./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2381265724 <...> Warning: Permanently added '10.128.0.98' (ED25519) to the list of known hosts. execve("./syz-executor2381265724", ["./syz-executor2381265724"], 0x7ffee3fb88a0 /* 10 vars */) = 0 brk(NULL) = 0x5555565f3000 brk(0x5555565f3d00) = 0x5555565f3d00 arch_prctl(ARCH_SET_FS, 0x5555565f3380) = 0 set_tid_address(0x5555565f3650) = 5059 set_robust_list(0x5555565f3660, 24) = 0 rseq(0x5555565f3ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor2381265724", 4096) = 28 getrandom("\xfc\xc5\x5a\x8c\x72\x07\xac\x1e", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x5555565f3d00 brk(0x555556614d00) = 0x555556614d00 brk(0x555556615000) = 0x555556615000 mprotect(0x7f7545522000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5060 attached [pid 5060] set_robust_list(0x5555565f3660, 24 [pid 5059] <... clone resumed>, child_tidptr=0x5555565f3650) = 5060 [pid 5060] <... set_robust_list resumed>) = 0 [pid 5059] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5060] mkdir("./syzkaller.3r9gI5", 0700./strace-static-x86_64: Process 5061 attached [pid 5061] set_robust_list(0x5555565f3660, 24 [pid 5059] <... clone resumed>, child_tidptr=0x5555565f3650) = 5061 [pid 5060] <... mkdir resumed>) = 0 [pid 5059] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5061] <... set_robust_list resumed>) = 0 [pid 5060] chmod("./syzkaller.3r9gI5", 0777 [pid 5061] mkdir("./syzkaller.pQ5R1z", 0700./strace-static-x86_64: Process 5062 attached [pid 5060] <... chmod resumed>) = 0 [pid 5059] <... clone resumed>, child_tidptr=0x5555565f3650) = 5062 [pid 5062] set_robust_list(0x5555565f3660, 24 [pid 5061] <... mkdir resumed>) = 0 [pid 5060] chdir("./syzkaller.3r9gI5" [pid 5059] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5062] <... set_robust_list resumed>) = 0 [pid 5061] chmod("./syzkaller.pQ5R1z", 0777 [pid 5060] <... chdir resumed>) = 0 [pid 5062] mkdir("./syzkaller.WLy5Xn", 0700 [pid 5061] <... chmod resumed>) = 0 [pid 5060] mkdir("./0", 0777./strace-static-x86_64: Process 5063 attached [pid 5059] <... clone resumed>, child_tidptr=0x5555565f3650) = 5063 [pid 5061] chdir("./syzkaller.pQ5R1z" [pid 5059] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5063] set_robust_list(0x5555565f3660, 24 [pid 5062] <... mkdir resumed>) = 0 [pid 5061] <... chdir resumed>) = 0 [pid 5060] <... mkdir resumed>) = 0 [pid 5061] mkdir("./0", 0777 [pid 5060] openat(AT_FDCWD, "/dev/loop0", O_RDWR./strace-static-x86_64: Process 5064 attached [pid 5063] <... set_robust_list resumed>) = 0 [pid 5062] chmod("./syzkaller.WLy5Xn", 0777 [pid 5060] <... openat resumed>) = 3 [pid 5060] ioctl(3, LOOP_CLR_FD [pid 5059] <... clone resumed>, child_tidptr=0x5555565f3650) = 5064 [pid 5064] set_robust_list(0x5555565f3660, 24 [pid 5063] mkdir("./syzkaller.hTGzfh", 0700 [pid 5062] <... chmod resumed>) = 0 [pid 5060] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5060] close(3 [pid 5059] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5064] <... set_robust_list resumed>) = 0 [pid 5063] <... mkdir resumed>) = 0 [pid 5062] chdir("./syzkaller.WLy5Xn" [pid 5061] <... mkdir resumed>) = 0 [pid 5060] <... close resumed>) = 0 [pid 5060] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5065 attached [pid 5064] mkdir("./syzkaller.hJEt6c", 0700 [pid 5063] chmod("./syzkaller.hTGzfh", 0777 [pid 5062] <... chdir resumed>) = 0 [pid 5061] openat(AT_FDCWD, "/dev/loop1", O_RDWR./strace-static-x86_64: Process 5066 attached [pid 5059] <... clone resumed>, child_tidptr=0x5555565f3650) = 5065 [pid 5065] set_robust_list(0x5555565f3660, 24 [pid 5064] <... mkdir resumed>) = 0 [pid 5063] <... chmod resumed>) = 0 [pid 5062] mkdir("./0", 0777 [pid 5061] <... openat resumed>) = 3 [pid 5065] <... set_robust_list resumed>) = 0 [pid 5063] chdir("./syzkaller.hTGzfh") = 0 [pid 5061] ioctl(3, LOOP_CLR_FD [pid 5064] chmod("./syzkaller.hJEt6c", 0777 [pid 5063] mkdir("./0", 0777 [pid 5065] mkdir("./syzkaller.4OM7XH", 0700 [pid 5064] <... chmod resumed>) = 0 [pid 5063] <... mkdir resumed>) = 0 [pid 5061] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5066] set_robust_list(0x5555565f3660, 24 [pid 5062] <... mkdir resumed>) = 0 [pid 5061] close(3 [pid 5066] <... set_robust_list resumed>) = 0 [pid 5064] chdir("./syzkaller.hJEt6c" [pid 5061] <... close resumed>) = 0 [pid 5066] chdir("./0" [pid 5065] <... mkdir resumed>) = 0 [pid 5064] <... chdir resumed>) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5062] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5061] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5064] mkdir("./0", 0777 [pid 5060] <... clone resumed>, child_tidptr=0x5555565f3650) = 5066 [pid 5064] <... mkdir resumed>) = 0 [pid 5065] chmod("./syzkaller.4OM7XH", 0777) = 0 [pid 5065] chdir("./syzkaller.4OM7XH") = 0 [pid 5065] mkdir("./0", 0777 [pid 5064] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5066] <... chdir resumed>) = 0 [pid 5065] <... mkdir resumed>) = 0 [pid 5064] <... openat resumed>) = 3 [pid 5063] <... openat resumed>) = 3 [pid 5062] <... openat resumed>) = 3 [pid 5066] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5062] ioctl(3, LOOP_CLR_FD [pid 5066] <... prctl resumed>) = 0 [pid 5066] setpgid(0, 0 [pid 5062] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5066] <... setpgid resumed>) = 0 ./strace-static-x86_64: Process 5068 attached [pid 5066] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5064] ioctl(3, LOOP_CLR_FD [pid 5061] <... clone resumed>, child_tidptr=0x5555565f3650) = 5068 [pid 5068] set_robust_list(0x5555565f3660, 24 [pid 5066] <... openat resumed>) = 3 [pid 5065] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5064] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5063] ioctl(3, LOOP_CLR_FD [pid 5062] close(3 [pid 5066] write(3, "1000", 4 [pid 5068] <... set_robust_list resumed>) = 0 [pid 5066] <... write resumed>) = 4 [pid 5065] <... openat resumed>) = 3 [pid 5064] close(3 [pid 5063] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5062] <... close resumed>) = 0 [pid 5068] chdir("./0" [pid 5066] close(3 [pid 5065] ioctl(3, LOOP_CLR_FD [pid 5064] <... close resumed>) = 0 [pid 5062] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] <... chdir resumed>) = 0 [pid 5066] <... close resumed>) = 0 [pid 5065] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5063] close(3 [pid 5068] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5066] symlink("/dev/binderfs", "./binderfs" [pid 5065] close(3 [pid 5063] <... close resumed>) = 0 ./strace-static-x86_64: Process 5070 attached [pid 5068] <... prctl resumed>) = 0 [pid 5065] <... close resumed>) = 0 [pid 5070] set_robust_list(0x5555565f3660, 24 [pid 5068] setpgid(0, 0 [pid 5066] <... symlink resumed>) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5066] memfd_create("syzkaller", 0 [pid 5070] <... set_robust_list resumed>) = 0 [pid 5068] <... setpgid resumed>) = 0 [pid 5070] chdir("./0" [pid 5068] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 5069 attached [pid 5066] <... memfd_create resumed>) = 3 [pid 5062] <... clone resumed>, child_tidptr=0x5555565f3650) = 5069 [pid 5070] <... chdir resumed>) = 0 [pid 5068] <... openat resumed>) = 3 [pid 5070] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5066] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5064] <... clone resumed>, child_tidptr=0x5555565f3650) = 5070 ./strace-static-x86_64: Process 5072 attached [pid 5069] set_robust_list(0x5555565f3660, 24 [pid 5070] <... prctl resumed>) = 0 [pid 5068] write(3, "1000", 4 [pid 5066] <... mmap resumed>) = 0x7f753d06e000 ./strace-static-x86_64: Process 5071 attached [pid 5072] set_robust_list(0x5555565f3660, 24 [pid 5069] <... set_robust_list resumed>) = 0 [pid 5070] setpgid(0, 0 [pid 5068] <... write resumed>) = 4 [pid 5071] set_robust_list(0x5555565f3660, 24 [pid 5070] <... setpgid resumed>) = 0 [pid 5068] close(3 [pid 5065] <... clone resumed>, child_tidptr=0x5555565f3650) = 5071 [pid 5071] <... set_robust_list resumed>) = 0 [pid 5072] <... set_robust_list resumed>) = 0 [pid 5069] chdir("./0" [pid 5070] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5068] <... close resumed>) = 0 [pid 5063] <... clone resumed>, child_tidptr=0x5555565f3650) = 5072 [pid 5071] chdir("./0" [pid 5072] chdir("./0" [pid 5069] <... chdir resumed>) = 0 [pid 5070] <... openat resumed>) = 3 [pid 5068] symlink("/dev/binderfs", "./binderfs" [pid 5072] <... chdir resumed>) = 0 [pid 5069] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5072] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5069] <... prctl resumed>) = 0 [pid 5071] <... chdir resumed>) = 0 [pid 5072] <... prctl resumed>) = 0 [pid 5069] setpgid(0, 0 [pid 5070] write(3, "1000", 4 [pid 5068] <... symlink resumed>) = 0 [pid 5071] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5069] <... setpgid resumed>) = 0 [pid 5070] <... write resumed>) = 4 [pid 5071] <... prctl resumed>) = 0 [pid 5072] setpgid(0, 0 [pid 5069] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5070] close(3 [pid 5071] setpgid(0, 0 [pid 5070] <... close resumed>) = 0 [pid 5068] memfd_create("syzkaller", 0 [pid 5071] <... setpgid resumed>) = 0 [pid 5072] <... setpgid resumed>) = 0 [pid 5070] symlink("/dev/binderfs", "./binderfs" [pid 5071] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5072] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5069] <... openat resumed>) = 3 [pid 5070] <... symlink resumed>) = 0 [pid 5068] <... memfd_create resumed>) = 3 [pid 5071] <... openat resumed>) = 3 [pid 5072] <... openat resumed>) = 3 [pid 5069] write(3, "1000", 4 [pid 5068] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5071] write(3, "1000", 4 [pid 5069] <... write resumed>) = 4 [pid 5070] memfd_create("syzkaller", 0 [pid 5068] <... mmap resumed>) = 0x7f753d06e000 [pid 5071] <... write resumed>) = 4 [pid 5072] write(3, "1000", 4 [pid 5069] close(3 [pid 5070] <... memfd_create resumed>) = 3 [pid 5070] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f753d06e000 [pid 5071] close(3) = 0 [pid 5071] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5071] memfd_create("syzkaller", 0 [pid 5072] <... write resumed>) = 4 [pid 5069] <... close resumed>) = 0 [pid 5072] close(3 [pid 5069] symlink("/dev/binderfs", "./binderfs" [pid 5071] <... memfd_create resumed>) = 3 [pid 