5105] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5105] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5105] exit_group(0) = ? [pid 5105] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5105, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./21", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./21/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./21/binderfs") = 0 umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./21/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./21/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./21/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./21") = 0 mkdir("./22", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5107 attached , child_tidptr=0x55555563d750) = 5107 [pid 5107] set_robust_list(0x55555563d760, 24) = 0 [pid 5107] chdir("./22") = 0 [pid 5107] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5107] setpgid(0, 0) = 0 [pid 5107] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5107] write(3, "1000", 4) = 4 [pid 5107] close(3) = 0 [pid 5107] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5107] memfd_create("syzkaller", 0) = 3 [pid 5107] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5107] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5107] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5107] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5107] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5107] close(3) = 0 [pid 5107] mkdir("./file0", 0777) = 0 [ 83.730863][ T5107] loop0: detected capacity change from 0 to 8192 [ 83.746933][ T5107] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 83.759937][ T5107] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 83.769269][ T5107] REISERFS (device loop0): using ordered data mode [ 83.775829][ T5107] reiserfs: using flush barriers [pid 5107] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5107] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5107] chdir("./file0") = 0 [pid 5107] ioctl(4, LOOP_CLR_FD) = 0 [ 83.782377][ T5107] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 83.799553][ T5107] REISERFS (device loop0): checking transaction log (loop0) [ 83.808206][ T5107] REISERFS (device loop0): Using tea hash to sort names [ 83.815758][ T5107] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5107] close(4) = 0 [pid 5107] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5107] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5107] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5107] exit_group(0) = ? [pid 5107] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5107, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./22", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./22/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./22/binderfs") = 0 umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./22/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./22/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./22/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./22") = 0 mkdir("./23", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5109 attached , child_tidptr=0x55555563d750) = 5109 [pid 5109] set_robust_list(0x55555563d760, 24) = 0 [pid 5109] chdir("./23") = 0 [pid 5109] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5109] setpgid(0, 0) = 0 [pid 5109] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5109] write(3, "1000", 4) = 4 [pid 5109] close(3) = 0 [pid 5109] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5109] memfd_create("syzkaller", 0) = 3 [pid 5109] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5109] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5109] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5109] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5109] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5109] close(3) = 0 [pid 5109] mkdir("./file0", 0777) = 0 [ 84.269483][ T5109] loop0: detected capacity change from 0 to 8192 [ 84.285537][ T5109] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 84.298974][ T5109] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 84.308349][ T5109] REISERFS (device loop0): using ordered data mode [ 84.314951][ T5109] reiserfs: using flush barriers [pid 5109] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5109] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5109] chdir("./file0") = 0 [pid 5109] ioctl(4, LOOP_CLR_FD) = 0 [pid 5109] close(4) = 0 [pid 5109] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 84.321426][ T5109] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 84.338449][ T5109] REISERFS (device loop0): checking transaction log (loop0) [ 84.346833][ T5109] REISERFS (device loop0): Using tea hash to sort names [ 84.354096][ T5109] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5109] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5109] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5109] exit_group(0) = ? [pid 5109] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5109, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- umount2("./23", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./23/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./23/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./23/binderfs") = 0 umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./23/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./23/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./23/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./23") = 0 mkdir("./24", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5111 attached [pid 5111] set_robust_list(0x55555563d760, 24) = 0 [pid 5111] chdir("./24" [pid 5061] <... clone resumed>, child_tidptr=0x55555563d750) = 5111 [pid 5111] <... chdir resumed>) = 0 [pid 5111] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5111] setpgid(0, 0) = 0 [pid 5111] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5111] write(3, "1000", 4) = 4 [pid 5111] close(3) = 0 [pid 5111] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5111] memfd_create("syzkaller", 0) = 3 [pid 5111] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5111] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5111] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5111] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5111] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5111] close(3) = 0 [pid 5111] mkdir("./file0", 0777) = 0 [ 84.711629][ T5111] loop0: detected capacity change from 0 to 8192 [ 84.737079][ T5111] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 84.750395][ T5111] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 84.759994][ T5111] REISERFS (device loop0): using ordered data mode [ 84.766529][ T5111] reiserfs: using flush barriers [ 84.773268][ T5111] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 84.790053][ T5111] REISERFS (device loop0): checking transaction log (loop0) [ 84.799095][ T5111] REISERFS (device loop0): Using tea hash to sort names [pid 5111] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5111] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5111] chdir("./file0") = 0 [pid 5111] ioctl(4, LOOP_CLR_FD) = 0 [pid 5111] close(4) = 0 [pid 5111] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 84.806421][ T5111] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5111] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5111] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5111] exit_group(0) = ? [pid 5111] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5111, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./24", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./24/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./24/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./24/binderfs") = 0 umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./24/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./24/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./24/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./24") = 0 mkdir("./25", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5113 attached [pid 5113] set_robust_list(0x55555563d760, 24) = 0 [pid 5113] chdir("./25") = 0 [pid 5113] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5061] <... clone resumed>, child_tidptr=0x55555563d750) = 5113 [pid 5113] setpgid(0, 0) = 0 [pid 5113] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5113] write(3, "1000", 4) = 4 [pid 5113] close(3) = 0 [pid 5113] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5113] memfd_create("syzkaller", 0) = 3 [pid 5113] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5113] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5113] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5113] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5113] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5113] close(3) = 0 [pid 5113] mkdir("./file0", 0777) = 0 [ 85.179331][ T5113] loop0: detected capacity change from 0 to 8192 [ 85.190714][ T5113] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 85.203858][ T5113] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 85.213132][ T5113] REISERFS (device loop0): using ordered data mode [ 85.219673][ T5113] reiserfs: using flush barriers [pid 5113] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5113] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5113] chdir("./file0") = 0 [pid 5113] ioctl(4, LOOP_CLR_FD) = 0 [pid 5113] close(4) = 0 [pid 5113] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5113] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5113] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [ 85.226212][ T5113] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 85.243071][ T5113] REISERFS (device loop0): checking transaction log (loop0) [ 85.252211][ T5113] REISERFS (device loop0): Using tea hash to sort names [ 85.259526][ T5113] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5113] exit_group(0) = ? [pid 5113] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5113, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- umount2("./25", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./25/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./25/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./25/binderfs") = 0 umount2("./25/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./25/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./25/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./25/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./25/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./25/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./25") = 0 mkdir("./26", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5115 attached , child_tidptr=0x55555563d750) = 5115 [pid 5115] set_robust_list(0x55555563d760, 24) = 0 [pid 5115] chdir("./26") = 0 [pid 5115] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5115] setpgid(0, 0) = 0 [pid 5115] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5115] write(3, "1000", 4) = 4 [pid 5115] close(3) = 0 [pid 5115] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5115] memfd_create("syzkaller", 0) = 3 [pid 5115] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5115] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5115] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5115] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5115] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5115] close(3) = 0 [pid 5115] mkdir("./file0", 0777) = 0 [ 85.703867][ T5115] loop0: detected capacity change from 0 to 8192 [ 85.719679][ T5115] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 85.732780][ T5115] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 85.742106][ T5115] REISERFS (device loop0): using ordered data mode [ 85.748677][ T5115] reiserfs: using flush barriers [pid 5115] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5115] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5115] chdir("./file0") = 0 [pid 5115] ioctl(4, LOOP_CLR_FD) = 0 [pid 5115] close(4) = 0 [pid 5115] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5115] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [ 85.755344][ T5115] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 85.771889][ T5115] REISERFS (device loop0): checking transaction log (loop0) [ 85.780456][ T5115] REISERFS (device loop0): Using tea hash to sort names [ 85.787745][ T5115] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5115] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5115] exit_group(0) = ? [pid 5115] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5115, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- umount2("./26", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./26/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./26/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./26/binderfs") = 0 umount2("./26/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./26/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./26/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./26/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./26/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./26/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./26") = 0 mkdir("./27", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5117 attached , child_tidptr=0x55555563d750) = 5117 [pid 5117] set_robust_list(0x55555563d760, 24) = 0 [pid 5117] chdir("./27") = 0 [pid 5117] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5117] setpgid(0, 0) = 0 [pid 5117] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5117] write(3, "1000", 4) = 4 [pid 5117] close(3) = 0 [pid 5117] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5117] memfd_create("syzkaller", 0) = 3 [pid 5117] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5117] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5117] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5117] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5117] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5117] close(3) = 0 [pid 5117] mkdir("./file0", 0777) = 0 [ 86.232074][ T5117] loop0: detected capacity change from 0 to 8192 [ 86.247924][ T5117] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 86.261433][ T5117] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 86.270672][ T5117] REISERFS (device loop0): using ordered data mode [ 86.277279][ T5117] reiserfs: using flush barriers [pid 5117] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5117] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5117] chdir("./file0") = 0 [pid 5117] ioctl(4, LOOP_CLR_FD) = 0 [pid 5117] close(4) = 0 [pid 5117] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 86.284012][ T5117] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 86.301230][ T5117] REISERFS (device loop0): checking transaction log (loop0) [ 86.309781][ T5117] REISERFS (device loop0): Using tea hash to sort names [ 86.317723][ T5117] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5117] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5117] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5117] exit_group(0) = ? [pid 5117] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5117, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./27", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./27", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./27/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./27/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./27/binderfs") = 0 umount2("./27/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./27/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./27/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./27/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./27/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./27/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./27") = 0 mkdir("./28", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5119 attached [pid 5119] set_robust_list(0x55555563d760, 24 [pid 5061] <... clone resumed>, child_tidptr=0x55555563d750) = 5119 [pid 5119] <... set_robust_list resumed>) = 0 [pid 5119] chdir("./28") = 0 [pid 5119] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5119] setpgid(0, 0) = 0 [pid 5119] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5119] write(3, "1000", 4) = 4 [pid 5119] close(3) = 0 [pid 5119] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5119] memfd_create("syzkaller", 0) = 3 [pid 5119] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5119] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5119] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5119] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5119] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5119] close(3) = 0 [pid 5119] mkdir("./file0", 0777) = 0 [ 86.669739][ T5119] loop0: detected capacity change from 0 to 8192 [ 86.680866][ T5119] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 86.694620][ T5119] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 86.703886][ T5119] REISERFS (device loop0): using ordered data mode [ 86.710515][ T5119] reiserfs: using flush barriers [pid 5119] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5119] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5119] chdir("./file0") = 0 [pid 5119] ioctl(4, LOOP_CLR_FD) = 0 [pid 5119] close(4) = 0 [pid 5119] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5119] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5119] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5119] exit_group(0) = ? [pid 5119] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5119, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./28", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./28", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 86.717968][ T5119] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 86.734790][ T5119] REISERFS (device loop0): checking transaction log (loop0) [ 86.743725][ T5119] REISERFS (device loop0): Using tea hash to sort names [ 86.751055][ T5119] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./28/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./28/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./28/binderfs") = 0 umount2("./28/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./28/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./28/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./28/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./28/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./28/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./28") = 0 mkdir("./29", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5121 attached [pid 5121] set_robust_list(0x55555563d760, 24) = 0 [pid 5121] chdir("./29") = 0 [pid 5061] <... clone resumed>, child_tidptr=0x55555563d750) = 5121 [pid 5121] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5121] setpgid(0, 0) = 0 [pid 5121] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5121] write(3, "1000", 4) = 4 [pid 5121] close(3) = 0 [pid 5121] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5121] memfd_create("syzkaller", 0) = 3 [pid 5121] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5121] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [ 87.088283][ T8] cfg80211: failed to load regulatory.db [pid 5121] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5121] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5121] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5121] close(3) = 0 [pid 5121] mkdir("./file0", 0777) = 0 [ 87.151582][ T5121] loop0: detected capacity change from 0 to 8192 [ 87.177528][ T5121] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 87.190572][ T5121] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 87.200305][ T5121] REISERFS (device loop0): using ordered data mode [ 87.207138][ T5121] reiserfs: using flush barriers [ 87.213585][ T5121] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 87.230218][ T5121] REISERFS (device loop0): checking transaction log (loop0) [ 87.238667][ T5121] REISERFS (device loop0): Using tea hash to sort names [pid 5121] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5121] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5121] chdir("./file0") = 0 [pid 5121] ioctl(4, LOOP_CLR_FD) = 0 [pid 5121] close(4) = 0 [pid 5121] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5121] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [ 87.246077][ T5121] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5121] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5121] exit_group(0) = ? [pid 5121] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5121, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./29", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./29", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./29/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./29/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./29/binderfs") = 0 umount2("./29/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./29/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./29/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./29/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./29/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./29/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./29") = 0 mkdir("./30", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5123 attached , child_tidptr=0x55555563d750) = 5123 [pid 5123] set_robust_list(0x55555563d760, 24) = 0 [pid 5123] chdir("./30") = 0 [pid 5123] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5123] setpgid(0, 0) = 0 [pid 5123] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5123] write(3, "1000", 4) = 4 [pid 5123] close(3) = 0 [pid 5123] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5123] memfd_create("syzkaller", 0) = 3 [pid 5123] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5123] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5123] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5123] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5123] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5123] close(3) = 0 [pid 5123] mkdir("./file0", 0777) = 0 [ 87.624756][ T5123] loop0: detected capacity change from 0 to 8192 [ 87.651243][ T5123] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 87.664284][ T5123] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 87.673701][ T5123] REISERFS (device loop0): using ordered data mode [ 87.680252][ T5123] reiserfs: using flush barriers [ 87.687024][ T5123] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 87.703583][ T5123] REISERFS (device loop0): checking transaction log (loop0) [ 87.712383][ T5123] REISERFS (device loop0): Using tea hash to sort names [pid 5123] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5123] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5123] chdir("./file0") = 0 [pid 5123] ioctl(4, LOOP_CLR_FD) = 0 [pid 5123] close(4) = 0 [ 87.719679][ T5123] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5123] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5123] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5123] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5123] exit_group(0) = ? [pid 5123] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5123, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=12 /* 0.12 s */} --- umount2("./30", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./30", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./30/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./30/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./30/binderfs") = 0 umount2("./30/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./30/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./30/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./30/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./30/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./30/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./30") = 0 mkdir("./31", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5125 attached , child_tidptr=0x55555563d750) = 5125 [pid 5125] set_robust_list(0x55555563d760, 24) = 0 [pid 5125] chdir("./31") = 0 [pid 5125] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5125] setpgid(0, 0) = 0 [pid 5125] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5125] write(3, "1000", 4) = 4 [pid 5125] close(3) = 0 [pid 5125] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5125] memfd_create("syzkaller", 0) = 3 [pid 5125] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5125] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5125] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5125] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5125] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5125] close(3) = 0 [pid 5125] mkdir("./file0", 0777) = 0 [ 88.082009][ T5125] loop0: detected capacity change from 0 to 8192 [ 88.097939][ T5125] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 88.111051][ T5125] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 88.120480][ T5125] REISERFS (device loop0): using ordered data mode [ 88.127210][ T5125] reiserfs: using flush barriers [pid 5125] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5125] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5125] chdir("./file0") = 0 [pid 5125] ioctl(4, LOOP_CLR_FD) = 0 [pid 5125] close(4) = 0 [pid 5125] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 88.133808][ T5125] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 88.150585][ T5125] REISERFS (device loop0): checking transaction log (loop0) [ 88.161454][ T5125] REISERFS (device loop0): Using tea hash to sort names [ 88.168944][ T5125] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5125] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5125] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5125] exit_group(0) = ? [pid 5125] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5125, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- umount2("./31", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./31", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./31/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./31/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./31/binderfs") = 0 umount2("./31/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./31/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./31/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./31/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./31/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./31/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./31") = 0 mkdir("./32", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5127 attached [pid 5127] set_robust_list(0x55555563d760, 24 [pid 5061] <... clone resumed>, child_tidptr=0x55555563d750) = 5127 [pid 5127] <... set_robust_list resumed>) = 0 [pid 5127] chdir("./32") = 0 [pid 5127] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5127] setpgid(0, 0) = 0 [pid 5127] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5127] write(3, "1000", 4) = 4 [pid 5127] close(3) = 0 [pid 5127] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5127] memfd_create("syzkaller", 0) = 3 [pid 5127] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5127] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5127] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5127] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5127] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5127] close(3) = 0 [pid 5127] mkdir("./file0", 0777) = 0 [ 88.591857][ T5127] loop0: detected capacity change from 0 to 8192 [ 88.608659][ T5127] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 88.622061][ T5127] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 88.631523][ T5127] REISERFS (device loop0): using ordered data mode [pid 5127] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5127] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5127] chdir("./file0") = 0 [pid 5127] ioctl(4, LOOP_CLR_FD) = 0 [pid 5127] close(4) = 0 [ 88.638098][ T5127] reiserfs: using flush barriers [ 88.645272][ T5127] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 88.662075][ T5127] REISERFS (device loop0): checking transaction log (loop0) [ 88.670816][ T5127] REISERFS (device loop0): Using tea hash to sort names [ 88.678236][ T5127] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5127] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5127] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5127] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5127] exit_group(0) = ? [pid 5127] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5127, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./32", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./32", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./32/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./32/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./32/binderfs") = 0 umount2("./32/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./32/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./32/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./32/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./32/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./32/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./32") = 0 mkdir("./33", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555563d750) = 5129 ./strace-static-x86_64: Process 5129 attached [pid 5129] set_robust_list(0x55555563d760, 24) = 0 [pid 5129] chdir("./33") = 0 [pid 5129] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5129] setpgid(0, 0) = 0 [pid 5129] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5129] write(3, "1000", 4) = 4 [pid 5129] close(3) = 0 [pid 5129] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5129] memfd_create("syzkaller", 0) = 3 [pid 5129] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5129] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5129] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5129] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5129] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5129] close(3) = 0 [pid 5129] mkdir("./file0", 0777) = 0 [ 89.063759][ T5129] loop0: detected capacity change from 0 to 8192 [ 89.074085][ T5129] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 89.087184][ T5129] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 89.096835][ T5129] REISERFS (device loop0): using ordered data mode [ 89.103994][ T5129] reiserfs: using flush barriers [pid 5129] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5129] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5129] chdir("./file0") = 0 [pid 5129] ioctl(4, LOOP_CLR_FD) = 0 [pid 5129] close(4) = 0 [pid 5129] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 89.111343][ T5129] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 89.128789][ T5129] REISERFS (device loop0): checking transaction log (loop0) [ 89.137827][ T5129] REISERFS (device loop0): Using tea hash to sort names [ 89.145326][ T5129] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5129] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5129] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5129] exit_group(0) = ? [pid 5129] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5129, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./33", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./33", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./33/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./33/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./33/binderfs") = 0 umount2("./33/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./33/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./33/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./33/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./33/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./33/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./33") = 0 mkdir("./34", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5131 attached , child_tidptr=0x55555563d750) = 5131 [pid 5131] set_robust_list(0x55555563d760, 24) = 0 [pid 5131] chdir("./34") = 0 [pid 5131] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5131] setpgid(0, 0) = 0 [pid 5131] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5131] write(3, "1000", 4) = 4 [pid 5131] close(3) = 0 [pid 5131] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5131] memfd_create("syzkaller", 0) = 3 [pid 5131] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5131] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5131] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5131] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5131] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5131] close(3) = 0 [pid 5131] mkdir("./file0", 0777) = 0 [ 89.567935][ T5131] loop0: detected capacity change from 0 to 8192 [ 89.593180][ T5131] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 89.606534][ T5131] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 89.615907][ T5131] REISERFS (device loop0): using ordered data mode [ 89.622585][ T5131] reiserfs: using flush barriers [ 89.629058][ T5131] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 89.646178][ T5131] REISERFS (device loop0): checking transaction log (loop0) [ 89.654358][ T5131] REISERFS (device loop0): Using tea hash to sort names [pid 5131] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5131] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5131] chdir("./file0") = 0 [pid 5131] ioctl(4, LOOP_CLR_FD) = 0 [pid 5131] close(4) = 0 [pid 5131] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 89.661909][ T5131] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5131] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5131] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5131] exit_group(0) = ? [pid 5131] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5131, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./34", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./34", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./34/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./34/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./34/binderfs") = 0 umount2("./34/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./34/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./34/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./34/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./34/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./34/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./34") = 0 mkdir("./35", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5133 attached , child_tidptr=0x55555563d750) = 5133 [pid 5133] set_robust_list(0x55555563d760, 24) = 0 [pid 5133] chdir("./35") = 0 [pid 5133] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5133] setpgid(0, 0) = 0 [pid 5133] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5133] write(3, "1000", 4) = 4 [pid 5133] close(3) = 0 [pid 5133] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5133] memfd_create("syzkaller", 0) = 3 [pid 5133] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5133] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5133] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5133] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5133] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5133] close(3) = 0 [pid 5133] mkdir("./file0", 0777) = 0 [ 90.043642][ T5133] loop0: detected capacity change from 0 to 8192 [ 90.059666][ T5133] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 90.072870][ T5133] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 90.082443][ T5133] REISERFS (device loop0): using ordered data mode [ 90.089172][ T5133] reiserfs: using flush barriers [pid 5133] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5133] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5133] chdir("./file0") = 0 [pid 5133] ioctl(4, LOOP_CLR_FD) = 0 [pid 5133] close(4) = 0 [pid 5133] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5133] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [ 90.095744][ T5133] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 90.112487][ T5133] REISERFS (device loop0): checking transaction log (loop0) [ 90.121208][ T5133] REISERFS (device loop0): Using tea hash to sort names [ 90.128495][ T5133] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5133] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5133] exit_group(0) = ? [pid 5133] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5133, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./35", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./35", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./35/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./35/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./35/binderfs") = 0 umount2("./35/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./35/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./35/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./35/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./35/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./35/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./35") = 0 mkdir("./36", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5136 attached [pid 5136] set_robust_list(0x55555563d760, 24) = 0 [pid 5136] chdir("./36") = 0 [pid 5136] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5136] setpgid(0, 0 [pid 5061] <... clone resumed>, child_tidptr=0x55555563d750) = 5136 [pid 5136] <... setpgid resumed>) = 0 [pid 5136] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5136] write(3, "1000", 4) = 4 [pid 5136] close(3) = 0 [pid 5136] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5136] memfd_create("syzkaller", 0) = 3 [pid 5136] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5136] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5136] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5136] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5136] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5136] close(3) = 0 [pid 5136] mkdir("./file0", 0777) = 0 [ 90.532060][ T5136] loop0: detected capacity change from 0 to 8192 [ 90.547864][ T5136] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 90.561987][ T5136] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 90.572705][ T5136] REISERFS (device loop0): using ordered data mode [pid 5136] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5136] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5136] chdir("./file0") = 0 [pid 5136] ioctl(4, LOOP_CLR_FD) = 0 [pid 5136] close(4) = 0 [pid 5136] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 90.579407][ T5136] reiserfs: using flush barriers [ 90.586294][ T5136] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 90.603106][ T5136] REISERFS (device loop0): checking transaction log (loop0) [ 90.611634][ T5136] REISERFS (device loop0): Using tea hash to sort names [ 90.619128][ T5136] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5136] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5136] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5136] exit_group(0) = ? [pid 5136] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5136, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./36", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./36", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./36/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./36/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./36/binderfs") = 0 umount2("./36/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./36/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./36/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./36/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./36/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./36/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./36") = 0 mkdir("./37", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5138 attached , child_tidptr=0x55555563d750) = 5138 [pid 5138] set_robust_list(0x55555563d760, 24) = 0 [pid 5138] chdir("./37") = 0 [pid 5138] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5138] setpgid(0, 0) = 0 [pid 5138] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5138] write(3, "1000", 4) = 4 [pid 5138] close(3) = 0 [pid 5138] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5138] memfd_create("syzkaller", 0) = 3 [pid 5138] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5138] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5138] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5138] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5138] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5138] close(3) = 0 [pid 5138] mkdir("./file0", 0777) = 0 [ 90.980414][ T5138] loop0: detected capacity change from 0 to 8192 [ 90.995482][ T5138] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 91.008936][ T5138] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 91.018419][ T5138] REISERFS (device loop0): using ordered data mode [ 91.025033][ T5138] reiserfs: using flush barriers [pid 5138] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5138] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5138] chdir("./file0") = 0 [pid 5138] ioctl(4, LOOP_CLR_FD) = 0 [pid 5138] close(4) = 0 [ 91.031614][ T5138] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 91.048490][ T5138] REISERFS (device loop0): checking transaction log (loop0) [ 91.057134][ T5138] REISERFS (device loop0): Using tea hash to sort names [ 91.064548][ T5138] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5138] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5138] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5138] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5138] exit_group(0) = ? [pid 5138] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5138, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./37", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./37", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./37/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./37/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./37/binderfs") = 0 umount2("./37/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./37/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./37/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./37/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./37/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./37/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./37") = 0 mkdir("./38", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5140 attached [pid 5140] set_robust_list(0x55555563d760, 24) = 0 [pid 5140] chdir("./38" [pid 5061] <... clone resumed>, child_tidptr=0x55555563d750) = 5140 [pid 5140] <... chdir resumed>) = 0 [pid 5140] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5140] setpgid(0, 0) = 0 [pid 5140] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5140] write(3, "1000", 4) = 4 [pid 5140] close(3) = 0 [pid 5140] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5140] memfd_create("syzkaller", 0) = 3 [pid 5140] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5140] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5140] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5140] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5140] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5140] close(3) = 0 [pid 5140] mkdir("./file0", 0777) = 0 [ 91.471532][ T5140] loop0: detected capacity change from 0 to 8192 [ 91.487943][ T5140] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 91.501075][ T5140] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 91.510582][ T5140] REISERFS (device loop0): using ordered data mode [ 91.517488][ T5140] reiserfs: using flush barriers [pid 5140] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5140] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5140] chdir("./file0") = 0 [pid 5140] ioctl(4, LOOP_CLR_FD) = 0 [pid 5140] close(4) = 0 [ 91.523883][ T5140] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 91.541005][ T5140] REISERFS (device loop0): checking transaction log (loop0) [ 91.549709][ T5140] REISERFS (device loop0): Using tea hash to sort names [ 91.557394][ T5140] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5140] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5140] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5140] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5140] exit_group(0) = ? [pid 5140] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5140, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./38", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./38", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./38/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./38/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./38/binderfs") = 0 umount2("./38/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./38/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./38/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./38/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./38/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./38/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./38") = 0 mkdir("./39", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5142 attached [pid 5142] set_robust_list(0x55555563d760, 24) = 0 [pid 5142] chdir("./39") = 0 [pid 5061] <... clone resumed>, child_tidptr=0x55555563d750) = 5142 [pid 5142] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5142] setpgid(0, 0) = 0 [pid 5142] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5142] write(3, "1000", 4) = 4 [pid 5142] close(3) = 0 [pid 5142] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5142] memfd_create("syzkaller", 0) = 3 [pid 5142] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5142] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5142] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5142] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5142] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5142] close(3) = 0 [pid 5142] mkdir("./file0", 0777) = 0 [ 91.903394][ T5142] loop0: detected capacity change from 0 to 8192 [ 91.918738][ T5142] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 91.931928][ T5142] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 91.941278][ T5142] REISERFS (device loop0): using ordered data mode [ 91.947998][ T5142] reiserfs: using flush barriers [pid 5142] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5142] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5142] chdir("./file0") = 0 [pid 5142] ioctl(4, LOOP_CLR_FD) = 0 [pid 5142] close(4) = 0 [pid 5142] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5142] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [ 91.954428][ T5142] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 91.971231][ T5142] REISERFS (device loop0): checking transaction log (loop0) [ 91.979731][ T5142] REISERFS (device loop0): Using tea hash to sort names [ 91.987366][ T5142] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5142] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5142] exit_group(0) = ? [pid 5142] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5142, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./39", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./39", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./39/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./39/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./39/binderfs") = 0 umount2("./39/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./39/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./39/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./39/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./39/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./39/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./39") = 0 mkdir("./40", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5144 attached [pid 5144] set_robust_list(0x55555563d760, 24 [pid 5061] <... clone resumed>, child_tidptr=0x55555563d750) = 5144 [pid 5144] <... set_robust_list resumed>) = 0 [pid 5144] chdir("./40") = 0 [pid 5144] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5144] setpgid(0, 0) = 0 [pid 5144] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5144] write(3, "1000", 4) = 4 [pid 5144] close(3) = 0 [pid 5144] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5144] memfd_create("syzkaller", 0) = 3 [pid 5144] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5144] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5144] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5144] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5144] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5144] close(3) = 0 [pid 5144] mkdir("./file0", 0777) = 0 [ 92.372911][ T5144] loop0: detected capacity change from 0 to 8192 [ 92.401722][ T5144] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 92.414892][ T5144] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 92.424362][ T5144] REISERFS (device loop0): using ordered data mode [ 92.431271][ T5144] reiserfs: using flush barriers [ 92.438029][ T5144] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 92.454799][ T5144] REISERFS (device loop0): checking transaction log (loop0) [ 92.464050][ T5144] REISERFS (device loop0): Using tea hash to sort names [pid 5144] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5144] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5144] chdir("./file0") = 0 [pid 5144] ioctl(4, LOOP_CLR_FD) = 0 [pid 5144] close(4) = 0 [pid 5144] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5144] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5144] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5144] exit_group(0) = ? [ 92.471695][ T5144] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5144] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5144, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./40", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./40", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./40/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./40/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./40/binderfs") = 0 umount2("./40/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./40/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./40/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./40/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./40/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./40/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./40") = 0 mkdir("./41", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5146 attached , child_tidptr=0x55555563d750) = 5146 [pid 5146] set_robust_list(0x55555563d760, 24) = 0 [pid 5146] chdir("./41") = 0 [pid 5146] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5146] setpgid(0, 0) = 0 [pid 5146] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5146] write(3, "1000", 4) = 4 [pid 5146] close(3) = 0 [pid 5146] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5146] memfd_create("syzkaller", 0) = 3 [pid 5146] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5146] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5146] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5146] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5146] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5146] close(3) = 0 [pid 5146] mkdir("./file0", 0777) = 0 [ 92.911435][ T5146] loop0: detected capacity change from 0 to 8192 [ 92.928042][ T5146] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 92.941070][ T5146] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 92.951475][ T5146] REISERFS (device loop0): using ordered data mode [pid 5146] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5146] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5146] chdir("./file0") = 0 [pid 5146] ioctl(4, LOOP_CLR_FD) = 0 [pid 5146] close(4) = 0 [pid 5146] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5146] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5146] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5146] exit_group(0) = ? [ 92.958040][ T5146] reiserfs: using flush barriers [ 92.964884][ T5146] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 92.981648][ T5146] REISERFS (device loop0): checking transaction log (loop0) [ 92.990515][ T5146] REISERFS (device loop0): Using tea hash to sort names [ 92.998167][ T5146] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5146] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5146, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./41", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./41", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./41/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./41/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./41/binderfs") = 0 umount2("./41/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./41/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./41/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./41/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./41/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./41/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./41") = 0 mkdir("./42", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5148 attached , child_tidptr=0x55555563d750) = 5148 [pid 5148] set_robust_list(0x55555563d760, 24) = 0 [pid 5148] chdir("./42") = 0 [pid 5148] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5148] setpgid(0, 0) = 0 [pid 5148] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5148] write(3, "1000", 4) = 4 [pid 5148] close(3) = 0 [pid 5148] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5148] memfd_create("syzkaller", 0) = 3 [pid 5148] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5148] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5148] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5148] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5148] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5148] close(3) = 0 [pid 5148] mkdir("./file0", 0777) = 0 [ 93.433408][ T5148] loop0: detected capacity change from 0 to 8192 [ 93.454445][ T5148] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 93.468031][ T5148] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 93.477366][ T5148] REISERFS (device loop0): using ordered data mode [ 93.483881][ T5148] reiserfs: using flush barriers [ 93.491778][ T5148] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 93.508865][ T5148] REISERFS (device loop0): checking transaction log (loop0) [ 93.517287][ T5148] REISERFS (device loop0): Using tea hash to sort names [ 93.524744][ T5148] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5148] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5148] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5148] chdir("./file0") = 0 [pid 5148] ioctl(4, LOOP_CLR_FD) = 0 [pid 5148] close(4) = 0 [pid 5148] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5148] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5148] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5148] exit_group(0) = ? [pid 5148] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5148, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./42", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./42", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./42/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./42/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./42/binderfs") = 0 umount2("./42/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./42/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./42/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./42/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./42/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./42/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./42") = 0 mkdir("./43", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5150 attached [pid 5150] set_robust_list(0x55555563d760, 24) = 0 [pid 5061] <... clone resumed>, child_tidptr=0x55555563d750) = 5150 [pid 5150] chdir("./43") = 0 [pid 5150] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5150] setpgid(0, 0) = 0 [pid 5150] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5150] write(3, "1000", 4) = 4 [pid 5150] close(3) = 0 [pid 5150] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5150] memfd_create("syzkaller", 0) = 3 [pid 5150] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5150] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5150] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5150] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5150] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5150] close(3) = 0 [pid 5150] mkdir("./file0", 0777) = 0 [ 93.938314][ T5150] loop0: detected capacity change from 0 to 8192 [ 93.963477][ T5150] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 93.976547][ T5150] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 93.985907][ T5150] REISERFS (device loop0): using ordered data mode [ 93.992610][ T5150] reiserfs: using flush barriers [ 93.999313][ T5150] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 94.017310][ T5150] REISERFS (device loop0): checking transaction log (loop0) [ 94.025945][ T5150] REISERFS (device loop0): Using tea hash to sort names [pid 5150] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5150] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5150] chdir("./file0") = 0 [pid 5150] ioctl(4, LOOP_CLR_FD) = 0 [pid 5150] close(4) = 0 [pid 5150] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5150] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5150] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5150] exit_group(0) = ? [pid 5150] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5150, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- umount2("./43", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./43", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 94.033264][ T5150] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./43/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./43/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./43/binderfs") = 0 umount2("./43/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./43/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./43/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./43/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./43/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./43/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./43") = 0 mkdir("./44", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5152 attached , child_tidptr=0x55555563d750) = 5152 [pid 5152] set_robust_list(0x55555563d760, 24) = 0 [pid 5152] chdir("./44") = 0 [pid 5152] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5152] setpgid(0, 0) = 0 [pid 5152] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5152] write(3, "1000", 4) = 4 [pid 5152] close(3) = 0 [pid 5152] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5152] memfd_create("syzkaller", 0) = 3 [pid 5152] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5152] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5152] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5152] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5152] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5152] close(3) = 0 [pid 5152] mkdir("./file0", 0777) = 0 [ 94.360841][ T5152] loop0: detected capacity change from 0 to 8192 [ 94.371732][ T5152] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 94.385199][ T5152] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 94.394777][ T5152] REISERFS (device loop0): using ordered data mode [ 94.401430][ T5152] reiserfs: using flush barriers [pid 5152] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5152] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5152] chdir("./file0") = 0 [pid 5152] ioctl(4, LOOP_CLR_FD) = 0 [pid 5152] close(4) = 0 [pid 5152] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 94.408212][ T5152] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 94.424735][ T5152] REISERFS (device loop0): checking transaction log (loop0) [ 94.433205][ T5152] REISERFS (device loop0): Using tea hash to sort names [ 94.440501][ T5152] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5152] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5152] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5152] exit_group(0) = ? [pid 5152] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5152, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./44", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./44", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./44/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./44/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./44/binderfs") = 0 umount2("./44/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./44/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./44/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./44/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./44/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./44/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./44") = 0 mkdir("./45", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5154 attached , child_tidptr=0x55555563d750) = 5154 [pid 5154] set_robust_list(0x55555563d760, 24) = 0 [pid 5154] chdir("./45") = 0 [pid 5154] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5154] setpgid(0, 0) = 0 [pid 5154] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5154] write(3, "1000", 4) = 4 [pid 5154] close(3) = 0 [pid 5154] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5154] memfd_create("syzkaller", 0) = 3 [pid 5154] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5154] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5154] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5154] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5154] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5154] close(3) = 0 [pid 5154] mkdir("./file0", 0777) = 0 [ 94.836294][ T5154] loop0: detected capacity change from 0 to 8192 [ 94.852783][ T5154] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 94.865983][ T5154] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 94.875201][ T5154] REISERFS (device loop0): using ordered data mode [pid 5154] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5154] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5154] chdir("./file0") = 0 [pid 5154] ioctl(4, LOOP_CLR_FD) = 0 [pid 5154] close(4) = 0 [pid 5154] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5154] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5154] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [ 94.882033][ T5154] reiserfs: using flush barriers [ 94.888418][ T5154] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 94.904952][ T5154] REISERFS (device loop0): checking transaction log (loop0) [ 94.913355][ T5154] REISERFS (device loop0): Using tea hash to sort names [ 94.920765][ T5154] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5154] exit_group(0) = ? [pid 5154] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5154, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./45", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./45", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./45/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./45/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./45/binderfs") = 0 umount2("./45/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./45/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./45/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./45/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./45/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./45/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./45") = 0 mkdir("./46", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5156 attached , child_tidptr=0x55555563d750) = 5156 [pid 5156] set_robust_list(0x55555563d760, 24) = 0 [pid 5156] chdir("./46") = 0 [pid 5156] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5156] setpgid(0, 0) = 0 [pid 5156] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5156] write(3, "1000", 4) = 4 [pid 5156] close(3) = 0 [pid 5156] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5156] memfd_create("syzkaller", 0) = 3 [pid 5156] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5156] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5156] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5156] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5156] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5156] close(3) = 0 [pid 5156] mkdir("./file0", 0777) = 0 [ 95.322056][ T5156] loop0: detected capacity change from 0 to 8192 [ 95.337347][ T5156] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 95.350646][ T5156] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 95.359937][ T5156] REISERFS (device loop0): using ordered data mode [ 95.366572][ T5156] reiserfs: using flush barriers [pid 5156] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5156] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5156] chdir("./file0") = 0 [pid 5156] ioctl(4, LOOP_CLR_FD) = 0 [pid 5156] close(4) = 0 [pid 5156] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 95.372981][ T5156] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 95.389742][ T5156] REISERFS (device loop0): checking transaction log (loop0) [ 95.397953][ T5156] REISERFS (device loop0): Using tea hash to sort names [ 95.405171][ T5156] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5156] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5156] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5156] exit_group(0) = ? [pid 5156] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5156, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./46", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./46", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./46/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./46/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./46/binderfs") = 0 umount2("./46/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./46/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./46/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./46/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./46/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./46/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./46") = 0 mkdir("./47", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555563d750) = 5158 ./strace-static-x86_64: Process 5158 attached [pid 5158] set_robust_list(0x55555563d760, 24) = 0 [pid 5158] chdir("./47") = 0 [pid 5158] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5158] setpgid(0, 0) = 0 [pid 5158] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5158] write(3, "1000", 4) = 4 [pid 5158] close(3) = 0 [pid 5158] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5158] memfd_create("syzkaller", 0) = 3 [pid 5158] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5158] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5158] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5158] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5158] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5158] close(3) = 0 [pid 5158] mkdir("./file0", 0777) = 0 [ 95.753203][ T5158] loop0: detected capacity change from 0 to 8192 [ 95.779116][ T5158] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 95.792293][ T5158] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 95.801774][ T5158] REISERFS (device loop0): using ordered data mode [ 95.808448][ T5158] reiserfs: using flush barriers [ 95.814982][ T5158] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 95.831960][ T5158] REISERFS (device loop0): checking transaction log (loop0) [ 95.840254][ T5158] REISERFS (device loop0): Using tea hash to sort names [pid 5158] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5158] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5158] chdir("./file0") = 0 [pid 5158] ioctl(4, LOOP_CLR_FD) = 0 [pid 5158] close(4) = 0 [pid 5158] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 95.848299][ T5158] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5158] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5158] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5158] exit_group(0) = ? [pid 5158] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5158, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./47", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./47", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./47/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./47/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./47/binderfs") = 0 umount2("./47/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./47/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./47/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./47/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./47/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./47/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./47") = 0 mkdir("./48", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5160 attached , child_tidptr=0x55555563d750) = 5160 [pid 5160] set_robust_list(0x55555563d760, 24) = 0 [pid 5160] chdir("./48") = 0 [pid 5160] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5160] setpgid(0, 0) = 0 [pid 5160] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5160] write(3, "1000", 4) = 4 [pid 5160] close(3) = 0 [pid 5160] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5160] memfd_create("syzkaller", 0) = 3 [pid 5160] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5160] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5160] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5160] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5160] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5160] close(3) = 0 [pid 5160] mkdir("./file0", 0777) = 0 [ 96.238619][ T5160] loop0: detected capacity change from 0 to 8192 [ 96.254978][ T5160] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 96.268902][ T5160] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 96.278171][ T5160] REISERFS (device loop0): using ordered data mode [pid 5160] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5160] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5160] chdir("./file0") = 0 [pid 5160] ioctl(4, LOOP_CLR_FD) = 0 [pid 5160] close(4) = 0 [pid 5160] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5160] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5160] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [ 96.284684][ T5160] reiserfs: using flush barriers [ 96.291578][ T5160] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 96.308213][ T5160] REISERFS (device loop0): checking transaction log (loop0) [ 96.316832][ T5160] REISERFS (device loop0): Using tea hash to sort names [ 96.324053][ T5160] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5160] exit_group(0) = ? [pid 5160] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5160, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./48", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./48", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./48/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./48/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./48/binderfs") = 0 umount2("./48/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./48/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./48/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./48/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./48/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./48/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./48") = 0 mkdir("./49", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5162 attached [pid 5162] set_robust_list(0x55555563d760, 24 [pid 5061] <... clone resumed>, child_tidptr=0x55555563d750) = 5162 [pid 5162] <... set_robust_list resumed>) = 0 [pid 5162] chdir("./49") = 0 [pid 5162] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5162] setpgid(0, 0) = 0 [pid 5162] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5162] write(3, "1000", 4) = 4 [pid 5162] close(3) = 0 [pid 5162] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5162] memfd_create("syzkaller", 0) = 3 [pid 5162] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5162] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5162] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5162] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5162] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5162] close(3) = 0 [pid 5162] mkdir("./file0", 0777) = 0 [ 96.706908][ T5162] loop0: detected capacity change from 0 to 8192 [ 96.733203][ T5162] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 96.746224][ T5162] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 96.755796][ T5162] REISERFS (device loop0): using ordered data mode [ 96.762357][ T5162] reiserfs: using flush barriers [ 96.768959][ T5162] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 96.785906][ T5162] REISERFS (device loop0): checking transaction log (loop0) [ 96.794443][ T5162] REISERFS (device loop0): Using tea hash to sort names [pid 5162] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5162] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5162] chdir("./file0") = 0 [pid 5162] ioctl(4, LOOP_CLR_FD) = 0 [pid 5162] close(4) = 0 [ 96.802248][ T5162] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5162] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5162] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5162] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5162] exit_group(0) = ? [pid 5162] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5162, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./49", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./49", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./49/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./49/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./49/binderfs") = 0 umount2("./49/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./49/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./49/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./49/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./49/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./49/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./49") = 0 mkdir("./50", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5164 attached , child_tidptr=0x55555563d750) = 5164 [pid 5164] set_robust_list(0x55555563d760, 24) = 0 [pid 5164] chdir("./50") = 0 [pid 5164] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5164] setpgid(0, 0) = 0 [pid 5164] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5164] write(3, "1000", 4) = 4 [pid 5164] close(3) = 0 [pid 