5071] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5072] <... close resumed>) = 0 [pid 5069] <... symlink resumed>) = 0 [pid 5071] <... mmap resumed>) = 0x7f753d06e000 [pid 5072] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5069] memfd_create("syzkaller", 0 [pid 5072] memfd_create("syzkaller", 0 [pid 5069] <... memfd_create resumed>) = 3 [pid 5072] <... memfd_create resumed>) = 3 [pid 5069] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f753d06e000 [pid 5072] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f753d06e000 [pid 5066] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5071] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5070] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5068] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5069] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5072] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5071] <... write resumed>) = 4194304 [pid 5070] <... write resumed>) = 4194304 [pid 5068] <... write resumed>) = 4194304 [pid 5066] <... write resumed>) = 4194304 [pid 5071] munmap(0x7f753d06e000, 138412032 [pid 5066] munmap(0x7f753d06e000, 138412032 [pid 5068] munmap(0x7f753d06e000, 138412032 [pid 5066] <... munmap resumed>) = 0 [pid 5070] munmap(0x7f753d06e000, 138412032 [pid 5066] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5066] ioctl(4, LOOP_SET_FD, 3 [pid 5070] <... munmap resumed>) = 0 [pid 5071] <... munmap resumed>) = 0 [pid 5068] <... munmap resumed>) = 0 [pid 5070] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5071] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5068] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5071] <... openat resumed>) = 4 [pid 5070] <... openat resumed>) = 4 [pid 5068] <... openat resumed>) = 4 [pid 5071] ioctl(4, LOOP_SET_FD, 3 [pid 5068] ioctl(4, LOOP_SET_FD, 3 [pid 5066] <... ioctl resumed>) = 0 [pid 5066] close(3) = 0 [pid 5066] mkdir("./bus", 0777) = 0 [pid 5066] mount("/dev/loop0", "./bus", "reiserfs", MS_RDONLY|MS_NOSUID|MS_NODEV, "barrier=none,jqfmt=vfsold,data=ordered,jdev=./bus,smackfshat=re" [ 57.608306][ T5066] loop0: detected capacity change from 0 to 8192 [ 57.630733][ T5071] loop5: detected capacity change from 0 to 8192 [ 57.639216][ T5068] loop1: detected capacity change from 0 to 8192 [ 57.649842][ T5070] loop4: detected capacity change from 0 to 8192 [pid 5070] ioctl(4, LOOP_SET_FD, 3 [pid 5071] <... ioctl resumed>) = 0 [pid 5072] <... write resumed>) = 4194304 [pid 5069] <... write resumed>) = 4194304 [pid 5070] <... ioctl resumed>) = 0 [pid 5068] <... ioctl resumed>) = 0 [pid 5071] close(3 [pid 5072] munmap(0x7f753d06e000, 138412032 [pid 5069] munmap(0x7f753d06e000, 138412032 [pid 5070] close(3 [pid 5068] close(3 [pid 5071] <... close resumed>) = 0 [pid 5072] <... munmap resumed>) = 0 [pid 5069] <... munmap resumed>) = 0 [pid 5070] <... close resumed>) = 0 [pid 5068] <... close resumed>) = 0 [pid 5071] mkdir("./bus", 0777) = 0 [pid 5071] mount("/dev/loop5", "./bus", "reiserfs", MS_RDONLY|MS_NOSUID|MS_NODEV, "barrier=none,jqfmt=vfsold,data=ordered,jdev=./bus,smackfshat=re" [pid 5068] mkdir("./bus", 0777) = 0 [ 57.657702][ T5066] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 57.671082][ T5066] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 57.680555][ T5066] REISERFS (device loop0): using ordered data mode [ 57.689661][ T5066] REISERFS warning (device loop0): sh-457 journal_init_dev: journal_init_dev: Cannot open './bus': -15 [pid 5070] mkdir("./bus", 0777 [pid 5072] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5070] <... mkdir resumed>) = 0 [pid 5068] mount("/dev/loop1", "./bus", "reiserfs", MS_RDONLY|MS_NOSUID|MS_NODEV, "barrier=none,jqfmt=vfsold,data=ordered,jdev=./bus,smackfshat=re" [pid 5072] <... openat resumed>) = 4 [pid 5069] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5070] mount("/dev/loop4", "./bus", "reiserfs", MS_RDONLY|MS_NOSUID|MS_NODEV, "barrier=none,jqfmt=vfsold,data=ordered,jdev=./bus,smackfshat=re" [pid 5072] ioctl(4, LOOP_SET_FD, 3 [pid 5069] <... openat resumed>) = 4 [ 57.691363][ T5071] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 57.700770][ T5066] REISERFS warning (device loop0): sh-462 journal_init: unable to initialize journal device [ 57.724314][ T5072] loop3: detected capacity change from 0 to 8192 [ 57.726159][ T5066] REISERFS warning (device loop0): sh-2022 reiserfs_fill_super: unable to initialize journal space [ 57.734038][ T5069] loop2: detected capacity change from 0 to 8192 [pid 5069] ioctl(4, LOOP_SET_FD, 3 [pid 5072] <... ioctl resumed>) = 0 [pid 5066] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... ioctl resumed>) = 0 [pid 5066] ioctl(4, LOOP_CLR_FD [pid 5069] close(3) = 0 [pid 5069] mkdir("./bus", 0777) = 0 [ 57.742909][ T5068] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 57.762794][ T5070] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 57.765746][ T5068] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 57.775836][ T5070] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 57.776005][ T5070] REISERFS (device loop4): using ordered data mode [pid 5072] close(3 [pid 5069] mount("/dev/loop2", "./bus", "reiserfs", MS_RDONLY|MS_NOSUID|MS_NODEV, "barrier=none,jqfmt=vfsold,data=ordered,jdev=./bus,smackfshat=re" [pid 5072] <... close resumed>) = 0 [ 57.788571][ T5071] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 57.796942][ T5070] REISERFS warning (device loop4): sh-457 journal_init_dev: journal_init_dev: Cannot open './bus': -15 [ 57.808104][ T5071] REISERFS (device loop5): using ordered data mode [ 57.811422][ T5070] REISERFS warning (device loop4): sh-462 journal_init: unable to initialize journal device [ 57.822716][ T5068] REISERFS (device loop1): using ordered data mode [ 57.830231][ T5070] REISERFS warning (device loop4): sh-2022 reiserfs_fill_super: unable to initialize journal space [pid 5072] mkdir("./bus", 0777 [pid 5070] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... mkdir resumed>) = 0 [pid 5072] mount("/dev/loop3", "./bus", "reiserfs", MS_RDONLY|MS_NOSUID|MS_NODEV, "barrier=none,jqfmt=vfsold,data=ordered,jdev=./bus,smackfshat=re" [ 57.838119][ T5069] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 57.847322][ T5071] REISERFS warning (device loop5): sh-457 journal_init_dev: journal_init_dev: Cannot open './bus': -15 [ 57.858422][ T5069] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 57.889151][ T5069] REISERFS (device loop2): using ordered data mode [ 57.897596][ T5069] REISERFS warning (device loop2): sh-457 journal_init_dev: journal_init_dev: Cannot open './bus': -15 [pid 5070] ioctl(4, LOOP_CLR_FD [pid 5069] <... mount resumed>) = -1 EINVAL (Invalid argument) [ 57.901817][ T5071] REISERFS warning (device loop5): sh-462 journal_init: unable to initialize journal device [ 57.908892][ T5069] REISERFS warning (device loop2): sh-462 journal_init: unable to initialize journal device [ 57.910948][ T5069] REISERFS warning (device loop2): sh-2022 reiserfs_fill_super: unable to initialize journal space [ 57.920345][ T5072] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5069] ioctl(4, LOOP_CLR_FD [pid 5070] <... ioctl resumed>) = 0 [ 57.953526][ T5068] REISERFS warning (device loop1): sh-457 journal_init_dev: journal_init_dev: Cannot open './bus': -15 [pid 5070] close(4 [pid 5071] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5070] <... close resumed>) = 0 [pid 5071] ioctl(4, LOOP_CLR_FD [pid 5070] read(-1, [pid 5066] <... ioctl resumed>) = 0 [pid 5070] <... read resumed>NULL, 0) = -1 EBADF (Bad file descriptor) [pid 5070] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5066] close(4 [pid 5070] <... openat resumed>) = 3 [pid 5068] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... close resumed>) = 0 [pid 5070] read(3, [pid 5068] ioctl(4, LOOP_CLR_FD [pid 5066] read(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 5066] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5070] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5066] <... openat resumed>) = 3 [pid 5070] memfd_create("syzkaller", 0 [pid 5066] read(3, "name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5070] <... memfd_create resumed>) = 4 [pid 5070] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f753d06e000 [pid 5070] write(4, "\x60\x1c\x6d\x6b\x64\x20\x00\x66\x81\x7c\xe1\x00\x08\x08\x01\x00\x02\x40\x00\x40\x00\xf8\x01\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x90\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 131072) = 131072 [pid 5066] memfd_create("syzkaller", 0 [pid 5070] munmap(0x7f753d06e000, 138412032 [pid 5066] <... memfd_create resumed>) = 4 [pid 5066] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5070] <... munmap resumed>) = 0 [pid 5066] <... mmap resumed>) = 0x7f753d06e000 [ 57.992413][ T5071] REISERFS warning (device loop5): sh-2022 reiserfs_fill_super: unable to initialize journal space [ 58.004213][ T5068] REISERFS warning (device loop1): sh-462 journal_init: unable to initialize journal device [ 58.008981][ T5072] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 58.026195][ T5068] REISERFS warning (device loop1): sh-2022 reiserfs_fill_super: unable to initialize journal space [pid 5070] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5066] write(4, "\x60\x1c\x6d\x6b\x64\x20\x00\x66\x81\x7c\xe1\x00\x08\x08\x01\x00\x02\x40\x00\x40\x00\xf8\x01\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x90\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 131072) = 131072 [pid 5066] munmap(0x7f753d06e000, 138412032) = 0 [pid 5070] <... openat resumed>) = 5 [pid 5070] ioctl(5, LOOP_SET_FD, 4 [pid 5066] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [ 58.061209][ T5072] REISERFS (device loop3): using ordered data mode [ 58.079319][ T5070] loop4: detected capacity change from 0 to 256 [ 58.080313][ T5066] loop0: detected capacity change from 0 to 256 [ 58.088874][ T5072] REISERFS warning (device loop3): sh-457 journal_init_dev: journal_init_dev: Cannot open './bus': -15 [pid 5066] ioctl(5, LOOP_SET_FD, 4 [pid 5070] <... ioctl resumed>) = 0 [pid 5069] <... ioctl resumed>) = 0 [pid 5070] close(4) = 0 [pid 5070] mkdir("./file0", 0777) = 0 [pid 5070] mount("/dev/loop4", "./file0", "vfat", 0, "nonumtail=0,quiet,uni_xlate=1,uni_xlate=1,nonumtail=1,fmask=01777777777777777777777,utf8=1,rodir,utf"... [pid 5066] <... ioctl resumed>) = 0 [pid 5066] close(4) = 0 [pid 5066] mkdir("./file0", 0777) = 0 [pid 5066] mount("/dev/loop0", "./file0", "vfat", 0, "nonumtail=0,quiet,uni_xlate=1,uni_xlate=1,nonumtail=1,fmask=01777777777777777777777,utf8=1,rodir,utf"... [pid 5072] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5069] close(4 [pid 5072] ioctl(4, LOOP_CLR_FD [pid 5069] <... close resumed>) = 0 [pid 5069] read(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [ 58.103394][ T5072] REISERFS warning (device loop3): sh-462 journal_init: unable to initialize journal device [ 58.122416][ T5072] REISERFS warning (device loop3): sh-2022 reiserfs_fill_super: unable to initialize journal space [pid 5066] <... mount resumed>) = 0 [pid 5071] <... ioctl resumed>) = 0 [pid 5069] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5070] <... mount resumed>) = 0 [pid 5068] <... ioctl resumed>) = 0 [pid 5066] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5069] <... openat resumed>) = 3 [pid 5069] read(3, [pid 5070] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5066] <... openat resumed>) = 4 [pid 5068] close(4 [pid 5069] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5070] <... openat resumed>) = 4 [pid 5068] <... close resumed>) = 0 [pid 5066] chdir("./file0" [pid 5071] close(4 [pid 5069] memfd_create("syzkaller", 0 [pid 5070] chdir("./file0" [pid 5068] read(-1, [pid 5066] <... chdir resumed>) = 0 [pid 5071] <... close resumed>) = 0 [pid 5069] <... memfd_create resumed>) = 4 [pid 5070] <... chdir resumed>) = 0 [pid 5068] <... read resumed>NULL, 0) = -1 EBADF (Bad file descriptor) [pid 5066] ioctl(5, LOOP_CLR_FD [pid 5071] read(-1, [pid 5069] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5070] ioctl(5, LOOP_CLR_FD [pid 5068] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5069] <... mmap resumed>) = 0x7f753d06e000 [pid 5068] <... openat resumed>) = 3 [pid 5069] write(4, "\x60\x1c\x6d\x6b\x64\x20\x00\x66\x81\x7c\xe1\x00\x08\x08\x01\x00\x02\x40\x00\x40\x00\xf8\x01\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x90\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 131072 [pid 5070] <... ioctl resumed>) = 0 [pid 5068] read(3, [pid 5069] <... write resumed>) = 131072 [pid 5070] close(5 [pid 5068] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5070] <... close resumed>) = 0 [pid 5070] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5068] memfd_create("syzkaller", 0 [pid 5071] <... read resumed>NULL, 0) = -1 EBADF (Bad file descriptor) [pid 5069] munmap(0x7f753d06e000, 138412032 [pid 5070] <... openat resumed>) = 5 [pid 5066] <... ioctl resumed>) = 0 [pid 5068] <... memfd_create resumed>) = 4 [pid 5068] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f753d06e000 [pid 5071] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5068] write(4, "\x60\x1c\x6d\x6b\x64\x20\x00\x66\x81\x7c\xe1\x00\x08\x08\x01\x00\x02\x40\x00\x40\x00\xf8\x01\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x90\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 131072 [pid 5069] <... munmap resumed>) = 0 [pid 5070] read(5, [pid 5071] <... openat resumed>) = 3 [pid 5070] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5066] close(5 [pid 5071] read(3, [pid 5070] read(5, [pid 5068] <... write resumed>) = 131072 [pid 5066] <... close resumed>) = 0 [pid 5071] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5069] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5070] <... read resumed>"name : __xts(aes)\ndriver : __xts-aes-aesni\nmodule : kernel\npriority : 401\nre"..., 8224) = 3922 [pid 5066] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5071] memfd_create("syzkaller", 0 [pid 5069] <... openat resumed>) = 5 [pid 5070] creat("./bus", 000 [pid 5068] munmap(0x7f753d06e000, 138412032 [pid 5066] <... openat resumed>) = 5 [pid 5071] <... memfd_create resumed>) = 4 [pid 5069] ioctl(5, LOOP_SET_FD, 4 [pid 5068] <... munmap resumed>) = 0 [pid 5066] read(5, [pid 5071] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f753d06e000 [pid 5071] write(4, "\x60\x1c\x6d\x6b\x64\x20\x00\x66\x81\x7c\xe1\x00\x08\x08\x01\x00\x02\x40\x00\x40\x00\xf8\x01\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x90\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 131072 [pid 5068] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 5068] ioctl(5, LOOP_SET_FD, 4 [pid 5071] <... write resumed>) = 131072 [pid 5070] <... creat resumed>) = 6 [pid 5066] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5066] read(5, "name : __xts(aes)\ndriver : __xts-aes-aesni\nmodule : kernel\npriority : 401\nre"..., 8224) = 3922 [pid 5066] creat("./bus", 000 [pid 5070] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5066] <... creat resumed>) = 6 [pid 5071] munmap(0x7f753d06e000, 138412032 [pid 5070] <... mount resumed>) = 0 [pid 5066] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5071] <... munmap resumed>) = 0 [pid 5070] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 5066] <... mount resumed>) = 0 [pid 5071] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5070] <... open resumed>) = 7 [pid 5066] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 5071] <... openat resumed>) = 5 [pid 5066] <... open resumed>) = 7 [pid 5071] ioctl(5, LOOP_SET_FD, 4 [pid 5070] pwritev2(7, [{iov_base="\x85\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=2244608}, {iov_base=0x20797469726f6972, iov_len=3473436646628663328}], 2, 5120, RWF_DSYNC [pid 5066] pwritev2(7, [{iov_base="\x85\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=2244608}, {iov_base=0x20797469726f6972, iov_len=3473436646628663328}], 2, 5120, RWF_DSYNC [pid 5072] <... ioctl resumed>) = 0 [pid 5069] <... ioctl resumed>) = 0 [pid 5069] close(4 [pid 5068] <... ioctl resumed>) = 0 [pid 5069] <... close resumed>) = 0 [pid 5068] close(4 [pid 5069] mkdir("./file0", 0777 [pid 5068] <... close resumed>) = 0 [pid 5068] mkdir("./file0", 0777) = 0 [pid 5069] <... mkdir resumed>) = 0 [pid 5068] mount("/dev/loop1", "./file0", "vfat", 0, "nonumtail=0,quiet,uni_xlate=1,uni_xlate=1,nonumtail=1,fmask=01777777777777777777777,utf8=1,rodir,utf"... [pid 5069] mount("/dev/loop2", "./file0", "vfat", 0, "nonumtail=0,quiet,uni_xlate=1,uni_xlate=1,nonumtail=1,fmask=01777777777777777777777,utf8=1,rodir,utf"... [pid 5068] <... mount resumed>) = 0 [pid 5068] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 4 [pid 5069] <... mount resumed>) = 0 [pid 5068] chdir("./file0" [pid 5071] <... ioctl resumed>) = 0 [pid 5072] close(4 [pid 5069] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5071] close(4 [pid 5068] <... chdir resumed>) = 0 [pid 5072] <... close resumed>) = 0 [pid 5069] <... openat resumed>) = 4 [pid 5071] <... close resumed>) = 0 [pid 5072] read(-1, [pid 5068] ioctl(5, LOOP_CLR_FD [pid 5069] chdir("./file0" [pid 5071] mkdir("./file0", 0777 [pid 5072] <... read resumed>NULL, 0) = -1 EBADF (Bad file descriptor) [pid 5068] <... ioctl resumed>) = 0 [pid 5066] <... pwritev2 resumed>) = 125952 [pid 5066] exit_group(0 [pid 5072] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5068] close(5 [pid 5071] <... mkdir resumed>) = 0 [pid 5068] <... close resumed>) = 0 [pid 5066] <... exit_group resumed>) = ? [pid 5068] openat(AT_FDCWD, "/proc/crypto", O_RDONLY) = 5 [pid 5068] read(5, [pid 5072] <... openat resumed>) = 3 [pid 5068] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5071] mount("/dev/loop5", "./file0", "vfat", 0, "nonumtail=0,quiet,uni_xlate=1,uni_xlate=1,nonumtail=1,fmask=01777777777777777777777,utf8=1,rodir,utf"... [pid 5072] read(3, [pid 5069] <... chdir resumed>) = 0 [pid 5068] read(5, [pid 5066] +++ exited with 0 +++ [pid 5069] ioctl(5, LOOP_CLR_FD [pid 5068] <... read resumed>"name : __xts(aes)\ndriver : __xts-aes-aesni\nmodule : kernel\npriority : 401\nre"..., 8224) = 3922 [pid 5069] <... ioctl resumed>) = 0 [pid 5068] creat("./bus", 000 [ 58.211489][ T5069] loop2: detected capacity change from 0 to 256 [ 58.221574][ T5068] loop1: detected capacity change from 0 to 256 [ 58.238538][ T5071] loop5: detected capacity change from 0 to 256 [pid 5060] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5066, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=23 /* 0.23 s */} --- [pid 5072] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5069] close(5 [pid 5070] <... pwritev2 resumed>) = 125952 [pid 5068] <... creat resumed>) = 6 [pid 5072] memfd_create("syzkaller", 0 [pid 5069] <... close resumed>) = 0 [pid 5070] exit_group(0 [pid 5068] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5072] <... memfd_create resumed>) = 4 [pid 5069] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5072] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5069] <... openat resumed>) = 5 [pid 5069] read(5, [pid 5070] <... exit_group resumed>) = ? [pid 5060] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... mmap resumed>) = 0x7f753d06e000 [pid 5069] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5070] +++ exited with 0 +++ [pid 5068] <... mount resumed>) = 0 [pid 5060] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] write(4, "\x60\x1c\x6d\x6b\x64\x20\x00\x66\x81\x7c\xe1\x00\x08\x08\x01\x00\x02\x40\x00\x40\x00\xf8\x01\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x90\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 131072 [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5070, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5069] read(5, [pid 5060] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 5069] <... read resumed>"name : __xts(aes)\ndriver : __xts-aes-aesni\nmodule : kernel\npriority : 401\nre"..., 8224) = 3922 [pid 5064] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5060] <... openat resumed>) = 3 [pid 5069] creat("./bus", 000 [pid 5068] <... open resumed>) = 7 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5060] newfstatat(3, "", [pid 5071] <... mount resumed>) = 0 [pid 5068] pwritev2(7, [{iov_base="\x85\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=2244608}, {iov_base=0x20797469726f6972, iov_len=3473436646628663328}], 2, 5120, RWF_DSYNC [pid 5064] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5069] <... creat resumed>) = 6 [pid 5064] <... openat resumed>) = 3 [pid 5060] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5071] <... openat resumed>) = 4 [pid 5069] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5064] newfstatat(3, "", [pid 