5164] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5164] memfd_create("syzkaller", 0) = 3 [pid 5164] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5164] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5164] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5164] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5164] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5164] close(3) = 0 [pid 5164] mkdir("./file0", 0777) = 0 [ 97.235245][ T5164] loop0: detected capacity change from 0 to 8192 [ 97.262871][ T5164] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 97.276559][ T5164] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 97.285827][ T5164] REISERFS (device loop0): using ordered data mode [ 97.292328][ T5164] reiserfs: using flush barriers [ 97.299060][ T5164] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 97.315912][ T5164] REISERFS (device loop0): checking transaction log (loop0) [ 97.324167][ T5164] REISERFS (device loop0): Using tea hash to sort names [pid 5164] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5164] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5164] chdir("./file0") = 0 [pid 5164] ioctl(4, LOOP_CLR_FD) = 0 [pid 5164] close(4) = 0 [pid 5164] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5164] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [ 97.331866][ T5164] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5164] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5164] exit_group(0) = ? [pid 5164] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5164, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./50", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./50", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./50/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./50/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./50/binderfs") = 0 umount2("./50/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./50/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./50/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./50/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./50/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./50/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./50") = 0 mkdir("./51", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5166 attached , child_tidptr=0x55555563d750) = 5166 [pid 5166] set_robust_list(0x55555563d760, 24) = 0 [pid 5166] chdir("./51") = 0 [pid 5166] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5166] setpgid(0, 0) = 0 [pid 5166] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5166] write(3, "1000", 4) = 4 [pid 5166] close(3) = 0 [pid 5166] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5166] memfd_create("syzkaller", 0) = 3 [pid 5166] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5166] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5166] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5166] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5166] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5166] close(3) = 0 [pid 5166] mkdir("./file0", 0777) = 0 [ 97.705812][ T5166] loop0: detected capacity change from 0 to 8192 [ 97.720271][ T5166] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 97.733678][ T5166] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 97.743115][ T5166] REISERFS (device loop0): using ordered data mode [ 97.749685][ T5166] reiserfs: using flush barriers [pid 5166] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5166] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5166] chdir("./file0") = 0 [pid 5166] ioctl(4, LOOP_CLR_FD) = 0 [pid 5166] close(4) = 0 [ 97.756227][ T5166] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 97.772900][ T5166] REISERFS (device loop0): checking transaction log (loop0) [ 97.781409][ T5166] REISERFS (device loop0): Using tea hash to sort names [ 97.788910][ T5166] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5166] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5166] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5166] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5166] exit_group(0) = ? [pid 5166] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5166, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./51", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./51", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./51/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./51/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./51/binderfs") = 0 umount2("./51/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./51/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./51/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./51/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./51/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./51/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./51") = 0 mkdir("./52", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5168 attached , child_tidptr=0x55555563d750) = 5168 [pid 5168] set_robust_list(0x55555563d760, 24) = 0 [pid 5168] chdir("./52") = 0 [pid 5168] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5168] setpgid(0, 0) = 0 [pid 5168] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5168] write(3, "1000", 4) = 4 [pid 5168] close(3) = 0 [pid 5168] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5168] memfd_create("syzkaller", 0) = 3 [pid 5168] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5168] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5168] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5168] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5168] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5168] close(3) = 0 [pid 5168] mkdir("./file0", 0777) = 0 [ 98.146780][ T5168] loop0: detected capacity change from 0 to 8192 [ 98.161500][ T5168] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 98.175130][ T5168] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 98.184485][ T5168] REISERFS (device loop0): using ordered data mode [ 98.191215][ T5168] reiserfs: using flush barriers [pid 5168] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5168] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5168] chdir("./file0") = 0 [pid 5168] ioctl(4, LOOP_CLR_FD) = 0 [pid 5168] close(4) = 0 [pid 5168] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 98.197988][ T5168] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 98.214865][ T5168] REISERFS (device loop0): checking transaction log (loop0) [ 98.223396][ T5168] REISERFS (device loop0): Using tea hash to sort names [ 98.230844][ T5168] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5168] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5168] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5168] exit_group(0) = ? [pid 5168] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5168, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./52", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./52", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./52/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./52/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./52/binderfs") = 0 umount2("./52/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./52/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./52/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./52/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./52/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./52/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./52") = 0 mkdir("./53", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5170 attached [pid 5170] set_robust_list(0x55555563d760, 24) = 0 [pid 5170] chdir("./53") = 0 [pid 5061] <... clone resumed>, child_tidptr=0x55555563d750) = 5170 [pid 5170] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5170] setpgid(0, 0) = 0 [pid 5170] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5170] write(3, "1000", 4) = 4 [pid 5170] close(3) = 0 [pid 5170] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5170] memfd_create("syzkaller", 0) = 3 [pid 5170] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5170] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5170] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5170] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5170] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5170] close(3) = 0 [pid 5170] mkdir("./file0", 0777) = 0 [ 98.653427][ T5170] loop0: detected capacity change from 0 to 8192 [ 98.668784][ T5170] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 98.681965][ T5170] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 98.691429][ T5170] REISERFS (device loop0): using ordered data mode [ 98.698557][ T5170] reiserfs: using flush barriers [pid 5170] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5170] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5170] chdir("./file0") = 0 [pid 5170] ioctl(4, LOOP_CLR_FD) = 0 [pid 5170] close(4) = 0 [pid 5170] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 98.704950][ T5170] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 98.721659][ T5170] REISERFS (device loop0): checking transaction log (loop0) [ 98.729983][ T5170] REISERFS (device loop0): Using tea hash to sort names [ 98.737474][ T5170] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5170] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5170] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5170] exit_group(0) = ? [pid 5170] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5170, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./53", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./53", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./53/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./53/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./53/binderfs") = 0 umount2("./53/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./53/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./53/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./53/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./53/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./53/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./53") = 0 mkdir("./54", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5172 attached , child_tidptr=0x55555563d750) = 5172 [pid 5172] set_robust_list(0x55555563d760, 24) = 0 [pid 5172] chdir("./54") = 0 [pid 5172] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5172] setpgid(0, 0) = 0 [pid 5172] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5172] write(3, "1000", 4) = 4 [pid 5172] close(3) = 0 [pid 5172] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5172] memfd_create("syzkaller", 0) = 3 [pid 5172] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5172] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5172] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5172] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5172] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5172] close(3) = 0 [pid 5172] mkdir("./file0", 0777) = 0 [ 99.053440][ T5172] loop0: detected capacity change from 0 to 8192 [ 99.064033][ T5172] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 99.077276][ T5172] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 99.086779][ T5172] REISERFS (device loop0): using ordered data mode [ 99.093391][ T5172] reiserfs: using flush barriers [pid 5172] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5172] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5172] chdir("./file0") = 0 [pid 5172] ioctl(4, LOOP_CLR_FD) = 0 [pid 5172] close(4) = 0 [pid 5172] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 99.100084][ T5172] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 99.116729][ T5172] REISERFS (device loop0): checking transaction log (loop0) [ 99.125714][ T5172] REISERFS (device loop0): Using tea hash to sort names [ 99.133019][ T5172] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5172] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5172] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5172] exit_group(0) = ? [pid 5172] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5172, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- umount2("./54", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./54", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./54/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./54/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./54/binderfs") = 0 umount2("./54/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./54/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./54/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./54/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./54/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./54/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./54") = 0 mkdir("./55", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5174 attached [pid 5174] set_robust_list(0x55555563d760, 24) = 0 [pid 5174] chdir("./55" [pid 5061] <... clone resumed>, child_tidptr=0x55555563d750) = 5174 [pid 5174] <... chdir resumed>) = 0 [pid 5174] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5174] setpgid(0, 0) = 0 [pid 5174] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5174] write(3, "1000", 4) = 4 [pid 5174] close(3) = 0 [pid 5174] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5174] memfd_create("syzkaller", 0) = 3 [pid 5174] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5174] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5174] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5174] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5174] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5174] close(3) = 0 [pid 5174] mkdir("./file0", 0777) = 0 [ 99.568684][ T5174] loop0: detected capacity change from 0 to 8192 [ 99.584810][ T5174] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 99.597915][ T5174] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 99.607174][ T5174] REISERFS (device loop0): using ordered data mode [ 99.613757][ T5174] reiserfs: using flush barriers [pid 5174] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5174] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5174] chdir("./file0") = 0 [pid 5174] ioctl(4, LOOP_CLR_FD) = 0 [pid 5174] close(4) = 0 [pid 5174] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5174] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5174] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5174] exit_group(0) = ? [pid 5174] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5174, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- umount2("./55", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 99.620450][ T5174] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 99.637092][ T5174] REISERFS (device loop0): checking transaction log (loop0) [ 99.645486][ T5174] REISERFS (device loop0): Using tea hash to sort names [ 99.652891][ T5174] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. openat(AT_FDCWD, "./55", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./55/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./55/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./55/binderfs") = 0 umount2("./55/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./55/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./55/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./55/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./55/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./55/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./55") = 0 mkdir("./56", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5176 attached , child_tidptr=0x55555563d750) = 5176 [pid 5176] set_robust_list(0x55555563d760, 24) = 0 [pid 5176] chdir("./56") = 0 [pid 5176] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5176] setpgid(0, 0) = 0 [pid 5176] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5176] write(3, "1000", 4) = 4 [pid 5176] close(3) = 0 [pid 5176] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5176] memfd_create("syzkaller", 0) = 3 [pid 5176] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5176] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5176] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5176] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5176] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5176] close(3) = 0 [pid 5176] mkdir("./file0", 0777) = 0 [ 100.109859][ T5176] loop0: detected capacity change from 0 to 8192 [ 100.120086][ T5176] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 100.133588][ T5176] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 100.145584][ T5176] REISERFS (device loop0): using ordered data mode [ 100.152138][ T5176] reiserfs: using flush barriers [pid 5176] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5176] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5176] chdir("./file0") = 0 [pid 5176] ioctl(4, LOOP_CLR_FD) = 0 [pid 5176] close(4) = 0 [pid 5176] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5176] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [ 100.158799][ T5176] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 100.175506][ T5176] REISERFS (device loop0): checking transaction log (loop0) [ 100.183897][ T5176] REISERFS (device loop0): Using tea hash to sort names [ 100.191294][ T5176] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5176] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5176] exit_group(0) = ? [pid 5176] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5176, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- umount2("./56", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./56", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./56/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./56/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./56/binderfs") = 0 umount2("./56/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./56/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./56/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./56/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./56/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./56/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./56") = 0 mkdir("./57", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5178 attached , child_tidptr=0x55555563d750) = 5178 [pid 5178] set_robust_list(0x55555563d760, 24) = 0 [pid 5178] chdir("./57") = 0 [pid 5178] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5178] setpgid(0, 0) = 0 [pid 5178] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5178] write(3, "1000", 4) = 4 [pid 5178] close(3) = 0 [pid 5178] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5178] memfd_create("syzkaller", 0) = 3 [pid 5178] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5178] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5178] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5178] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5178] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5178] close(3) = 0 [pid 5178] mkdir("./file0", 0777) = 0 [ 100.604252][ T5178] loop0: detected capacity change from 0 to 8192 [ 100.628853][ T5178] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 100.642817][ T5178] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 100.652683][ T5178] REISERFS (device loop0): using ordered data mode [ 100.659258][ T5178] reiserfs: using flush barriers [ 100.665842][ T5178] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 100.682805][ T5178] REISERFS (device loop0): checking transaction log (loop0) [ 100.691004][ T5178] REISERFS (device loop0): Using tea hash to sort names [pid 5178] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5178] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5178] chdir("./file0") = 0 [pid 5178] ioctl(4, LOOP_CLR_FD) = 0 [pid 5178] close(4) = 0 [ 100.698997][ T5178] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5178] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5178] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5178] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5178] exit_group(0) = ? [pid 5178] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5178, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./57", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./57", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./57/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./57/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./57/binderfs") = 0 umount2("./57/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./57/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./57/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./57/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./57/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./57/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./57") = 0 mkdir("./58", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5180 attached , child_tidptr=0x55555563d750) = 5180 [pid 5180] set_robust_list(0x55555563d760, 24) = 0 [pid 5180] chdir("./58") = 0 [pid 5180] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5180] setpgid(0, 0) = 0 [pid 5180] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5180] write(3, "1000", 4) = 4 [pid 5180] close(3) = 0 [pid 5180] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5180] memfd_create("syzkaller", 0) = 3 [pid 5180] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5180] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5180] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5180] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5180] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5180] close(3) = 0 [pid 5180] mkdir("./file0", 0777) = 0 [ 101.045813][ T5180] loop0: detected capacity change from 0 to 8192 [ 101.064196][ T5180] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 101.077251][ T5180] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 101.086487][ T5180] REISERFS (device loop0): using ordered data mode [pid 5180] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5180] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5180] chdir("./file0") = 0 [pid 5180] ioctl(4, LOOP_CLR_FD) = 0 [pid 5180] close(4) = 0 [pid 5180] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5180] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5180] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5180] exit_group(0) = ? [ 101.093072][ T5180] reiserfs: using flush barriers [ 101.099788][ T5180] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 101.116434][ T5180] REISERFS (device loop0): checking transaction log (loop0) [ 101.124769][ T5180] REISERFS (device loop0): Using tea hash to sort names [ 101.132656][ T5180] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5180] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5180, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./58", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./58", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./58/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./58/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./58/binderfs") = 0 umount2("./58/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./58/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./58/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./58/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./58/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./58/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./58") = 0 mkdir("./59", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5182 attached , child_tidptr=0x55555563d750) = 5182 [pid 5182] set_robust_list(0x55555563d760, 24) = 0 [pid 5182] chdir("./59") = 0 [pid 5182] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5182] setpgid(0, 0) = 0 [pid 5182] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5182] write(3, "1000", 4) = 4 [pid 5182] close(3) = 0 [pid 5182] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5182] memfd_create("syzkaller", 0) = 3 [pid 5182] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5182] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5182] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5182] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5182] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5182] close(3) = 0 [pid 5182] mkdir("./file0", 0777) = 0 [ 101.512671][ T5182] loop0: detected capacity change from 0 to 8192 [ 101.537952][ T5182] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 101.551159][ T5182] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 101.560489][ T5182] REISERFS (device loop0): using ordered data mode [ 101.567035][ T5182] reiserfs: using flush barriers [ 101.573477][ T5182] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 101.590345][ T5182] REISERFS (device loop0): checking transaction log (loop0) [ 101.598734][ T5182] REISERFS (device loop0): Using tea hash to sort names [pid 