5071] chdir("./file0" [pid 5064] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] <... mount resumed>) = 0 [pid 5060] getdents64(3, [pid 5071] <... chdir resumed>) = 0 [pid 5064] getdents64(3, [pid 5071] ioctl(5, LOOP_CLR_FD [pid 5069] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 5064] <... getdents64 resumed>0x5555565f46f0 /* 5 entries */, 32768) = 136 [pid 5060] <... getdents64 resumed>0x5555565f46f0 /* 5 entries */, 32768) = 136 [pid 5071] <... ioctl resumed>) = 0 [pid 5069] <... open resumed>) = 7 [pid 5064] umount2("./0/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] close(5 [pid 5072] <... write resumed>) = 131072 [pid 5069] pwritev2(7, [{iov_base="\x85\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=2244608}, {iov_base=0x20797469726f6972, iov_len=3473436646628663328}], 2, 5120, RWF_DSYNC [pid 5068] <... pwritev2 resumed>) = 125952 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5060] umount2("./0/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... close resumed>) = 0 [pid 5072] munmap(0x7f753d06e000, 138412032 [pid 5068] exit_group(0 [pid 5064] newfstatat(AT_FDCWD, "./0/bus", [pid 5060] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5072] <... munmap resumed>) = 0 [pid 5069] <... pwritev2 resumed>) = 125952 [pid 5068] <... exit_group resumed>) = ? [pid 5064] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5060] newfstatat(AT_FDCWD, "./0/bus", [pid 5064] umount2("./0/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5060] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5064] openat(AT_FDCWD, "./0/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5060] umount2("./0/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... openat resumed>) = 5 [pid 5072] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5069] exit_group(0 [pid 5064] <... openat resumed>) = 4 [pid 5060] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] read(5, [pid 5072] <... openat resumed>) = 5 [pid 5069] <... exit_group resumed>) = ? [pid 5064] newfstatat(4, "", [pid 5060] openat(AT_FDCWD, "./0/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5064] getdents64(4, [pid 5060] <... openat resumed>) = 4 [pid 5071] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5072] ioctl(5, LOOP_SET_FD, 4 [pid 5068] +++ exited with 0 +++ [pid 5064] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5071] read(5, [pid 5064] getdents64(4, [pid 5061] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5068, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=23 /* 0.23 s */} --- [pid 5060] newfstatat(4, "", [pid 5064] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5064] close(4) = 0 [pid 5064] rmdir("./0/bus" [pid 5061] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5061] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5061] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5061] getdents64(3, [pid 5060] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5061] <... getdents64 resumed>0x5555565f46f0 /* 5 entries */, 32768) = 136 [pid 5064] <... rmdir resumed>) = 0 [pid 5060] getdents64(4, [pid 5061] umount2("./0/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5061] newfstatat(AT_FDCWD, "./0/bus", [pid 5071] <... read resumed>"name : __xts(aes)\ndriver : __xts-aes-aesni\nmodule : kernel\npriority : 401\nre"..., 8224) = 3922 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5061] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5060] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5072] <... ioctl resumed>) = 0 [pid 5060] getdents64(4, [pid 5071] creat("./bus", 000 [pid 5064] newfstatat(AT_FDCWD, "./0/binderfs", [pid 5061] umount2("./0/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... creat resumed>) = 6 [pid 5064] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5061] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5060] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5071] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5072] close(4 [pid 5064] unlink("./0/binderfs" [pid 5060] close(4 [pid 5061] openat(AT_FDCWD, "./0/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5060] <... close resumed>) = 0 [pid 5072] <... close resumed>) = 0 [pid 5069] +++ exited with 0 +++ [pid 5061] <... openat resumed>) = 4 [pid 5072] mkdir("./file0", 0777 [pid 5064] <... unlink resumed>) = 0 [pid 5060] rmdir("./0/bus" [pid 5062] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5069, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5061] newfstatat(4, "", [pid 5064] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5062] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5061] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5060] <... rmdir resumed>) = 0 [pid 5071] <... mount resumed>) = 0 [pid 5062] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5060] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 5072] <... mkdir resumed>) = 0 [pid 5061] getdents64(4, [pid 5060] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] mount("/dev/loop3", "./file0", "vfat", 0, "nonumtail=0,quiet,uni_xlate=1,uni_xlate=1,nonumtail=1,fmask=01777777777777777777777,utf8=1,rodir,utf"... [pid 5060] newfstatat(AT_FDCWD, "./0/binderfs", [pid 5071] <... open resumed>) = 7 [pid 5071] pwritev2(7, [{iov_base="\x85\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=2244608}, {iov_base=0x20797469726f6972, iov_len=3473436646628663328}], 2, 5120, RWF_DSYNC [pid 5062] <... openat resumed>) = 3 [pid 5061] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5060] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5062] newfstatat(3, "", [pid 5061] getdents64(4, [pid 5060] unlink("./0/binderfs" [pid 5062] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5061] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5071] <... pwritev2 resumed>) = 125952 [pid 5072] <... mount resumed>) = 0 [pid 5062] getdents64(3, [pid 5061] close(4 [pid 5060] <... unlink resumed>) = 0 [pid 5071] exit_group(0 [pid 5072] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5062] <... getdents64 resumed>0x5555565f46f0 /* 5 entries */, 32768) = 136 [pid 5061] <... close resumed>) = 0 [pid 5071] <... exit_group resumed>) = ? [pid 5062] umount2("./0/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5060] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5062] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5061] rmdir("./0/bus" [pid 5062] newfstatat(AT_FDCWD, "./0/bus", [pid 5071] +++ exited with 0 +++ [pid 5072] <... openat resumed>) = 4 [pid 5064] <... umount2 resumed>) = 0 [pid 5062] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5061] <... rmdir resumed>) = 0 [pid 5072] chdir("./file0" [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5071, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=20 /* 0.20 s */} --- [pid 5072] <... chdir resumed>) = 0 [pid 5062] umount2("./0/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5061] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] ioctl(5, LOOP_CLR_FD [pid 5065] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5062] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... ioctl resumed>) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5061] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5062] openat(AT_FDCWD, "./0/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] close(5 [pid 5065] <... openat resumed>) = 3 [pid 5061] newfstatat(AT_FDCWD, "./0/binderfs", [pid 5072] <... close resumed>) = 0 [pid 5065] newfstatat(3, "", [pid 5072] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] getdents64(3, [pid 5060] <... umount2 resumed>) = 0 [pid 5072] <... openat resumed>) = 5 [pid 5065] <... getdents64 resumed>0x5555565f46f0 /* 5 entries */, 32768) = 136 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5062] <... openat resumed>) = 4 [pid 5061] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] umount2("./0/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] read(5, [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] newfstatat(AT_FDCWD, "./0/file0", [pid 5061] unlink("./0/binderfs" [pid 5072] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5065] newfstatat(AT_FDCWD, "./0/bus", [pid 5062] newfstatat(4, "", [pid 5072] read(5, [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5064] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5061] <... unlink resumed>) = 0 [pid 5060] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... read resumed>"name : __xts(aes)\ndriver : __xts-aes-aesni\nmodule : kernel\npriority : 401\nre"..., 8224) = 3922 [pid 5065] umount2("./0/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5062] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5061] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] creat("./bus", 000 [pid 5065] openat(AT_FDCWD, "./0/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5062] getdents64(4, [pid 5072] <... creat resumed>) = 6 [pid 5065] <... openat resumed>) = 4 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] getdents64(4, [pid 5061] <... umount2 resumed>) = 0 [pid 5065] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5064] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5062] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5060] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5065] getdents64(4, [pid 5064] <... openat resumed>) = 4 [pid 5062] getdents64(4, [pid 5061] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5060] newfstatat(AT_FDCWD, "./0/file0", [pid 5072] <... mount resumed>) = 0 [pid 5065] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5064] newfstatat(4, "", [pid 5062] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5061] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 5065] close(4 [pid 5062] close(4 [pid 5060] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5064] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5072] <... open resumed>) = 7 [pid 5065] <... close resumed>) = 0 [pid 5064] getdents64(4, [pid 5062] <... close resumed>) = 0 [pid 5061] newfstatat(AT_FDCWD, "./0/file0", [pid 5060] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] pwritev2(7, [{iov_base="\x85\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=2244608}, {iov_base=0x20797469726f6972, iov_len=3473436646628663328}], 2, 5120, RWF_DSYNC [pid 5065] rmdir("./0/bus" [pid 5062] rmdir("./0/bus" [pid 5061] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5060] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 58.326841][ T5072] loop3: detected capacity change from 0 to 256 [pid 5072] <... pwritev2 resumed>) = -1 ENOSPC (No space left on device) [pid 5065] <... rmdir resumed>) = 0 [pid 5064] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5062] <... rmdir resumed>) = 0 [pid 5061] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5060] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] exit_group(0 [pid 5064] getdents64(4, [pid 5061] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... exit_group resumed>) = ? [pid 5065] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5062] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5061] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5060] <... openat resumed>) = 4 [pid 5062] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5060] newfstatat(4, "", [pid 5064] close(4 [pid 5061] <... openat resumed>) = 4 [pid 5072] +++ exited with 0 +++ [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... close resumed>) = 0 [pid 5062] newfstatat(AT_FDCWD, "./0/binderfs", [pid 5061] newfstatat(4, "", [pid 5060] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] newfstatat(AT_FDCWD, "./0/binderfs", [pid 5064] rmdir("./0/file0" [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5072, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=19 /* 0.19 s */} --- [pid 5061] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5060] getdents64(4, [pid 5065] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] unlink("./0/binderfs") = 0 [pid 5064] <... rmdir resumed>) = 0 [pid 5062] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5061] getdents64(4, [pid 5060] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5065] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5062] unlink("./0/binderfs" [pid 5061] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5060] getdents64(4, [pid 5063] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5062] <... unlink resumed>) = 0 [pid 5061] getdents64(4, [pid 5060] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5060] close(4 [pid 5063] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] getdents64(3, [pid 5062] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5061] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5060] <... close resumed>) = 0 [pid 5063] <... openat resumed>) = 3 [pid 5061] close(4 [pid 5065] <... umount2 resumed>) = 0 [pid 5064] <... getdents64 resumed>0x5555565f46f0 /* 0 entries */, 32768) = 0 [pid 5063] newfstatat(3, "", [pid 5062] <... umount2 resumed>) = 0 [pid 5060] rmdir("./0/file0" [pid 5061] <... close resumed>) = 0 [pid 5064] close(3 [pid 5063] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... close resumed>) = 0 [pid 5063] getdents64(3, [pid 5062] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5061] rmdir("./0/file0" [pid 5060] <... rmdir resumed>) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5063] <... getdents64 resumed>0x5555565f46f0 /* 5 entries */, 32768) = 136 [pid 5062] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5061] <... rmdir resumed>) = 0 [pid 5060] getdents64(3, [pid 5065] newfstatat(AT_FDCWD, "./0/file0", [pid 5064] rmdir("./0" [pid 5063] umount2("./0/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5062] newfstatat(AT_FDCWD, "./0/file0", [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5064] <... rmdir resumed>) = 0 [pid 5063] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5062] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5060] <... getdents64 resumed>0x5555565f46f0 /* 0 entries */, 32768) = 0 [pid 5065] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5063] newfstatat(AT_FDCWD, "./0/bus", [pid 5062] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5061] getdents64(3, [pid 5060] close(3 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5063] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5062] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5061] <... getdents64 resumed>0x5555565f46f0 /* 0 entries */, 32768) = 0 [pid 5065] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] mkdir("./1", 0777 [pid 5063] umount2("./0/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5062] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5061] close(3 [pid 5065] <... openat resumed>) = 4 [pid 5064] <... mkdir resumed>) = 0 [pid 5060] <... close resumed>) = 0 [pid 5065] newfstatat(4, "", [pid 5062] <... openat resumed>) = 4 [pid 5061] <... close resumed>) = 0 [pid 5060] rmdir("./0" [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5062] newfstatat(4, "", [pid 5061] rmdir("./0" [pid 5065] getdents64(4, [pid 5063] openat(AT_FDCWD, "./0/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5062] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5061] <... rmdir resumed>) = 0 [pid 5060] <... rmdir resumed>) = 0 [pid 5065] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5063] <... openat resumed>) = 4 [pid 5062] getdents64(4, [pid 5061] mkdir("./1", 0777 [pid 5060] mkdir("./1", 0777 [pid 5065] getdents64(4, [pid 5063] newfstatat(4, "", [pid 5062] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5065] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5061] <... mkdir resumed>) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5060] <... mkdir resumed>) = 0 [pid 5062] getdents64(4, [pid 5065] close(4 [pid 5064] <... openat resumed>) = 3 [pid 5064] ioctl(3, LOOP_CLR_FD [pid 5062] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5065] <... close resumed>) = 0 [pid 5064] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5064] close(3 [pid 5062] close(4 [pid 5060] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5064] <... close resumed>) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5063] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5060] <... openat resumed>) = 3 [pid 5062] <... close resumed>) = 0 [pid 5065] rmdir("./0/file0") = 0 [pid 5063] getdents64(4, [pid 5062] rmdir("./0/file0"./strace-static-x86_64: Process 5081 attached [pid 5063] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5062] <... rmdir resumed>) = 0 [pid 5060] ioctl(3, LOOP_CLR_FD [pid 5063] getdents64(4, 0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5061] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5065] getdents64(3, [pid 5063] close(4 [pid 5062] getdents64(3, [pid 5061] <... openat resumed>) = 3 [pid 5065] <... getdents64 resumed>0x5555565f46f0 /* 0 entries */, 32768) = 0 [pid 5063] <... close resumed>) = 0 [pid 5062] <... getdents64 resumed>0x5555565f46f0 /* 0 entries */, 32768) = 0 [pid 5061] ioctl(3, LOOP_CLR_FD [pid 5065] close(3 [pid 5063] rmdir("./0/bus" [pid 5081] set_robust_list(0x5555565f3660, 24 [pid 5062] close(3 [pid 5061] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5064] <... clone resumed>, child_tidptr=0x5555565f3650) = 5081 [pid 5060] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5081] <... set_robust_list resumed>) = 0 [pid 5065] <... close resumed>) = 0 [pid 5063] <... rmdir resumed>) = 0 [pid 5062] <... close resumed>) = 0 [pid 5061] close(3 [pid 5060] close(3 [pid 5065] rmdir("./0" [pid 5062] rmdir("./0" [pid 5061] <... close resumed>) = 0 [pid 5081] chdir("./1" [pid 5065] <... rmdir resumed>) = 0 [pid 5063] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5062] <... rmdir resumed>) = 0 [pid 5061] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5081] <... chdir resumed>) = 0 [pid 5063] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5060] <... close resumed>) = 0 [pid 5081] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5065] mkdir("./1", 0777 [pid 5063] newfstatat(AT_FDCWD, "./0/binderfs", [pid 5062] mkdir("./1", 0777 [pid 5060] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5081] <... prctl resumed>) = 0 ./strace-static-x86_64: Process 5084 attached ./strace-static-x86_64: Process 5083 attached [pid 5081] setpgid(0, 0 [pid 5065] <... mkdir resumed>) = 0 [pid 5063] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5062] <... mkdir resumed>) = 0 [pid 5084] set_robust_list(0x5555565f3660, 24 [pid 5081] <... setpgid resumed>) = 0 [pid 5084] <... set_robust_list resumed>) = 0 [pid 5060] <... clone resumed>, child_tidptr=0x5555565f3650) = 5084 [pid 5083] set_robust_list(0x5555565f3660, 24 [pid 5084] chdir("./1" [pid 5081] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5063] unlink("./0/binderfs" [pid 5061] <... clone resumed>, child_tidptr=0x5555565f3650) = 5083 [pid 5084] <... chdir resumed>) = 0 [pid 5083] <... set_robust_list resumed>) = 0 [pid 5062] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5065] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5083] chdir("./1" [pid 5065] <... openat resumed>) = 3 [pid 5083] <... chdir resumed>) = 0 [pid 5065] ioctl(3, LOOP_CLR_FD [pid 5083] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5065] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5063] <... unlink resumed>) = 0 [pid 5083] <... prctl resumed>) = 0 [pid 5065] close(3 [pid 5063] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5062] <... openat resumed>) = 3 [pid 5062] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5065] <... close resumed>) = 0 [pid 5062] close(3 [pid 5083] setpgid(0, 0 [pid 5062] <... close resumed>) = 0 [pid 5083] <... setpgid resumed>) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5062] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5084] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5081] <... openat resumed>) = 3 [pid 5084] <... prctl resumed>) = 0 [pid 5081] write(3, "1000", 4./strace-static-x86_64: Process 5085 attached [pid 5084] setpgid(0, 0./strace-static-x86_64: Process 5086 attached [pid 5083] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5081] <... write resumed>) = 4 [pid 5063] <... umount2 resumed>) = 0 [pid 5062] <... clone resumed>, child_tidptr=0x5555565f3650) = 5085 [pid 5084] <... setpgid resumed>) = 0 [pid 5086] set_robust_list(0x5555565f3660, 24 [pid 5085] set_robust_list(0x5555565f3660, 24 [pid 5083] <... openat resumed>) = 3 [pid 5081] close(3 [pid 5065] <... clone resumed>, child_tidptr=0x5555565f3650) = 5086 [pid 5086] <... set_robust_list resumed>) = 0 [pid 5085] <... set_robust_list resumed>) = 0 [pid 5084] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5083] write(3, "1000", 