5182] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5182] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5182] chdir("./file0") = 0 [pid 5182] ioctl(4, LOOP_CLR_FD) = 0 [pid 5182] close(4) = 0 [pid 5182] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 101.606032][ T5182] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5182] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5182] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5182] exit_group(0) = ? [pid 5182] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5182, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./59", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./59", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./59/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./59/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./59/binderfs") = 0 umount2("./59/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./59/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./59/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./59/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./59/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./59/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./59") = 0 mkdir("./60", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5184 attached , child_tidptr=0x55555563d750) = 5184 [pid 5184] set_robust_list(0x55555563d760, 24) = 0 [pid 5184] chdir("./60") = 0 [pid 5184] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5184] setpgid(0, 0) = 0 [pid 5184] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5184] write(3, "1000", 4) = 4 [pid 5184] close(3) = 0 [pid 5184] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5184] memfd_create("syzkaller", 0) = 3 [pid 5184] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5184] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5184] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5184] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5184] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5184] close(3) = 0 [pid 5184] mkdir("./file0", 0777) = 0 [ 102.031346][ T5184] loop0: detected capacity change from 0 to 8192 [ 102.057726][ T5184] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 102.070874][ T5184] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 102.081165][ T5184] REISERFS (device loop0): using ordered data mode [ 102.087855][ T5184] reiserfs: using flush barriers [ 102.094488][ T5184] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 102.111650][ T5184] REISERFS (device loop0): checking transaction log (loop0) [ 102.120135][ T5184] REISERFS (device loop0): Using tea hash to sort names [pid 5184] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5184] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5184] chdir("./file0") = 0 [pid 5184] ioctl(4, LOOP_CLR_FD) = 0 [pid 5184] close(4) = 0 [ 102.127831][ T5184] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5184] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5184] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5184] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5184] exit_group(0) = ? [pid 5184] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5184, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./60", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./60", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./60/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./60/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./60/binderfs") = 0 umount2("./60/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./60/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./60/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./60/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./60/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./60/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./60") = 0 mkdir("./61", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5186 attached , child_tidptr=0x55555563d750) = 5186 [pid 5186] set_robust_list(0x55555563d760, 24) = 0 [pid 5186] chdir("./61") = 0 [pid 5186] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5186] setpgid(0, 0) = 0 [pid 5186] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5186] write(3, "1000", 4) = 4 [pid 5186] close(3) = 0 [pid 5186] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5186] memfd_create("syzkaller", 0) = 3 [pid 5186] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5186] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5186] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5186] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5186] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5186] close(3) = 0 [pid 5186] mkdir("./file0", 0777) = 0 [ 102.498577][ T5186] loop0: detected capacity change from 0 to 8192 [ 102.509701][ T5186] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 102.522754][ T5186] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 102.532469][ T5186] REISERFS (device loop0): using ordered data mode [ 102.539275][ T5186] reiserfs: using flush barriers [pid 5186] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5186] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5186] chdir("./file0") = 0 [pid 5186] ioctl(4, LOOP_CLR_FD) = 0 [pid 5186] close(4) = 0 [pid 5186] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5186] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5186] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5186] exit_group(0) = ? [pid 5186] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5186, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [ 102.546176][ T5186] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 102.562850][ T5186] REISERFS (device loop0): checking transaction log (loop0) [ 102.571232][ T5186] REISERFS (device loop0): Using tea hash to sort names [ 102.578997][ T5186] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./61", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./61", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./61/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./61/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./61/binderfs") = 0 umount2("./61/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./61/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./61/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./61/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./61/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./61/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./61") = 0 mkdir("./62", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5188 attached , child_tidptr=0x55555563d750) = 5188 [pid 5188] set_robust_list(0x55555563d760, 24) = 0 [pid 5188] chdir("./62") = 0 [pid 5188] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5188] setpgid(0, 0) = 0 [pid 5188] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5188] write(3, "1000", 4) = 4 [pid 5188] close(3) = 0 [pid 5188] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5188] memfd_create("syzkaller", 0) = 3 [pid 5188] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5188] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5188] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5188] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5188] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5188] close(3) = 0 [pid 5188] mkdir("./file0", 0777) = 0 [ 102.937338][ T5188] loop0: detected capacity change from 0 to 8192 [ 102.965825][ T5188] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 102.979036][ T5188] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 102.988525][ T5188] REISERFS (device loop0): using ordered data mode [ 102.995063][ T5188] reiserfs: using flush barriers [ 103.001866][ T5188] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 103.018511][ T5188] REISERFS (device loop0): checking transaction log (loop0) [pid 5188] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5188] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5188] chdir("./file0") = 0 [pid 5188] ioctl(4, LOOP_CLR_FD) = 0 [pid 5188] close(4) = 0 [pid 5188] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 103.027444][ T5188] REISERFS (device loop0): Using tea hash to sort names [ 103.038571][ T5188] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5188] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5188] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5188] exit_group(0) = ? [pid 5188] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5188, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./62", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./62", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./62/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./62/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./62/binderfs") = 0 umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./62/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./62/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./62/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./62") = 0 mkdir("./63", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5190 attached , child_tidptr=0x55555563d750) = 5190 [pid 5190] set_robust_list(0x55555563d760, 24) = 0 [pid 5190] chdir("./63") = 0 [pid 5190] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5190] setpgid(0, 0) = 0 [pid 5190] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5190] write(3, "1000", 4) = 4 [pid 5190] close(3) = 0 [pid 5190] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5190] memfd_create("syzkaller", 0) = 3 [pid 5190] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5190] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5190] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5190] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5190] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5190] close(3) = 0 [pid 5190] mkdir("./file0", 0777) = 0 [ 103.430901][ T5190] loop0: detected capacity change from 0 to 8192 [ 103.450123][ T5190] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 103.463455][ T5190] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 103.474316][ T5190] REISERFS (device loop0): using ordered data mode [pid 5190] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5190] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5190] chdir("./file0") = 0 [pid 5190] ioctl(4, LOOP_CLR_FD) = 0 [pid 5190] close(4) = 0 [ 103.481082][ T5190] reiserfs: using flush barriers [ 103.487802][ T5190] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 103.504494][ T5190] REISERFS (device loop0): checking transaction log (loop0) [ 103.513181][ T5190] REISERFS (device loop0): Using tea hash to sort names [ 103.520519][ T5190] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5190] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5190] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5190] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5190] exit_group(0) = ? [pid 5190] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5190, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./63", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./63", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./63/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./63/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./63/binderfs") = 0 umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./63/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./63/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./63/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./63") = 0 mkdir("./64", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5192 attached , child_tidptr=0x55555563d750) = 5192 [pid 5192] set_robust_list(0x55555563d760, 24) = 0 [pid 5192] chdir("./64") = 0 [pid 5192] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5192] setpgid(0, 0) = 0 [pid 5192] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5192] write(3, "1000", 4) = 4 [pid 5192] close(3) = 0 [pid 5192] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5192] memfd_create("syzkaller", 0) = 3 [pid 5192] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5192] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5192] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5192] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5192] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5192] close(3) = 0 [pid 5192] mkdir("./file0", 0777) = 0 [ 103.966491][ T5192] loop0: detected capacity change from 0 to 8192 [ 103.983148][ T5192] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 103.996453][ T5192] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 104.005799][ T5192] REISERFS (device loop0): using ordered data mode [pid 5192] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5192] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5192] chdir("./file0") = 0 [pid 5192] ioctl(4, LOOP_CLR_FD) = 0 [pid 5192] close(4) = 0 [pid 5192] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5192] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5192] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5192] exit_group(0) = ? [pid 5192] +++ exited with 0 +++ [ 104.012334][ T5192] reiserfs: using flush barriers [ 104.018932][ T5192] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 104.035805][ T5192] REISERFS (device loop0): checking transaction log (loop0) [ 104.044090][ T5192] REISERFS (device loop0): Using tea hash to sort names [ 104.051534][ T5192] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5192, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./64", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./64", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./64/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./64/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./64/binderfs") = 0 umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./64/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./64/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./64/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./64") = 0 mkdir("./65", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5194 attached , child_tidptr=0x55555563d750) = 5194 [pid 5194] set_robust_list(0x55555563d760, 24) = 0 [pid 5194] chdir("./65") = 0 [pid 5194] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5194] setpgid(0, 0) = 0 [pid 5194] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5194] write(3, "1000", 4) = 4 [pid 5194] close(3) = 0 [pid 5194] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5194] memfd_create("syzkaller", 0) = 3 [pid 5194] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5194] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5194] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5194] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5194] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5194] close(3) = 0 [pid 5194] mkdir("./file0", 0777) = 0 [ 104.432201][ T5194] loop0: detected capacity change from 0 to 8192 [ 104.448021][ T5194] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 104.461211][ T5194] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 104.470493][ T5194] REISERFS (device loop0): using ordered data mode [ 104.477152][ T5194] reiserfs: using flush barriers [pid 5194] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5194] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5194] chdir("./file0") = 0 [pid 5194] ioctl(4, LOOP_CLR_FD) = 0 [pid 5194] close(4) = 0 [pid 5194] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5194] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [ 104.483596][ T5194] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 104.500319][ T5194] REISERFS (device loop0): checking transaction log (loop0) [ 104.509220][ T5194] REISERFS (device loop0): Using tea hash to sort names [ 104.516726][ T5194] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5194] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5194] exit_group(0) = ? [pid 5194] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5194, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./65", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./65", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./65/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./65/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./65/binderfs") = 0 umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./65/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./65/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./65/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./65") = 0 mkdir("./66", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5196 attached , child_tidptr=0x55555563d750) = 5196 [pid 5196] set_robust_list(0x55555563d760, 24) = 0 [pid 5196] chdir("./66") = 0 [pid 5196] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5196] setpgid(0, 0) = 0 [pid 5196] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5196] write(3, "1000", 4) = 4 [pid 5196] close(3) = 0 [pid 5196] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5196] memfd_create("syzkaller", 0) = 3 [pid 5196] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5196] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5196] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5196] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5196] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5196] close(3) = 0 [pid 5196] mkdir("./file0", 0777) = 0 [ 104.892624][ T5196] loop0: detected capacity change from 0 to 8192 [ 104.919159][ T5196] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 104.932829][ T5196] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 104.942572][ T5196] REISERFS (device loop0): using ordered data mode [ 104.949523][ T5196] reiserfs: using flush barriers [ 104.956838][ T5196] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 104.973935][ T5196] REISERFS (device loop0): checking transaction log (loop0) [ 104.982918][ T5196] REISERFS (device loop0): Using tea hash to sort names [pid 5196] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5196] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5196] chdir("./file0") = 0 [pid 5196] ioctl(4, LOOP_CLR_FD) = 0 [pid 5196] close(4) = 0 [pid 5196] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5196] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5196] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5196] exit_group(0) = ? [ 104.990486][ T5196] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5196] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5196, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./66", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./66", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./66/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./66/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./66/binderfs") = 0 umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./66/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./66/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./66/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./66") = 0 mkdir("./67", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5198 attached , child_tidptr=0x55555563d750) = 5198 [pid 5198] set_robust_list(0x55555563d760, 24) = 0 [pid 5198] chdir("./67") = 0 [pid 5198] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5198] setpgid(0, 0) = 0 [pid 5198] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5198] write(3, "1000", 4) = 4 [pid 5198] close(3) = 0 [pid 5198] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5198] memfd_create("syzkaller", 0) = 3 [pid 5198] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5198] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5198] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5198] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5198] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5198] close(3) = 0 [pid 5198] mkdir("./file0", 0777) = 0 [ 105.421490][ T5198] loop0: detected capacity change from 0 to 8192 [ 105.433581][ T5198] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 105.446756][ T5198] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 105.457020][ T5198] REISERFS (device loop0): using ordered data mode [ 105.463552][ T5198] reiserfs: using flush barriers [pid 5198] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5198] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5198] chdir("./file0") = 0 [pid 5198] ioctl(4, LOOP_CLR_FD) = 0 [pid 5198] close(4) = 0 [ 105.470021][ T5198] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 105.486529][ T5198] REISERFS (device loop0): checking transaction log (loop0) [ 105.494631][ T5198] REISERFS (device loop0): Using tea hash to sort names [ 105.502072][ T5198] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5198] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5198] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5198] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5198] exit_group(0) = ? [pid 5198] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5198, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./67", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./67", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./67/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./67/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./67/binderfs") = 0 umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./67/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./67/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./67/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./67") = 0 mkdir("./68", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5200 attached [pid 5200] set_robust_list(0x55555563d760, 24) = 0 [pid 5061] <... clone resumed>, child_tidptr=0x55555563d750) = 5200 [pid 5200] chdir("./68") = 0 [pid 5200] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5200] setpgid(0, 0) = 0 [pid 5200] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5200] write(3, "1000", 4) = 4 [pid 5200] close(3) = 0 [pid 5200] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5200] memfd_create("syzkaller", 0) = 3 [pid 5200] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5200] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5200] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5200] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5200] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5200] close(3) = 0 [pid 5200] mkdir("./file0", 0777) = 0 [ 105.945924][ T5200] loop0: detected capacity change from 0 to 8192 [ 105.962305][ T5200] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 105.976127][ T5200] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 105.985681][ T5200] REISERFS (device loop0): using ordered data mode [pid 5200] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5200] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5200] chdir("./file0") = 0 [pid 5200] ioctl(4, LOOP_CLR_FD) = 0 [pid 5200] close(4) = 0 [pid 5200] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 105.992585][ T5200] reiserfs: using flush barriers [ 105.999324][ T5200] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 106.016231][ T5200] REISERFS (device loop0): checking transaction log (loop0) [ 106.024275][ T5200] REISERFS (device loop0): Using tea hash to sort names [ 106.032764][ T5200] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5200] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5200] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5200] exit_group(0) = ? [pid 5200] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5200, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- umount2("./68", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./68", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./68/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./68/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./68/binderfs") = 0 umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./68/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./68/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./68/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./68") = 0 mkdir("./69", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5202 attached , child_tidptr=0x55555563d750) = 5202 [pid 5202] set_robust_list(0x55555563d760, 24) = 0 [pid 5202] chdir("./69") = 0 [pid 5202] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5202] setpgid(0, 0) = 0 [pid 5202] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5202] write(3, "1000", 4) = 4 [pid 5202] close(3) = 0 [pid 5202] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5202] memfd_create("syzkaller", 0) = 3 [pid 5202] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5202] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5202] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5202] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5202] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5202] close(3) = 0 [pid 5202] mkdir("./file0", 0777) = 0 [ 106.414376][ T5202] loop0: detected capacity change from 0 to 8192 [ 106.430006][ T5202] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 106.443184][ T5202] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 106.452816][ T5202] REISERFS (device loop0): using ordered data mode [ 106.459513][ T5202] reiserfs: using flush barriers [pid 5202] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5202] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5202] chdir("./file0") = 0 [pid 5202] ioctl(4, LOOP_CLR_FD) = 0 [pid 5202] close(4) = 0 [pid 5202] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5202] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [ 106.466308][ T5202] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 106.482954][ T5202] REISERFS (device loop0): checking transaction log (loop0) [ 106.491696][ T5202] REISERFS (device loop0): Using tea hash to sort names [ 106.499009][ T5202] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5202] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5202] exit_group(0) = ? [pid 5202] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5202, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./69", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./69", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./69/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./69/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./69/binderfs") = 0 umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./69/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./69/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./69/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./69") = 0 mkdir("./70", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5204 attached [pid 5204] set_robust_list(0x55555563d760, 24) = 0 [pid 5204] chdir("./70" [pid 5061] <... clone resumed>, child_tidptr=0x55555563d750) = 5204 [pid 5204] <... chdir resumed>) = 0 [pid 5204] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5204] setpgid(0, 0) = 0 [pid 5204] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5204] write(3, "1000", 4) = 4 [pid 5204] close(3) = 0 [pid 5204] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5204] memfd_create("syzkaller", 0) = 3 [pid 5204] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5204] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5204] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5204] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5204] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5204] close(3) = 0 [pid 5204] mkdir("./file0", 0777) = 0 [ 106.933639][ T5204] loop0: detected capacity change from 0 to 8192 [ 106.958565][ T5204] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 106.971758][ T5204] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 106.981249][ T5204] REISERFS (device loop0): using ordered data mode [ 106.987887][ T5204] reiserfs: using flush barriers [ 106.994425][ T5204] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 107.012078][ T5204] REISERFS (device loop0): checking transaction log (loop0) [ 107.020792][ T5204] REISERFS (device loop0): Using tea hash to sort names [pid 5204] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5204] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5204] chdir("./file0") = 0 [pid 5204] ioctl(4, LOOP_CLR_FD) = 0 [pid 5204] close(4) = 0 [ 107.028179][ T5204] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5204] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5204] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5204] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5204] exit_group(0) = ? [pid 5204] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5204, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./70", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./70", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./70/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./70/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./70/binderfs") = 0 umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./70/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./70/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./70/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./70") = 0 mkdir("./71", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5206 attached , child_tidptr=0x55555563d750) = 5206 [pid 5206] set_robust_list(0x55555563d760, 24) = 0 [pid 5206] chdir("./71") = 0 [pid 5206] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5206] setpgid(0, 0) = 0 [pid 5206] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5206] write(3, "1000", 4) = 4 [pid 5206] close(3) = 0 [pid 5206] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5206] memfd_create("syzkaller", 0) = 3 [pid 5206] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5206] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5206] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5206] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5206] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5206] close(3) = 0 [pid 5206] mkdir("./file0", 0777) = 0 [ 107.441182][ T5206] loop0: detected capacity change from 0 to 8192 [ 107.457224][ T5206] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 107.470451][ T5206] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 107.479717][ T5206] REISERFS (device loop0): using ordered data mode [ 107.486363][ T5206] reiserfs: using flush barriers [pid 5206] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5206] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5206] chdir("./file0") = 0 [pid 5206] ioctl(4, LOOP_CLR_FD) = 0 [pid 5206] close(4) = 0 [pid 5206] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 107.493150][ T5206] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 107.509790][ T5206] REISERFS (device loop0): checking transaction log (loop0) [ 107.518400][ T5206] REISERFS (device loop0): Using tea hash to sort names [ 107.525872][ T5206] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5206] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5206] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5206] exit_group(0) = ? [pid 5206] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5206, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./71", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./71", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./71/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./71/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./71/binderfs") = 0 umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./71/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./71/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./71/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./71") = 0 mkdir("./72", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5208 attached , child_tidptr=0x55555563d750) = 5208 [pid 5208] set_robust_list(0x55555563d760, 24) = 0 [pid 5208] chdir("./72") = 0 [pid 5208] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5208] setpgid(0, 0) = 0 [pid 5208] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5208] write(3, "1000", 4) = 4 [pid 5208] close(3) = 0 [pid 5208] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5208] memfd_create("syzkaller", 0) = 3 [pid 5208] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5208] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5208] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5208] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5208] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5208] close(3) = 0 [pid 5208] mkdir("./file0", 0777) = 0 [ 107.973917][ T5208] loop0: detected capacity change from 0 to 8192 [ 107.990693][ T5208] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 108.003841][ T5208] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 108.013120][ T5208] REISERFS (device loop0): using ordered data mode [pid 5208] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5208] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5208] chdir("./file0") = 0 [pid 5208] ioctl(4, LOOP_CLR_FD) = 0 [pid 5208] close(4) = 0 [pid 5208] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5208] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [ 108.019750][ T5208] reiserfs: using flush barriers [ 108.026702][ T5208] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 108.043187][ T5208] REISERFS (device loop0): checking transaction log (loop0) [ 108.051715][ T5208] REISERFS (device loop0): Using tea hash to sort names [ 108.059002][ T5208] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5208] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5208] exit_group(0) = ? [pid 5208] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5208, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./72", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./72", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./72/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./72/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./72/binderfs") = 0 umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./72/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./72/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./72/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./72") = 0 mkdir("./73", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5210 attached , child_tidptr=0x55555563d750) = 5210 [pid 5210] set_robust_list(0x55555563d760, 24) = 0 [pid 5210] chdir("./73") = 0 [pid 5210] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5210] setpgid(0, 0) = 0 [pid 5210] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5210] write(3, "1000", 4) = 4 [pid 5210] close(3) = 0 [pid 5210] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5210] memfd_create("syzkaller", 0) = 3 [pid 5210] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5210] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5210] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5210] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5210] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5210] close(3) = 0 [pid 5210] mkdir("./file0", 0777) = 0 [ 108.430408][ T5210] loop0: detected capacity change from 0 to 8192 [ 108.455362][ T5210] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 108.468556][ T5210] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 108.477889][ T5210] REISERFS (device loop0): using ordered data mode [ 108.484422][ T5210] reiserfs: using flush barriers [ 108.491210][ T5210] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 108.507803][ T5210] REISERFS (device loop0): checking transaction log (loop0) [ 108.518368][ T5210] REISERFS (device loop0): Using tea hash to sort names [pid 5210] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5210] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5210] chdir("./file0") = 0 [pid 5210] ioctl(4, LOOP_CLR_FD) = 0 [pid 5210] close(4) = 0 [pid 5210] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5210] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [ 108.525960][ T5210] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5210] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5210] exit_group(0) = ? [pid 5210] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5210, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- umount2("./73", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./73", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./73/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./73/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./73/binderfs") = 0 umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./73/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./73/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./73/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./73") = 0 mkdir("./74", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5212 attached , child_tidptr=0x55555563d750) = 5212 [pid 5212] set_robust_list(0x55555563d760, 24) = 0 [pid 5212] chdir("./74") = 0 [pid 5212] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5212] setpgid(0, 0) = 0 [pid 5212] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5212] write(3, "1000", 4) = 4 [pid 5212] close(3) = 0 [pid 5212] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5212] memfd_create("syzkaller", 0) = 3 [pid 5212] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5212] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5212] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5212] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5212] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5212] close(3) = 0 [pid 5212] mkdir("./file0", 0777) = 0 [ 108.870530][ T5212] loop0: detected capacity change from 0 to 8192 [ 108.912859][ T5212] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 108.926122][ T5212] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 108.935359][ T5212] REISERFS (device loop0): using ordered data mode [ 108.941961][ T5212] reiserfs: using flush barriers [pid 5212] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5212] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5212] chdir("./file0") = 0 [pid 5212] ioctl(4, LOOP_CLR_FD) = 0 [pid 5212] close(4) = 0 [pid 5212] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 108.948555][ T5212] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 108.965225][ T5212] REISERFS (device loop0): checking transaction log (loop0) [ 108.973439][ T5212] REISERFS (device loop0): Using tea hash to sort names [ 108.980776][ T5212] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 109.036381][ T5212] [ 109.038753][ T5212] ====================================================== [ 109.045941][ T5212] WARNING: possible circular locking dependency detected [ 109.052961][ T5212] 6.7.0-rc7-syzkaller-00027-g505e701c0b2c #0 Not tainted [ 109.059977][ T5212] ------------------------------------------------------ [ 109.066995][ T5212] syz-executor514/5212 is trying to acquire lock: [ 109.073596][ T5212] ffff8880780e3090 (&sbi->lock){+.+.}-{3:3}, at: reiserfs_write_lock+0x79/0x100 [ 109.082956][ T5212] [ 109.082956][ T5212] but task is already holding lock: [ 109.090319][ T5212] ffff88807d127620 (&mm->mmap_lock){++++}-{3:3}, at: vm_mmap_pgoff+0x15d/0x3c0 [ 109.099453][ T5212] [ 109.099453][ T5212] which lock already depends on the new lock. [ 109.099453][ T5212] [ 109.109902][ T5212] [ 109.109902][ T5212] the existing dependency chain (in reverse order) is: [ 109.118917][ T5212] [ 109.118917][ T5212] -> #1 (&mm->mmap_lock){++++}-{3:3}: [ 109.126560][ T5212] __might_fault+0x11f/0x1a0 [ 109.131863][ T5212] reiserfs_ioctl+0x1c4/0x2e0 [ 109.137329][ T5212] __x64_sys_ioctl+0x18f/0x210 [ 109.142712][ T5212] do_syscall_64+0x40/0x110 [ 109.147756][ T5212] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 109.154181][ T5212] [ 109.154181][ T5212] -> #0 (&sbi->lock){+.+.}-{3:3}: [ 109.161479][ T5212] __lock_acquire+0x2433/0x3b20 [ 109.166863][ T5212] lock_acquire+0x1ae/0x520 [ 109.172063][ T5212] __mutex_lock+0x175/0x9d0 [ 109.177100][ T5212] reiserfs_write_lock+0x79/0x100 [ 109.182746][ T5212] reiserfs_dirty_inode+0xe6/0x270 [ 109.188561][ T5212] __mark_inode_dirty+0x1e0/0xd60 [ 109.194107][ T5212] generic_update_time+0xcf/0xf0 [ 109.199614][ T5212] touch_atime+0x4eb/0x5d0 [ 109.204549][ T5212] generic_file_mmap+0x120/0x160 [ 109.210130][ T5212] mmap_region+0x5e3/0x2830 [ 109.215159][ T5212] do_mmap+0x893/0xef0 [ 109.219760][ T5212] vm_mmap_pgoff+0x1a8/0x3c0 [ 109.225049][ T5212] ksys_mmap_pgoff+0x422/0x5b0 [ 109.230451][ T5212] __x64_sys_mmap+0x125/0x190 [ 109.235661][ T5212] do_syscall_64+0x40/0x110 [ 109.240688][ T5212] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 109.247116][ T5212] [ 109.247116][ T5212] other info that might help us debug this: [ 109.247116][ T5212] [ 109.257331][ T5212] Possible unsafe locking scenario: [ 109.257331][ T5212] [ 109.264766][ T5212] CPU0 CPU1 [ 109.270210][ T5212] ---- ---- [ 109.275824][ T5212] lock(&mm->mmap_lock); [ 109.280153][ T5212] lock(&sbi->lock); [ 109.286740][ T5212] lock(&mm->mmap_lock); [ 109.293588][ T5212] lock(&sbi->lock); [ 109.297565][ T5212] [ 109.297565][ T5212] *** DEADLOCK *** [ 109.297565][ T5212] [ 109.305787][ T5212] 2 locks held by syz-executor514/5212: [ 109.311339][ T5212] #0: ffff88807d127620 (&mm->mmap_lock){++++}-{3:3}, at: vm_mmap_pgoff+0x15d/0x3c0 [ 109.320741][ T5212] #1: ffff88801fefe418 (sb_writers#10){.+.+}-{0:0}, at: generic_file_mmap+0x120/0x160 [ 109.330505][ T5212] [ 109.330505][ T5212] stack backtrace: [ 109.336566][ T5212] CPU: 0 PID: 5212 Comm: syz-executor514 Not tainted 6.7.0-rc7-syzkaller-00027-g505e701c0b2c #0 [ 109.347158][ T5212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 109.357404][ T5212] Call Trace: [ 109.360774][ T5212] [ 109.363706][ T5212] dump_stack_lvl+0xd9/0x1b0 [ 109.368342][ T5212] check_noncircular+0x317/0x400 [ 109.373294][ T5212] ? stack_trace_save+0x96/0xd0 [ 109.378151][ T5212] ? print_circular_bug+0x5c0/0x5c0 [ 109.383451][ T5212] ? _find_first_zero_bit+0x94/0xb0 [ 109.388669][ T5212] ? add_lock_to_list+0x17d/0x380 [ 109.393714][ T5212] __lock_acquire+0x2433/0x3b20 [ 109.398583][ T5212] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 109.404569][ T5212] ? _find_first_zero_bit+0x94/0xb0 [ 109.409857][ T5212] lock_acquire+0x1ae/0x520 [ 109.414544][ T5212] ? reiserfs_write_lock+0x79/0x100 [ 109.419737][ T5212] ? lock_sync+0x190/0x190 [ 109.424153][ T5212] ? preempt_count_sub+0x160/0x160 [ 109.429267][ T5212] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 109.435275][ T5212] __mutex_lock+0x175/0x9d0 [ 109.439880][ T5212] ? reiserfs_write_lock+0x79/0x100 [ 109.445374][ T5212] ? reiserfs_write_lock+0x79/0x100 [ 109.450578][ T5212] ? find_held_lock+0x2d/0x110 [ 109.455363][ T5212] ? mutex_trylock+0x130/0x130 [ 109.460311][ T5212] ? timestamp_truncate+0x21f/0x2d0 [ 109.465785][ T5212] ? reiserfs_write_lock+0x79/0x100 [ 109.471064][ T5212] reiserfs_write_lock+0x79/0x100 [ 109.476097][ T5212] reiserfs_dirty_inode+0xe6/0x270 [ 109.481209][ T5212] ? reiserfs_unfreeze+0xa0/0xa0 [ 109.486242][ T5212] ? mode_strip_sgid+0x1c0/0x1c0 [ 109.491195][ T5212] ? reiserfs_unfreeze+0xa0/0xa0 [ 109.496218][ T5212] __mark_inode_dirty+0x1e0/0xd60 [ 109.501340][ T5212] generic_update_time+0xcf/0xf0 [ 109.506282][ T5212] touch_atime+0x4eb/0x5d0 [ 109.510693][ T5212] generic_file_mmap+0x120/0x160 [ 109.515720][ T5212] mmap_region+0x5e3/0x2830 [ 109.520480][ T5212] ? expand_stack+0x4b0/0x4b0 [ 109.525150][ T5212] ? security_mmap_addr+0x84/0xa0 [ 109.530177][ T5212] ? get_unmapped_area+0x2c5/0x3e0 [ 109.535429][ T5212] do_mmap+0x893/0xef0 [ 109.539493][ T5212] vm_mmap_pgoff+0x1a8/0x3c0 [ 109.544098][ T5212] ? randomize_page+0xb0/0xb0 [ 109.549045][ T5212] ? __fget_files+0x1c6/0x340 [ 109.553732][ T5212] ksys_mmap_pgoff+0x422/0x5b0 [ 109.558532][ T5212] ? _raw_spin_unlock_irq+0x2e/0x50 [ 109.563850][ T5212] __x64_sys_mmap+0x125/0x190 [ 109.568632][ T5212] do_syscall_64+0x40/0x110 [ 109.573172][ T5212] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 109.579079][ T5212] RIP: 0033:0x7f8f4c57b5a9 [ 109.583508][ T5212] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 109.603645][ T5212] RSP: 002b:00007ffe1e986d98 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 109.612062][ T5212] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f8f4c57b5a9 [ 109.620073][ T5212] RDX: 0000000000000000 RSI: 0000000000b36000 RDI: 0000000020000000 [ 109.628143][ T5212] RBP: 0000000000000000 R08: 0000000000000004 R09: 0000000000000000 [pid 5212] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5212] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5212] exit_group(0) = ? [pid 5212] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5212, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=12 /* 0.12 s */} --- umount2("./74", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./74", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./74/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./74/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./74/binderfs") = 0 [ 109.636122][ T5212] R10: 0000000000028011 R11: 0000000000000246 R12: 00007ffe1e986ddc [ 109.644090][ T5212] R13: 000000000000004a R14: 431bde82d7b634db R15: 00007ffe1e986e10 [ 109.652310][ T5212] umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./74/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./74/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./74/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./74") = 0 mkdir("./75", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555563d750) = 5215 ./strace-static-x86_64: Process 5215 attached [pid 5215] set_robust_list(0x55555563d760, 24) = 0 [pid 5215] chdir("./75") = 0 [pid 5215] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5215] setpgid(0, 0) = 0 [pid 5215] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5215] write(3, "1000", 4) = 4 [pid 5215] close(3) = 0 [pid 5215] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5215] memfd_create("syzkaller", 0) = 3 [pid 5215] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5215] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5215] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5215] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5215] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5215] close(3) = 0 [pid 5215] mkdir("./file0", 0777) = 0 [ 109.897968][ T5215] loop0: detected capacity change from 0 to 8192 [ 109.911785][ T5215] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 109.924944][ T5215] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 109.934277][ T5215] REISERFS (device loop0): using ordered data mode [ 109.941013][ T5215] reiserfs: using flush barriers [pid 5215] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5215] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5215] chdir("./file0") = 0 [pid 5215] ioctl(4, LOOP_CLR_FD) = 0 [pid 5215] close(4) = 0 [pid 5215] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5215] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5215] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5215] exit_group(0) = ? [ 109.947447][ T5215] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 109.964237][ T5215] REISERFS (device loop0): checking transaction log (loop0) [ 109.972449][ T5215] REISERFS (device loop0): Using tea hash to sort names [ 109.979790][ T5215] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5215] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5215, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- umount2("./75", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./75", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./75/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./75/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./75/binderfs") = 0 umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./75/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./75/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./75/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./75") = 0 mkdir("./76", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5217 attached [pid 5217] set_robust_list(0x55555563d760, 24) = 0 [pid 5217] chdir("./76") = 0 [pid 5217] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5217] setpgid(0, 0) = 0 [pid 5217] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5061] <... clone resumed>, child_tidptr=0x55555563d750) = 5217 [pid 5217] <... openat resumed>) = 3 [pid 5217] write(3, "1000", 4) = 4 [pid 5217] close(3) = 0 [pid 5217] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5217] memfd_create("syzkaller", 0) = 3 [pid 5217] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5217] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5217] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5217] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5217] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5217] close(3) = 0 [pid 5217] mkdir("./file0", 0777) = 0 [ 110.334649][ T5217] loop0: detected capacity change from 0 to 8192 [ 110.349941][ T5217] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 110.362993][ T5217] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 110.372887][ T5217] REISERFS (device loop0): using ordered data mode [ 110.379841][ T5217] reiserfs: using flush barriers [pid 5217] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5217] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5217] chdir("./file0") = 0 [ 110.386399][ T5217] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 110.403442][ T5217] REISERFS (device loop0): checking transaction log (loop0) [ 110.411644][ T5217] REISERFS (device loop0): Using tea hash to sort names [ 110.418866][ T5217] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5217] ioctl(4, LOOP_CLR_FD) = 0 [pid 5217] close(4) = 0 [pid 5217] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5217] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5217] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5217] exit_group(0) = ? [pid 