4 [pid 5081] <... close resumed>) = 0 [pid 5086] chdir("./1" [pid 5085] chdir("./1" [pid 5084] <... openat resumed>) = 3 [pid 5083] <... write resumed>) = 4 [pid 5081] symlink("/dev/binderfs", "./binderfs" [pid 5063] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5086] <... chdir resumed>) = 0 [pid 5085] <... chdir resumed>) = 0 [pid 5084] write(3, "1000", 4 [pid 5083] close(3 [pid 5081] <... symlink resumed>) = 0 [pid 5063] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5085] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5084] <... write resumed>) = 4 [pid 5083] <... close resumed>) = 0 [pid 5081] memfd_create("syzkaller", 0 [pid 5063] newfstatat(AT_FDCWD, "./0/file0", [pid 5086] <... prctl resumed>) = 0 [pid 5085] <... prctl resumed>) = 0 [pid 5084] close(3 [pid 5083] symlink("/dev/binderfs", "./binderfs" [pid 5081] <... memfd_create resumed>) = 3 [pid 5063] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] setpgid(0, 0 [pid 5085] setpgid(0, 0 [pid 5084] <... close resumed>) = 0 [pid 5081] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5063] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5086] <... setpgid resumed>) = 0 [pid 5085] <... setpgid resumed>) = 0 [pid 5084] symlink("/dev/binderfs", "./binderfs" [pid 5083] <... symlink resumed>) = 0 [pid 5081] <... mmap resumed>) = 0x7f753d06e000 [pid 5063] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5085] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5084] <... symlink resumed>) = 0 [pid 5083] memfd_create("syzkaller", 0 [pid 5063] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] <... openat resumed>) = 3 [pid 5085] <... openat resumed>) = 3 [pid 5084] memfd_create("syzkaller", 0 [pid 5063] <... openat resumed>) = 4 [pid 5086] write(3, "1000", 4 [pid 5085] write(3, "1000", 4 [pid 5084] <... memfd_create resumed>) = 3 [pid 5063] newfstatat(4, "", [pid 5086] <... write resumed>) = 4 [pid 5085] <... write resumed>) = 4 [pid 5084] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5063] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5083] <... memfd_create resumed>) = 3 [pid 5085] close(3) = 0 [pid 5063] getdents64(4, [pid 5085] symlink("/dev/binderfs", "./binderfs" [pid 5063] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5063] close(4 [pid 5085] <... symlink resumed>) = 0 [pid 5063] <... close resumed>) = 0 [pid 5084] <... mmap resumed>) = 0x7f753d06e000 [pid 5063] rmdir("./0/file0" [pid 5086] close(3 [pid 5085] memfd_create("syzkaller", 0 [pid 5083] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5063] <... rmdir resumed>) = 0 [pid 5086] <... close resumed>) = 0 [pid 5083] <... mmap resumed>) = 0x7f753d06e000 [pid 5086] symlink("/dev/binderfs", "./binderfs" [pid 5085] <... memfd_create resumed>) = 3 [pid 5085] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5086] <... symlink resumed>) = 0 [pid 5063] getdents64(3, [pid 5086] memfd_create("syzkaller", 0 [pid 5085] <... mmap resumed>) = 0x7f753d06e000 [pid 5063] <... getdents64 resumed>0x5555565f46f0 /* 0 entries */, 32768) = 0 [pid 5086] <... memfd_create resumed>) = 3 [pid 5063] close(3) = 0 [pid 5063] rmdir("./0") = 0 [pid 5063] mkdir("./1", 0777) = 0 [pid 5086] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f753d06e000 [pid 5063] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555565f3650) = 5088 ./strace-static-x86_64: Process 5088 attached [pid 5088] set_robust_list(0x5555565f3660, 24) = 0 [pid 5088] chdir("./1") = 0 [pid 5088] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5088] setpgid(0, 0) = 0 [pid 5088] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5088] write(3, "1000", 4) = 4 [pid 5088] close(3) = 0 [pid 5088] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5088] memfd_create("syzkaller", 0 [pid 5081] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5088] <... memfd_create resumed>) = 3 [pid 5088] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5083] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5088] <... mmap resumed>) = 0x7f753d06e000 [pid 5086] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5084] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5085] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5083] <... write resumed>) = 4194304 [pid 5081] <... write resumed>) = 4194304 [pid 5088] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5083] munmap(0x7f753d06e000, 138412032 [pid 5081] munmap(0x7f753d06e000, 138412032 [pid 5086] <... write resumed>) = 4194304 [pid 5086] munmap(0x7f753d06e000, 138412032 [pid 5083] <... munmap resumed>) = 0 [pid 5081] <... munmap resumed>) = 0 [pid 5086] <... munmap resumed>) = 0 [pid 5081] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5086] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5081] <... openat resumed>) = 4 [pid 5086] <... openat resumed>) = 4 [pid 5081] ioctl(4, LOOP_SET_FD, 3 [pid 5083] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5086] ioctl(4, LOOP_SET_FD, 3 [pid 5084] <... write resumed>) = 4194304 [pid 5083] <... openat resumed>) = 4 [pid 5081] <... ioctl resumed>) = 0 [pid 5085] <... write resumed>) = 4194304 [pid 5084] munmap(0x7f753d06e000, 138412032 [pid 5083] ioctl(4, LOOP_SET_FD, 3 [pid 5081] close(3 [pid 5084] <... munmap resumed>) = 0 [pid 5083] <... ioctl resumed>) = 0 [pid 5081] <... close resumed>) = 0 [pid 5086] <... ioctl resumed>) = 0 [pid 5085] munmap(0x7f753d06e000, 138412032 [pid 5086] close(3 [pid 5081] mkdir("./bus", 0777 [pid 5088] <... write resumed>) = 4194304 [pid 5086] <... close resumed>) = 0 [pid 5085] <... munmap resumed>) = 0 [pid 5084] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5083] close(3 [pid 5088] munmap(0x7f753d06e000, 138412032 [pid 5086] mkdir("./bus", 0777 [pid 5081] <... mkdir resumed>) = 0 [pid 5081] mount("/dev/loop4", "./bus", "reiserfs", MS_RDONLY|MS_NOSUID|MS_NODEV, "barrier=none,jqfmt=vfsold,data=ordered,jdev=./bus,smackfshat=re" [pid 5086] <... mkdir resumed>) = 0 [ 58.870906][ T5081] loop4: detected capacity change from 0 to 8192 [ 58.881446][ T5086] loop5: detected capacity change from 0 to 8192 [ 58.895914][ T5083] loop1: detected capacity change from 0 to 8192 [pid 5086] mount("/dev/loop5", "./bus", "reiserfs", MS_RDONLY|MS_NOSUID|MS_NODEV, "barrier=none,jqfmt=vfsold,data=ordered,jdev=./bus,smackfshat=re" [pid 5084] <... openat resumed>) = 4 [pid 5088] <... munmap resumed>) = 0 [pid 5084] ioctl(4, LOOP_SET_FD, 3 [pid 5083] <... close resumed>) = 0 [pid 5085] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5084] <... ioctl resumed>) = 0 [pid 5085] <... openat resumed>) = 4 [pid 5084] close(3) = 0 [ 58.912858][ T5081] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 58.915082][ T5086] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 58.926624][ T5081] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 58.939712][ T5084] loop0: detected capacity change from 0 to 8192 [ 58.949106][ T5081] REISERFS (device loop4): using ordered data mode [ 58.956465][ T5085] loop2: detected capacity change from 0 to 8192 [pid 5085] ioctl(4, LOOP_SET_FD, 3 [pid 5084] mkdir("./bus", 0777 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5083] mkdir("./bus", 0777 [pid 5084] <... mkdir resumed>) = 0 [pid 5084] mount("/dev/loop0", "./bus", "reiserfs", MS_RDONLY|MS_NOSUID|MS_NODEV, "barrier=none,jqfmt=vfsold,data=ordered,jdev=./bus,smackfshat=re" [pid 5085] <... ioctl resumed>) = 0 [pid 5088] <... openat resumed>) = 4 [pid 5083] <... mkdir resumed>) = 0 [pid 5085] close(3) = 0 [pid 5085] mkdir("./bus", 0777) = 0 [pid 5085] mount("/dev/loop2", "./bus", "reiserfs", MS_RDONLY|MS_NOSUID|MS_NODEV, "barrier=none,jqfmt=vfsold,data=ordered,jdev=./bus,smackfshat=re" [pid 5088] ioctl(4, LOOP_SET_FD, 3 [ 58.964730][ T5081] REISERFS warning (device loop4): sh-457 journal_init_dev: journal_init_dev: Cannot open './bus': -15 [ 58.971919][ T5086] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 58.981058][ T5081] REISERFS warning (device loop4): sh-462 journal_init: unable to initialize journal device [ 58.998301][ T5086] REISERFS (device loop5): using ordered data mode [ 59.001598][ T5081] REISERFS warning (device loop4): sh-2022 reiserfs_fill_super: unable to initialize journal space [ 59.017047][ T5084] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 59.018783][ T5088] loop3: detected capacity change from 0 to 8192 [ 59.035649][ T5086] REISERFS warning (device loop5): sh-457 journal_init_dev: journal_init_dev: Cannot open './bus': -15 [ 59.037329][ T5083] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 59.061613][ T5084] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [pid 5083] mount("/dev/loop1", "./bus", "reiserfs", MS_RDONLY|MS_NOSUID|MS_NODEV, "barrier=none,jqfmt=vfsold,data=ordered,jdev=./bus,smackfshat=re" [pid 5088] <... ioctl resumed>) = 0 [pid 5081] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5088] close(3 [pid 5081] ioctl(4, LOOP_CLR_FD [pid 5088] <... close resumed>) = 0 [pid 5088] mkdir("./bus", 0777) = 0 [ 59.061804][ T5083] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 59.080780][ T5085] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 59.080994][ T5086] REISERFS warning (device loop5): sh-462 journal_init: unable to initialize journal device [ 59.099795][ T5085] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 59.105396][ T5084] REISERFS (device loop0): using ordered data mode [ 59.113604][ T5085] REISERFS (device loop2): using ordered data mode [ 59.126006][ T5084] REISERFS warning (device loop0): sh-457 journal_init_dev: journal_init_dev: Cannot open './bus': -15 [ 59.128735][ T5085] REISERFS warning (device loop2): sh-457 journal_init_dev: journal_init_dev: Cannot open './bus': -15 [ 59.138934][ T5083] REISERFS (device loop1): using ordered data mode [ 59.148875][ T5085] REISERFS warning (device loop2): sh-462 journal_init: unable to initialize journal device [ 59.165190][ T5088] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 59.171913][ T5083] REISERFS warning (device loop1): sh-457 journal_init_dev: journal_init_dev: Cannot open './bus': -15 [ 59.178509][ T5088] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 59.198518][ T5084] REISERFS warning (device loop0): sh-462 journal_init: unable to initialize journal device [ 59.201013][ T5086] REISERFS warning (device loop5): sh-2022 reiserfs_fill_super: unable to initialize journal space [ 59.221506][ T5084] REISERFS warning (device loop0): sh-2022 reiserfs_fill_super: unable to initialize journal space [ 59.227900][ T5085] REISERFS warning (device loop2): sh-2022 reiserfs_fill_super: unable to initialize journal space [ 59.243158][ T5088] REISERFS (device loop3): using ordered data mode [ 59.250362][ T5083] REISERFS warning (device loop1): sh-462 journal_init: unable to initialize journal device [ 59.252536][ T5088] REISERFS warning (device loop3): sh-457 journal_init_dev: journal_init_dev: Cannot open './bus': -15 [pid 5088] mount("/dev/loop3", "./bus", "reiserfs", MS_RDONLY|MS_NOSUID|MS_NODEV, "barrier=none,jqfmt=vfsold,data=ordered,jdev=./bus,smackfshat=re" [pid 5081] <... ioctl resumed>) = 0 [pid 5086] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5084] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5084] ioctl(4, LOOP_CLR_FD [pid 5081] close(4) = 0 [pid 5081] read(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 5081] openat(AT_FDCWD, "/proc/crypto", O_RDONLY) = 3 [pid 5081] read(3, "name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5081] memfd_create("syzkaller", 0) = 4 [pid 5081] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f753d06e000 [pid 5081] write(4, "\x60\x1c\x6d\x6b\x64\x20\x00\x66\x81\x7c\xe1\x00\x08\x08\x01\x00\x02\x40\x00\x40\x00\xf8\x01\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x90\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 131072 [pid 5086] ioctl(4, LOOP_CLR_FD [pid 5081] <... write resumed>) = 131072 [pid 5088] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5081] munmap(0x7f753d06e000, 138412032 [pid 5085] ioctl(4, LOOP_CLR_FD [pid 5081] <... munmap resumed>) = 0 [pid 5081] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [ 59.272386][ T5088] REISERFS warning (device loop3): sh-462 journal_init: unable to initialize journal device [ 59.286305][ T5088] REISERFS warning (device loop3): sh-2022 reiserfs_fill_super: unable to initialize journal space [ 59.288544][ T5083] REISERFS warning (device loop1): sh-2022 reiserfs_fill_super: unable to initialize journal space [pid 5081] ioctl(5, LOOP_SET_FD, 4 [pid 5088] ioctl(4, LOOP_CLR_FD [pid 5083] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5081] <... ioctl resumed>) = 0 [pid 5084] <... ioctl resumed>) = 0 [pid 5081] close(4) = 0 [pid 5081] mkdir("./file0", 0777 [pid 5084] close(4 [pid 5083] ioctl(4, LOOP_CLR_FD [pid 5081] <... mkdir resumed>) = 0 [pid 5081] mount("/dev/loop4", "./file0", "vfat", 0, "nonumtail=0,quiet,uni_xlate=1,uni_xlate=1,nonumtail=1,fmask=01777777777777777777777,utf8=1,rodir,utf"... [pid 5084] <... close resumed>) = 0 [pid 5084] read(-1, [pid 5081] <... mount resumed>) = 0 [pid 5081] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5084] <... read resumed>NULL, 0) = -1 EBADF (Bad file descriptor) [pid 5081] <... openat resumed>) = 4 [pid 5084] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5081] chdir("./file0") = 0 [pid 5081] ioctl(5, LOOP_CLR_FD) = 0 [pid 5081] close(5 [pid 5084] <... openat resumed>) = 3 [pid 5081] <... close resumed>) = 0 [pid 5081] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5084] read(3, "name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5081] <... openat resumed>) = 5 [pid 5081] read(5, "name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [ 59.334668][ T5081] loop4: detected capacity change from 0 to 256 [pid 5081] read(5, "name : __xts(aes)\ndriver : __xts-aes-aesni\nmodule : kernel\npriority : 401\nre"..., 8224) = 3922 [pid 5081] creat("./bus", 000 [pid 5084] memfd_create("syzkaller", 0 [pid 5081] <... creat resumed>) = 6 [pid 5086] <... ioctl resumed>) = 0 [pid 5084] <... memfd_create resumed>) = 4 [pid 5081] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5084] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f753d06e000 [pid 5081] <... mount resumed>) = 0 [pid 5081] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 5086] close(4 [pid 5081] <... open resumed>) = 7 [pid 5086] <... close resumed>) = 0 [pid 5081] pwritev2(7, [{iov_base="\x85\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=2244608}, {iov_base=0x20797469726f6972, iov_len=3473436646628663328}], 2, 5120, RWF_DSYNC [pid 5086] read(-1, [pid 5081] <... pwritev2 resumed>) = -1 ENOSPC (No space left on device) [pid 5086] <... read resumed>NULL, 0) = -1 EBADF (Bad file descriptor) [pid 5081] exit_group(0 [pid 5086] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5081] <... exit_group resumed>) = ? [pid 5086] <... openat resumed>) = 3 [pid 5081] +++ exited with 0 +++ [pid 5086] read(3, "name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5086] memfd_create("syzkaller", 0) = 4 [pid 5086] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f753d06e000 [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5081, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=21 /* 0.21 s */} --- [pid 5086] write(4, "\x60\x1c\x6d\x6b\x64\x20\x00\x66\x81\x7c\xe1\x00\x08\x08\x01\x00\x02\x40\x00\x40\x00\xf8\x01\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x90\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 131072 [pid 5084] write(4, "\x60\x1c\x6d\x6b\x64\x20\x00\x66\x81\x7c\xe1\x00\x08\x08\x01\x00\x02\x40\x00\x40\x00\xf8\x01\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x90\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 131072 [pid 5085] <... ioctl resumed>) = 0 [pid 5085] close(4) = 0 [pid 5085] read(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 5085] openat(AT_FDCWD, "/proc/crypto", O_RDONLY) = 3 [pid 5064] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] read(3, "name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5084] <... write resumed>) = 131072 [pid 5064] <... openat resumed>) = 3 [pid 5085] memfd_create("syzkaller", 0 [pid 5064] newfstatat(3, "", [pid 5085] <... memfd_create resumed>) = 4 [pid 5064] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f753d06e000 [pid 5064] getdents64(3, [pid 5086] <... write resumed>) = 131072 [pid 5064] <... getdents64 resumed>0x5555565f46f0 /* 5 entries */, 32768) = 136 [pid 5085] write(4, "\x60\x1c\x6d\x6b\x64\x20\x00\x66\x81\x7c\xe1\x00\x08\x08\x01\x00\x02\x40\x00\x40\x00\xf8\x01\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x90\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 131072 [pid 5084] munmap(0x7f753d06e000, 138412032 [pid 5064] umount2("./1/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5084] <... munmap resumed>) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] newfstatat(AT_FDCWD, "./1/bus", [pid 5084] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 5064] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] munmap(0x7f753d06e000, 138412032) = 0 [pid 5085] <... write resumed>) = 131072 [pid 5084] ioctl(5, LOOP_SET_FD, 4 [pid 5064] umount2("./1/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5086] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 5 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] ioctl(5, LOOP_SET_FD, 4 [pid 5064] openat(AT_FDCWD, "./1/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] <... ioctl resumed>) = 0 [pid 5064] <... openat resumed>) = 4 [pid 5085] munmap(0x7f753d06e000, 138412032) = 0 [pid 5085] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 5085] ioctl(5, LOOP_SET_FD, 4 [pid 5083] <... ioctl resumed>) = 0 [pid 5064] newfstatat(4, "", [pid 5083] close(4 [pid 5064] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5083] <... close resumed>) = 0 [pid 5083] read(-1, [pid 5064] getdents64(4, [pid 5086] close(4) = 0 [pid 5086] mkdir("./file0", 0777) = 0 [pid 5083] <... read resumed>NULL, 0) = -1 EBADF (Bad file descriptor) [pid 5064] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5083] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5064] getdents64(4, [pid 5086] mount("/dev/loop5", "./file0", "vfat", 0, "nonumtail=0,quiet,uni_xlate=1,uni_xlate=1,nonumtail=1,fmask=01777777777777777777777,utf8=1,rodir,utf"... [pid 5064] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5083] <... openat resumed>) = 3 [pid 5064] close(4) = 0 [pid 5064] rmdir("./1/bus" [pid 5085] <... ioctl resumed>) = 0 [pid 5086] <... mount resumed>) = 0 [pid 5086] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 4 [pid 5064] <... rmdir resumed>) = 0 [pid 5086] chdir("./file0") = 0 [pid 5086] ioctl(5, LOOP_CLR_FD) = 0 [pid 5086] close(5) = 0 [pid 5086] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5085] close(4 [pid 5086] <... openat resumed>) = 5 [pid 5085] <... close resumed>) = 0 [pid 5086] read(5, [pid 5085] mkdir("./file0", 0777 [pid 5088] <... ioctl resumed>) = 0 [pid 5086] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5085] <... mkdir resumed>) = 0 [pid 5083] read(3, [pid 5064] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5084] <... ioctl resumed>) = 0 [pid 5088] close(4 [pid 5086] read(5, [pid 5085] mount("/dev/loop2", "./file0", "vfat", 0, "nonumtail=0,quiet,uni_xlate=1,uni_xlate=1,nonumtail=1,fmask=01777777777777777777777,utf8=1,rodir,utf"... [pid 5084] close(4 [pid 5083] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] <... close resumed>) = 0 [pid 5086] <... read resumed>"name : __xts(aes)\ndriver : __xts-aes-aesni\nmodule : kernel\npriority : 401\nre"..., 8224) = 3922 [pid 5085] <... mount resumed>) = 0 [pid 5084] <... close resumed>) = 0 [pid 5088] read(-1, [pid 5086] creat("./bus", 000 [pid 5085] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5084] mkdir("./file0", 0777 [pid 5083] memfd_create("syzkaller", 0 [pid 5064] newfstatat(AT_FDCWD, "./1/binderfs", [pid 5088] <... read resumed>NULL, 0) = -1 EBADF (Bad file descriptor) [pid 5086] <... creat resumed>) = 6 [pid 5085] <... openat resumed>) = 4 [pid 5088] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [ 59.466318][ T5086] loop5: detected capacity change from 0 to 256 [ 59.467994][ T5084] loop0: detected capacity change from 0 to 256 [ 59.477511][ T5085] loop2: detected capacity change from 0 to 256 [pid 5086] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5085] chdir("./file0" [pid 5084] <... mkdir resumed>) = 0 [pid 5083] <... memfd_create resumed>) = 4 [pid 5064] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] <... chdir resumed>) = 0 [pid 5083] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5064] unlink("./1/binderfs" [pid 5085] ioctl(5, LOOP_CLR_FD [pid 