5217] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5217, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./76", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./76", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./76/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./76/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./76/binderfs") = 0 umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./76/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./76/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./76/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./76") = 0 mkdir("./77", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5219 attached [pid 5219] set_robust_list(0x55555563d760, 24) = 0 [pid 5219] chdir("./77") = 0 [pid 5219] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5219] setpgid(0, 0) = 0 [pid 5219] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5061] <... clone resumed>, child_tidptr=0x55555563d750) = 5219 [pid 5219] <... openat resumed>) = 3 [pid 5219] write(3, "1000", 4) = 4 [pid 5219] close(3) = 0 [pid 5219] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5219] memfd_create("syzkaller", 0) = 3 [pid 5219] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5219] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5219] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5219] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5219] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5219] close(3) = 0 [pid 5219] mkdir("./file0", 0777) = 0 [ 110.792339][ T5219] loop0: detected capacity change from 0 to 8192 [ 110.807284][ T5219] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 110.820978][ T5219] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 110.830416][ T5219] REISERFS (device loop0): using ordered data mode [ 110.837093][ T5219] reiserfs: using flush barriers [pid 5219] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5219] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5219] chdir("./file0") = 0 [pid 5219] ioctl(4, LOOP_CLR_FD) = 0 [pid 5219] close(4) = 0 [pid 5219] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 110.843550][ T5219] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 110.860197][ T5219] REISERFS (device loop0): checking transaction log (loop0) [ 110.868490][ T5219] REISERFS (device loop0): Using tea hash to sort names [ 110.876002][ T5219] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5219] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5219] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5219] exit_group(0) = ? [pid 5219] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5219, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- umount2("./77", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./77", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./77/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./77/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./77/binderfs") = 0 umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./77/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./77/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./77/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./77") = 0 mkdir("./78", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5222 attached , child_tidptr=0x55555563d750) = 5222 [pid 5222] set_robust_list(0x55555563d760, 24) = 0 [pid 5222] chdir("./78") = 0 [pid 5222] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5222] setpgid(0, 0) = 0 [pid 5222] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5222] write(3, "1000", 4) = 4 [pid 5222] close(3) = 0 [pid 5222] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5222] memfd_create("syzkaller", 0) = 3 [pid 5222] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5222] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5222] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5222] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5222] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5222] close(3) = 0 [pid 5222] mkdir("./file0", 0777) = 0 [ 111.286116][ T5222] loop0: detected capacity change from 0 to 8192 [ 111.310878][ T5222] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 111.324557][ T5222] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 111.333892][ T5222] REISERFS (device loop0): using ordered data mode [ 111.340523][ T5222] reiserfs: using flush barriers [ 111.346870][ T5222] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 111.364569][ T5222] REISERFS (device loop0): checking transaction log (loop0) [ 111.372880][ T5222] REISERFS (device loop0): Using tea hash to sort names [pid 5222] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5222] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [ 111.380458][ T5222] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5222] chdir("./file0") = 0 [pid 5222] ioctl(4, LOOP_CLR_FD) = 0 [pid 5222] close(4) = 0 [pid 5222] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5222] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5222] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5222] exit_group(0) = ? [pid 5222] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5222, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./78", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./78", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./78/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./78/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./78/binderfs") = 0 umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./78/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./78/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./78/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./78") = 0 mkdir("./79", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5225 attached [pid 5225] set_robust_list(0x55555563d760, 24) = 0 [pid 5225] chdir("./79" [pid 5061] <... clone resumed>, child_tidptr=0x55555563d750) = 5225 [pid 5225] <... chdir resumed>) = 0 [pid 5225] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5225] setpgid(0, 0) = 0 [pid 5225] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5225] write(3, "1000", 4) = 4 [pid 5225] close(3) = 0 [pid 5225] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5225] memfd_create("syzkaller", 0) = 3 [pid 5225] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5225] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5225] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5225] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5225] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5225] close(3) = 0 [pid 5225] mkdir("./file0", 0777) = 0 [ 111.748966][ T5225] loop0: detected capacity change from 0 to 8192 [ 111.765274][ T5225] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 111.778674][ T5225] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 111.788425][ T5225] REISERFS (device loop0): using ordered data mode [pid 5225] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5225] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5225] chdir("./file0") = 0 [pid 5225] ioctl(4, LOOP_CLR_FD) = 0 [pid 5225] close(4) = 0 [pid 5225] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 111.795062][ T5225] reiserfs: using flush barriers [ 111.801444][ T5225] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 111.818709][ T5225] REISERFS (device loop0): checking transaction log (loop0) [ 111.826913][ T5225] REISERFS (device loop0): Using tea hash to sort names [ 111.834373][ T5225] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5225] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5225] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5225] exit_group(0) = ? [pid 5225] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5225, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- umount2("./79", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./79", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./79/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./79/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./79/binderfs") = 0 umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./79/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./79/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./79/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./79") = 0 mkdir("./80", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5228 attached , child_tidptr=0x55555563d750) = 5228 [pid 5228] set_robust_list(0x55555563d760, 24) = 0 [pid 5228] chdir("./80") = 0 [pid 5228] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5228] setpgid(0, 0) = 0 [pid 5228] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5228] write(3, "1000", 4) = 4 [pid 5228] close(3) = 0 [pid 5228] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5228] memfd_create("syzkaller", 0) = 3 [pid 5228] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5228] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5228] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5228] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5228] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5228] close(3) = 0 [pid 5228] mkdir("./file0", 0777) = 0 [ 112.260692][ T5228] loop0: detected capacity change from 0 to 8192 [ 112.276369][ T5228] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 112.289822][ T5228] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 112.299549][ T5228] REISERFS (device loop0): using ordered data mode [ 112.306086][ T5228] reiserfs: using flush barriers [pid 5228] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5228] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5228] chdir("./file0") = 0 [pid 5228] ioctl(4, LOOP_CLR_FD) = 0 [pid 5228] close(4) = 0 [pid 5228] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 112.312381][ T5228] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 112.329644][ T5228] REISERFS (device loop0): checking transaction log (loop0) [ 112.338017][ T5228] REISERFS (device loop0): Using tea hash to sort names [ 112.345234][ T5228] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5228] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5228] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5228] exit_group(0) = ? [pid 5228] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5228, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./80", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./80", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./80/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./80/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./80/binderfs") = 0 umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./80/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./80/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./80/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./80") = 0 mkdir("./81", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5230 attached , child_tidptr=0x55555563d750) = 5230 [pid 5230] set_robust_list(0x55555563d760, 24) = 0 [pid 5230] chdir("./81") = 0 [pid 5230] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5230] setpgid(0, 0) = 0 [pid 5230] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5230] write(3, "1000", 4) = 4 [pid 5230] close(3) = 0 [pid 5230] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5230] memfd_create("syzkaller", 0) = 3 [pid 5230] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5230] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5230] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5230] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5230] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5230] close(3) = 0 [pid 5230] mkdir("./file0", 0777) = 0 [ 112.652281][ T5230] loop0: detected capacity change from 0 to 8192 [ 112.665817][ T5230] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 112.679576][ T5230] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 112.689015][ T5230] REISERFS (device loop0): using ordered data mode [ 112.695767][ T5230] reiserfs: using flush barriers [pid 5230] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5230] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5230] chdir("./file0") = 0 [pid 5230] ioctl(4, LOOP_CLR_FD) = 0 [pid 5230] close(4) = 0 [ 112.702245][ T5230] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 112.718898][ T5230] REISERFS (device loop0): checking transaction log (loop0) [ 112.727109][ T5230] REISERFS (device loop0): Using tea hash to sort names [ 112.734699][ T5230] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5230] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5230] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5230] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5230] exit_group(0) = ? [pid 5230] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5230, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- umount2("./81", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./81", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./81/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./81/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./81/binderfs") = 0 umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./81/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./81/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./81/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./81") = 0 mkdir("./82", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5232 attached [pid 5232] set_robust_list(0x55555563d760, 24) = 0 [pid 5232] chdir("./82") = 0 [pid 5232] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5232] setpgid(0, 0) = 0 [pid 5232] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5061] <... clone resumed>, child_tidptr=0x55555563d750) = 5232 [pid 5232] <... openat resumed>) = 3 [pid 5232] write(3, "1000", 4) = 4 [pid 5232] close(3) = 0 [pid 5232] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5232] memfd_create("syzkaller", 0) = 3 [pid 5232] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5232] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5232] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5232] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5232] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5232] close(3) = 0 [pid 5232] mkdir("./file0", 0777) = 0 [ 113.061004][ T5232] loop0: detected capacity change from 0 to 8192 [ 113.074311][ T5232] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 113.087897][ T5232] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 113.097232][ T5232] REISERFS (device loop0): using ordered data mode [ 113.103734][ T5232] reiserfs: using flush barriers [pid 5232] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5232] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5232] chdir("./file0") = 0 [pid 5232] ioctl(4, LOOP_CLR_FD) = 0 [pid 5232] close(4) = 0 [pid 5232] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 113.110161][ T5232] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 113.127044][ T5232] REISERFS (device loop0): checking transaction log (loop0) [ 113.135236][ T5232] REISERFS (device loop0): Using tea hash to sort names [ 113.142604][ T5232] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5232] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5232] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5232] exit_group(0) = ? [pid 5232] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5232, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- umount2("./82", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./82", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./82/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./82/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./82/binderfs") = 0 umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./82/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./82/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./82/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./82") = 0 mkdir("./83", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555563d750) = 5236 ./strace-static-x86_64: Process 5236 attached [pid 5236] set_robust_list(0x55555563d760, 24) = 0 [pid 5236] chdir("./83") = 0 [pid 5236] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5236] setpgid(0, 0) = 0 [pid 5236] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5236] write(3, "1000", 4) = 4 [pid 5236] close(3) = 0 [pid 5236] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5236] memfd_create("syzkaller", 0) = 3 [pid 5236] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5236] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5236] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5236] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5236] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5236] close(3) = 0 [pid 5236] mkdir("./file0", 0777) = 0 [ 113.611012][ T5236] loop0: detected capacity change from 0 to 8192 [ 113.620983][ T5236] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 113.634793][ T5236] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 113.644106][ T5236] REISERFS (device loop0): using ordered data mode [ 113.650815][ T5236] reiserfs: using flush barriers [pid 5236] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5236] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5236] chdir("./file0") = 0 [pid 5236] ioctl(4, LOOP_CLR_FD) = 0 [pid 5236] close(4) = 0 [pid 5236] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5236] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [ 113.657236][ T5236] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 113.673716][ T5236] REISERFS (device loop0): checking transaction log (loop0) [ 113.681818][ T5236] REISERFS (device loop0): Using tea hash to sort names [ 113.689305][ T5236] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5236] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5236] exit_group(0) = ? [pid 5236] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5236, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./83", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./83", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./83/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./83/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./83/binderfs") = 0 umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./83/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./83/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./83/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./83") = 0 mkdir("./84", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5238 attached , child_tidptr=0x55555563d750) = 5238 [pid 5238] set_robust_list(0x55555563d760, 24) = 0 [pid 5238] chdir("./84") = 0 [pid 5238] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5238] setpgid(0, 0) = 0 [pid 5238] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5238] write(3, "1000", 4) = 4 [pid 5238] close(3) = 0 [pid 5238] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5238] memfd_create("syzkaller", 0) = 3 [pid 5238] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5238] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5238] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5238] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5238] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5238] close(3) = 0 [pid 5238] mkdir("./file0", 0777) = 0 [ 114.066732][ T5238] loop0: detected capacity change from 0 to 8192 [ 114.076740][ T5238] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 114.089831][ T5238] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 114.099553][ T5238] REISERFS (device loop0): using ordered data mode [ 114.106247][ T5238] reiserfs: using flush barriers [pid 5238] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5238] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5238] chdir("./file0") = 0 [pid 5238] ioctl(4, LOOP_CLR_FD) = 0 [pid 5238] close(4) = 0 [pid 5238] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5238] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5238] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [ 114.112723][ T5238] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 114.129257][ T5238] REISERFS (device loop0): checking transaction log (loop0) [ 114.137557][ T5238] REISERFS (device loop0): Using tea hash to sort names [ 114.144776][ T5238] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5238] exit_group(0) = ? [pid 5238] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5238, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./84", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./84", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./84/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./84/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./84/binderfs") = 0 umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./84/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./84/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./84/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./84") = 0 mkdir("./85", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5240 attached , child_tidptr=0x55555563d750) = 5240 [pid 5240] set_robust_list(0x55555563d760, 24) = 0 [pid 5240] chdir("./85") = 0 [pid 5240] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5240] setpgid(0, 0) = 0 [pid 5240] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5240] write(3, "1000", 4) = 4 [pid 5240] close(3) = 0 [pid 5240] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5240] memfd_create("syzkaller", 0) = 3 [pid 5240] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5240] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5240] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5240] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5240] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5240] close(3) = 0 [pid 5240] mkdir("./file0", 0777) = 0 [ 114.508594][ T5240] loop0: detected capacity change from 0 to 8192 [ 114.518664][ T5240] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 114.531894][ T5240] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 114.541156][ T5240] REISERFS (device loop0): using ordered data mode [ 114.547717][ T5240] reiserfs: using flush barriers [pid 5240] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5240] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5240] chdir("./file0") = 0 [pid 5240] ioctl(4, LOOP_CLR_FD) = 0 [pid 5240] close(4) = 0 [pid 5240] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 114.553974][ T5240] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 114.570869][ T5240] REISERFS (device loop0): checking transaction log (loop0) [ 114.578889][ T5240] REISERFS (device loop0): Using tea hash to sort names [ 114.586497][ T5240] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5240] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5240] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5240] exit_group(0) = ? [pid 5240] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5240, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./85", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./85", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./85/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./85/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./85/binderfs") = 0 umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./85/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./85/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./85/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./85") = 0 mkdir("./86", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5242 attached , child_tidptr=0x55555563d750) = 5242 [pid 5242] set_robust_list(0x55555563d760, 24) = 0 [pid 5242] chdir("./86") = 0 [pid 5242] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5242] setpgid(0, 0) = 0 [pid 5242] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5242] write(3, "1000", 4) = 4 [pid 5242] close(3) = 0 [pid 5242] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5242] memfd_create("syzkaller", 0) = 3 [pid 5242] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5242] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5242] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5242] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5242] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5242] close(3) = 0 [pid 5242] mkdir("./file0", 0777) = 0 [ 114.931611][ T5242] loop0: detected capacity change from 0 to 8192 [ 114.941565][ T5242] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 114.954958][ T5242] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 114.964460][ T5242] REISERFS (device loop0): using ordered data mode [ 114.971348][ T5242] reiserfs: using flush barriers [pid 5242] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5242] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5242] chdir("./file0") = 0 [pid 5242] ioctl(4, LOOP_CLR_FD) = 0 [pid 5242] close(4) = 0 [pid 5242] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 114.978136][ T5242] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 114.994831][ T5242] REISERFS (device loop0): checking transaction log (loop0) [ 115.003825][ T5242] REISERFS (device loop0): Using tea hash to sort names [ 115.011558][ T5242] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5242] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5242] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5242] exit_group(0) = ? [pid 5242] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5242, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./86", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./86", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./86/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./86/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./86/binderfs") = 0 umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./86/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./86/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./86/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./86") = 0 mkdir("./87", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5244 attached [pid 5244] set_robust_list(0x55555563d760, 24) = 0 [pid 5244] chdir("./87") = 0 [pid 5061] <... clone resumed>, child_tidptr=0x55555563d750) = 5244 [pid 5244] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5244] setpgid(0, 0) = 0 [pid 5244] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5244] write(3, "1000", 4) = 4 [pid 5244] close(3) = 0 [pid 5244] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5244] memfd_create("syzkaller", 0) = 3 [pid 5244] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5244] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5244] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5244] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5244] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5244] close(3) = 0 [pid 5244] mkdir("./file0", 0777) = 0 [ 115.302048][ T5244] loop0: detected capacity change from 0 to 8192 [ 115.311578][ T5244] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 115.324637][ T5244] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 115.333907][ T5244] REISERFS (device loop0): using ordered data mode [ 115.340463][ T5244] reiserfs: using flush barriers [pid 5244] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5244] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5244] chdir("./file0") = 0 [pid 5244] ioctl(4, LOOP_CLR_FD) = 0 [pid 5244] close(4) = 0 [pid 5244] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5244] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5244] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [ 115.347125][ T5244] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 115.363752][ T5244] REISERFS (device loop0): checking transaction log (loop0) [ 115.372055][ T5244] REISERFS (device loop0): Using tea hash to sort names [ 115.379335][ T5244] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5244] exit_group(0) = ? [pid 5244] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5244, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./87", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./87", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./87/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./87/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./87/binderfs") = 0 umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./87/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./87/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./87/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./87") = 0 mkdir("./88", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5246 attached , child_tidptr=0x55555563d750) = 5246 [pid 5246] set_robust_list(0x55555563d760, 24) = 0 [pid 5246] chdir("./88") = 0 [pid 5246] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5246] setpgid(0, 0) = 0 [pid 5246] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5246] write(3, "1000", 4) = 4 [pid 5246] close(3) = 0 [pid 5246] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5246] memfd_create("syzkaller", 0) = 3 [pid 5246] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5246] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5246] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5246] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5246] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5246] close(3) = 0 [pid 5246] mkdir("./file0", 0777) = 0 [ 115.723187][ T5246] loop0: detected capacity change from 0 to 8192 [ 115.738394][ T5246] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 115.751672][ T5246] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 115.761115][ T5246] REISERFS (device loop0): using ordered data mode [pid 5246] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5246] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5246] chdir("./file0") = 0 [pid 5246] ioctl(4, LOOP_CLR_FD) = 0 [pid 5246] close(4) = 0 [pid 5246] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 115.767749][ T5246] reiserfs: using flush barriers [ 115.777106][ T5246] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 115.794364][ T5246] REISERFS (device loop0): checking transaction log (loop0) [ 115.802738][ T5246] REISERFS (device loop0): Using tea hash to sort names [ 115.810026][ T5246] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5246] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5246] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5246] exit_group(0) = ? [pid 5246] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5246, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./88", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./88", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./88/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./88/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./88/binderfs") = 0 umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./88/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./88/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./88/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./88") = 0 mkdir("./89", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5248 attached , child_tidptr=0x55555563d750) = 5248 [pid 5248] set_robust_list(0x55555563d760, 24) = 0 [pid 5248] chdir("./89") = 0 [pid 5248] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5248] setpgid(0, 0) = 0 [pid 5248] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5248] write(3, "1000", 4) = 4 [pid 5248] close(3) = 0 [pid 5248] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5248] memfd_create("syzkaller", 0) = 3 [pid 5248] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5248] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5248] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5248] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5248] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5248] close(3) = 0 [pid 5248] mkdir("./file0", 0777) = 0 [ 116.212259][ T5248] loop0: detected capacity change from 0 to 8192 [ 116.226030][ T5248] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 116.239262][ T5248] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 116.248518][ T5248] REISERFS (device loop0): using ordered data mode [ 116.255071][ T5248] reiserfs: using flush barriers [pid 5248] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5248] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5248] chdir("./file0") = 0 [pid 5248] ioctl(4, LOOP_CLR_FD) = 0 [pid 5248] close(4) = 0 [pid 5248] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5248] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5248] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5248] exit_group(0) = ? [pid 5248] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5248, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [ 116.261769][ T5248] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 116.278385][ T5248] REISERFS (device loop0): checking transaction log (loop0) [ 116.286644][ T5248] REISERFS (device loop0): Using tea hash to sort names [ 116.293956][ T5248] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./89", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./89", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./89/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./89/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./89/binderfs") = 0 umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./89/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./89/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./89/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./89") = 0 mkdir("./90", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5250 attached , child_tidptr=0x55555563d750) = 5250 [pid 5250] set_robust_list(0x55555563d760, 24) = 0 [pid 5250] chdir("./90") = 0 [pid 5250] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5250] setpgid(0, 0) = 0 [pid 5250] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5250] write(3, "1000", 4) = 4 [pid 5250] close(3) = 0 [pid 5250] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5250] memfd_create("syzkaller", 0) = 3 [pid 5250] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5250] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5250] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5250] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5250] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5250] close(3) = 0 [pid 5250] mkdir("./file0", 0777) = 0 [ 116.648344][ T5250] loop0: detected capacity change from 0 to 8192 [ 116.661953][ T5250] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 116.675013][ T5250] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 116.685042][ T5250] REISERFS (device loop0): using ordered data mode [ 116.691591][ T5250] reiserfs: using flush barriers [pid 5250] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5250] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5250] chdir("./file0") = 0 [pid 5250] ioctl(4, LOOP_CLR_FD) = 0 [pid 5250] close(4) = 0 [pid 5250] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5250] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [ 116.697866][ T5250] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 116.714453][ T5250] REISERFS (device loop0): checking transaction log (loop0) [ 116.722661][ T5250] REISERFS (device loop0): Using tea hash to sort names [ 116.729887][ T5250] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5250] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5250] exit_group(0) = ? [pid 5250] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5250, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- umount2("./90", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./90", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./90/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./90/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./90/binderfs") = 0 umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./90/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./90/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./90/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./90") = 0 mkdir("./91", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5252 attached [pid 5252] set_robust_list(0x55555563d760, 24) = 0 [pid 5252] chdir("./91") = 0 [pid 5252] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5252] setpgid(0, 0) = 0 [pid 5252] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5061] <... clone resumed>, child_tidptr=0x55555563d750) = 5252 [pid 5252] write(3, "1000", 4) = 4 [pid 5252] close(3) = 0 [pid 5252] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5252] memfd_create("syzkaller", 0) = 3 [pid 5252] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5252] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5252] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5252] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5252] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5252] close(3) = 0 [pid 5252] mkdir("./file0", 0777) = 0 [ 117.057449][ T5252] loop0: detected capacity change from 0 to 8192 [ 117.082017][ T5252] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 117.095165][ T5252] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 117.104622][ T5252] REISERFS (device loop0): using ordered data mode [ 117.111197][ T5252] reiserfs: using flush barriers [ 117.117581][ T5252] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 117.134037][ T5252] REISERFS (device loop0): checking transaction log (loop0) [ 117.142531][ T5252] REISERFS (device loop0): Using tea hash to sort names [pid 5252] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5252] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5252] chdir("./file0") = 0 [pid 5252] ioctl(4, LOOP_CLR_FD) = 0 [pid 5252] close(4) = 0 [ 117.150687][ T5252] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5252] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5252] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5252] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5252] exit_group(0) = ? [pid 5252] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5252, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./91", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./91", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./91/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./91/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./91/binderfs") = 0 umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./91/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./91/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./91/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./91") = 0 mkdir("./92", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5254 attached [pid 5254] set_robust_list(0x55555563d760, 24) = 0 [pid 5254] chdir("./92") = 0 [pid 5254] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5254] setpgid(0, 0 [pid 5061] <... clone resumed>, child_tidptr=0x55555563d750) = 5254 [pid 5254] <... setpgid resumed>) = 0 [pid 5254] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5254] write(3, "1000", 4) = 4 [pid 5254] close(3) = 0 [pid 5254] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5254] memfd_create("syzkaller", 0) = 3 [pid 5254] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5254] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5254] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5254] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5254] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5254] close(3) = 0 [pid 5254] mkdir("./file0", 0777) = 0 [ 117.510849][ T5254] loop0: detected capacity change from 0 to 8192 [ 117.530586][ T5254] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 117.544008][ T5254] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 117.553412][ T5254] REISERFS (device loop0): using ordered data mode [pid 5254] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5254] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5254] chdir("./file0") = 0 [pid 5254] ioctl(4, LOOP_CLR_FD) = 0 [pid 5254] close(4) = 0 [pid 5254] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 117.559990][ T5254] reiserfs: using flush barriers [ 117.566459][ T5254] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 117.583155][ T5254] REISERFS (device loop0): checking transaction log (loop0) [ 117.591533][ T5254] REISERFS (device loop0): Using tea hash to sort names [ 117.598852][ T5254] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5254] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5254] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5254] exit_group(0) = ? [pid 5254] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5254, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./92", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./92", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./92/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./92/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./92/binderfs") = 0 umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./92/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./92/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./92/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./92") = 0 mkdir("./93", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5256 attached [pid 5256] set_robust_list(0x55555563d760, 24) = 0 [pid 5256] chdir("./93") = 0 [pid 5256] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5256] setpgid(0, 0) = 0 [pid 5256] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5061] <... clone resumed>, child_tidptr=0x55555563d750) = 5256 [pid 5256] write(3, "1000", 4) = 4 [pid 5256] close(3) = 0 [pid 5256] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5256] memfd_create("syzkaller", 0) = 3 [pid 5256] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5256] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5256] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5256] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5256] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5256] close(3) = 0 [pid 5256] mkdir("./file0", 0777) = 0 [ 117.933247][ T5256] loop0: detected capacity change from 0 to 8192 [ 117.947785][ T5256] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 117.960848][ T5256] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 117.970809][ T5256] REISERFS (device loop0): using ordered data mode [ 117.977521][ T5256] reiserfs: using flush barriers [pid 5256] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5256] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5256] chdir("./file0") = 0 [pid 5256] ioctl(4, LOOP_CLR_FD) = 0 [ 117.983793][ T5256] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 118.000408][ T5256] REISERFS (device loop0): checking transaction log (loop0) [ 118.009029][ T5256] REISERFS (device loop0): Using tea hash to sort names [ 118.016349][ T5256] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5256] close(4) = 0 [pid 5256] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5256] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5256] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5256] exit_group(0) = ? [pid 5256] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5256, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./93", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./93", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./93/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./93/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./93/binderfs") = 0 umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./93/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./93/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./93/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./93") = 0 mkdir("./94", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5258 attached [pid 5258] set_robust_list(0x55555563d760, 24) = 0 [pid 5258] chdir("./94") = 0 [pid 5258] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5258] setpgid(0, 0) = 0 [pid 5258] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5061] <... clone resumed>, child_tidptr=0x55555563d750) = 5258 [pid 5258] <... openat resumed>) = 3 [pid 5258] write(3, "1000", 4) = 4 [pid 5258] close(3) = 0 [pid 5258] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5258] memfd_create("syzkaller", 0) = 3 [pid 5258] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5258] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5258] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5258] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5258] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5258] close(3) = 0 [pid 5258] mkdir("./file0", 0777) = 0 [ 118.414256][ T5258] loop0: detected capacity change from 0 to 8192 [ 118.430435][ T5258] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 118.443657][ T5258] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 118.452899][ T5258] REISERFS (device loop0): using ordered data mode [ 118.459456][ T5258] reiserfs: using flush barriers [pid 5258] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5258] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5258] chdir("./file0") = 0 [pid 5258] ioctl(4, LOOP_CLR_FD) = 0 [pid 5258] close(4) = 0 [pid 5258] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 118.465696][ T5258] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 118.482351][ T5258] REISERFS (device loop0): checking transaction log (loop0) [ 118.490578][ T5258] REISERFS (device loop0): Using tea hash to sort names [ 118.497873][ T5258] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5258] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5258] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5258] exit_group(0) = ? [pid 5258] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5258, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./94", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./94", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./94/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./94/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./94/binderfs") = 0 umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./94/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./94/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./94/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./94") = 0 mkdir("./95", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5260 attached , child_tidptr=0x55555563d750) = 5260 [pid 5260] set_robust_list(0x55555563d760, 24) = 0 [pid 5260] chdir("./95") = 0 [pid 5260] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5260] setpgid(0, 0) = 0 [pid 5260] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5260] write(3, "1000", 4) = 4 [pid 5260] close(3) = 0 [pid 5260] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5260] memfd_create("syzkaller", 0) = 3 [pid 5260] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000 [pid 5260] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5260] munmap(0x7f8f4413c000, 138412032) = 0 [pid 5260] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5260] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5260] close(3) = 0 [pid 5260] mkdir("./file0", 0777) = 0 [ 118.794180][ T5260] loop0: detected capacity change from 0 to 8192 [ 118.807603][ T5260] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 118.820625][ T5260] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 118.829999][ T5260] REISERFS (device loop0): using ordered data mode [ 118.836667][ T5260] reiserfs: using flush barriers [pid 5260] mount("/dev/loop0", "./file0", "reiserfs", MS_NODEV|MS_SILENT|MS_I_VERSION, "") = 0 [pid 5260] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5260] chdir("./file0") = 0 [pid 5260] ioctl(4, LOOP_CLR_FD) = 0 [pid 5260] close(4) = 0 [pid 5260] openat(AT_FDCWD, "blkio.bfq.idle_time", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5260] mmap(0x20000000, 11755520, PROT_NONE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5260] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5260] exit_group(0) = ? [ 118.842860][ T5260] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 118.859630][ T5260] REISERFS (device loop0): checking transaction log (loop0) [ 118.867650][ T5260] REISERFS (device loop0): Using tea hash to sort names [ 118.874910][ T5260] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5260] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5260, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- umount2("./95", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./95", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55555563e7f0 /* 4 entries */, 32768) = 112 umount2("./95/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./95/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./95/binderfs") = 0 umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./95/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./95/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555555646830 /* 2 entries */, 32768) = 48 getdents64(4, 0x555555646830 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./95/file0") = 0 getdents64(3, 0x55555563e7f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./95") = 0 mkdir("./96", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5262 attached [pid 5262] set_robust_list(0x55555563d760, 24) = 0 [pid 5262] chdir("./96") = 0 [pid 5262] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5262] setpgid(0, 0) = 0 [pid 5262] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5061] <... clone resumed>, child_tidptr=0x55555563d750) = 5262 [pid 5262] <... openat resumed>) = 3 [pid 5262] write(3, "1000", 4) = 4 [pid 5262] close(3) = 0 [pid 5262] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5262] memfd_create("syzkaller", 0) = 3 [pid 5262] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8f4413c000