5088] <... openat resumed>) = 3 [pid 5086] <... mount resumed>) = 0 [pid 5085] <... ioctl resumed>) = 0 [pid 5064] <... unlink resumed>) = 0 [pid 5084] mount("/dev/loop0", "./file0", "vfat", 0, "nonumtail=0,quiet,uni_xlate=1,uni_xlate=1,nonumtail=1,fmask=01777777777777777777777,utf8=1,rodir,utf"... [pid 5085] close(5 [pid 5083] <... mmap resumed>) = 0x7f753d06e000 [pid 5064] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5085] <... close resumed>) = 0 [pid 5085] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5086] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 5085] <... openat resumed>) = 5 [pid 5086] <... open resumed>) = 7 [pid 5085] read(5, [pid 5086] pwritev2(7, [{iov_base="\x85\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=2244608}, {iov_base=0x20797469726f6972, iov_len=3473436646628663328}], 2, 5120, RWF_DSYNC [pid 5085] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5083] write(4, "\x60\x1c\x6d\x6b\x64\x20\x00\x66\x81\x7c\xe1\x00\x08\x08\x01\x00\x02\x40\x00\x40\x00\xf8\x01\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x90\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 131072 [pid 5085] read(5, "name : __xts(aes)\ndriver : __xts-aes-aesni\nmodule : kernel\npriority : 401\nre"..., 8224) = 3922 [pid 5088] read(3, [pid 5085] creat("./bus", 000 [pid 5083] <... write resumed>) = 131072 [pid 5085] <... creat resumed>) = 6 [pid 5084] <... mount resumed>) = 0 [pid 5085] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5084] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5085] <... mount resumed>) = 0 [pid 5084] <... openat resumed>) = 4 [pid 5085] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 5086] <... pwritev2 resumed>) = 125952 [pid 5085] <... open resumed>) = 7 [pid 5086] exit_group(0 [pid 5085] pwritev2(7, [{iov_base="\x85\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=2244608}, {iov_base=0x20797469726f6972, iov_len=3473436646628663328}], 2, 5120, RWF_DSYNC [pid 5088] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5086] <... exit_group resumed>) = ? [pid 5088] memfd_create("syzkaller", 0 [pid 5086] +++ exited with 0 +++ [pid 5084] chdir("./file0" [pid 5083] munmap(0x7f753d06e000, 138412032 [pid 5064] <... umount2 resumed>) = 0 [pid 5088] <... memfd_create resumed>) = 4 [pid 5084] <... chdir resumed>) = 0 [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5086, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5088] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5085] <... pwritev2 resumed>) = 125952 [pid 5088] <... mmap resumed>) = 0x7f753d06e000 [pid 5085] exit_group(0 [pid 5083] <... munmap resumed>) = 0 [pid 5085] <... exit_group resumed>) = ? [pid 5088] write(4, "\x60\x1c\x6d\x6b\x64\x20\x00\x66\x81\x7c\xe1\x00\x08\x08\x01\x00\x02\x40\x00\x40\x00\xf8\x01\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x90\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 131072 [pid 5084] ioctl(5, LOOP_CLR_FD [pid 5083] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5064] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5085] +++ exited with 0 +++ [pid 5065] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5062] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5085, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=22 /* 0.22 s */} --- [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5062] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] newfstatat(AT_FDCWD, "./1/file0", [pid 5065] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5062] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5062] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5084] <... ioctl resumed>) = 0 [pid 5083] <... openat resumed>) = 5 [pid 5065] <... openat resumed>) = 3 [pid 5064] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5062] <... openat resumed>) = 3 [pid 5065] newfstatat(3, "", [pid 5064] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5062] newfstatat(3, "", [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] getdents64(3, [pid 5064] openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5083] ioctl(5, LOOP_SET_FD, 4 [pid 5064] <... openat resumed>) = 4 [pid 5088] <... write resumed>) = 131072 [pid 5084] close(5) = 0 [pid 5065] <... getdents64 resumed>0x5555565f46f0 /* 5 entries */, 32768) = 136 [pid 5064] newfstatat(4, "", [pid 5088] munmap(0x7f753d06e000, 138412032 [pid 5084] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5065] umount2("./1/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5062] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5083] <... ioctl resumed>) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] getdents64(4, [pid 5062] getdents64(3, [pid 5084] <... openat resumed>) = 5 [pid 5064] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5084] read(5, "name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5065] newfstatat(AT_FDCWD, "./1/bus", [pid 5062] <... getdents64 resumed>0x5555565f46f0 /* 5 entries */, 32768) = 136 [pid 5088] <... munmap resumed>) = 0 [pid 5084] read(5, [pid 5083] close(4 [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5064] getdents64(4, [pid 5062] umount2("./1/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5084] <... read resumed>"name : __xts(aes)\ndriver : __xts-aes-aesni\nmodule : kernel\npriority : 401\nre"..., 8224) = 3922 [pid 5084] creat("./bus", 000 [pid 5083] <... close resumed>) = 0 [pid 5064] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5062] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5083] mkdir("./file0", 0777 [pid 5064] close(4 [pid 5062] newfstatat(AT_FDCWD, "./1/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5064] <... close resumed>) = 0 [pid 5064] rmdir("./1/file0" [pid 5083] <... mkdir resumed>) = 0 [pid 5064] <... rmdir resumed>) = 0 [pid 5064] getdents64(3, [pid 5062] umount2("./1/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5084] <... creat resumed>) = -1 ENOSPC (No space left on device) [pid 5083] mount("/dev/loop1", "./file0", "vfat", 0, "nonumtail=0,quiet,uni_xlate=1,uni_xlate=1,nonumtail=1,fmask=01777777777777777777777,utf8=1,rodir,utf"... [pid 5065] umount2("./1/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5062] openat(AT_FDCWD, "./1/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] <... getdents64 resumed>0x5555565f46f0 /* 0 entries */, 32768) = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5062] <... openat resumed>) = 4 [pid 5064] close(3 [pid 5062] newfstatat(4, "", [pid 5088] <... openat resumed>) = 5 [pid 5084] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5065] openat(AT_FDCWD, "./1/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] <... close resumed>) = 0 [pid 5088] ioctl(5, LOOP_SET_FD, 4 [pid 5084] <... mount resumed>) = -1 ENOENT (No such file or directory) [pid 5065] <... openat resumed>) = 4 [pid 5064] rmdir("./1" [pid 5062] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5064] <... rmdir resumed>) = 0 [pid 5084] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 5065] newfstatat(4, "", [pid 5062] getdents64(4, 0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5062] getdents64(4, [pid 5065] getdents64(4, [pid 5062] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5065] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5062] close(4) = 0 [pid 5065] getdents64(4, [pid 5062] rmdir("./1/bus" [pid 5083] <... mount resumed>) = 0 [pid 5062] <... rmdir resumed>) = 0 [pid 5088] <... ioctl resumed>) = 0 [pid 5084] <... open resumed>) = -1 ENOSPC (No space left on device) [pid 5083] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5065] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5064] mkdir("./2", 0777 [pid 5062] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5088] close(4 [pid 5084] pwritev2(-1, [{iov_base="\x85\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=2244608}, {iov_base=0x20797469726f6972, iov_len=3473436646628663328}], 2, 5120, RWF_DSYNC [pid 5088] <... close resumed>) = 0 [pid 5084] <... pwritev2 resumed>) = -1 EBADF (Bad file descriptor) [pid 5088] mkdir("./file0", 0777) = 0 [pid 5084] exit_group(0 [pid 5083] <... openat resumed>) = 4 [pid 5065] close(4 [pid 5064] <... mkdir resumed>) = 0 [pid 5062] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] mount("/dev/loop3", "./file0", "vfat", 0, "nonumtail=0,quiet,uni_xlate=1,uni_xlate=1,nonumtail=1,fmask=01777777777777777777777,utf8=1,rodir,utf"... [pid 5084] <... exit_group resumed>) = ? [pid 5083] chdir("./file0" [pid 5065] <... close resumed>) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5062] newfstatat(AT_FDCWD, "./1/binderfs", [pid 5088] <... mount resumed>) = 0 [pid 5088] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5083] <... chdir resumed>) = 0 [pid 5065] rmdir("./1/bus" [pid 5062] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] <... openat resumed>) = 4 [pid 5088] chdir("./file0" [pid 5084] +++ exited with 0 +++ [pid 5083] ioctl(5, LOOP_CLR_FD [pid 5065] <... rmdir resumed>) = 0 [pid 5064] <... openat resumed>) = 3 [pid 5062] unlink("./1/binderfs" [pid 5083] <... ioctl resumed>) = 0 [pid 5065] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] ioctl(3, LOOP_CLR_FD [pid 5088] <... chdir resumed>) = 0 [pid 5083] close(5 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5062] <... unlink resumed>) = 0 [pid 5088] ioctl(5, LOOP_CLR_FD [pid 5083] <... close resumed>) = 0 [pid 5065] newfstatat(AT_FDCWD, "./1/binderfs", [pid 5064] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5088] <... ioctl resumed>) = 0 [ 59.566582][ T5083] loop1: detected capacity change from 0 to 256 [ 59.591307][ T5088] loop3: detected capacity change from 0 to 256 [pid 5083] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5065] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5064] close(3 [pid 5062] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5060] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5084, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=19 /* 0.19 s */} --- [pid 5088] close(5 [pid 5083] <... openat resumed>) = 5 [pid 5065] unlink("./1/binderfs" [pid 5064] <... close resumed>) = 0 [pid 5088] <... close resumed>) = 0 [pid 5083] read(5, [pid 5065] <... unlink resumed>) = 0 [pid 5060] restart_syscall(<... resuming interrupted clone ...> [pid 5088] openat(AT_FDCWD, "/proc/crypto", O_RDONLY) = 5 [pid 5060] <... restart_syscall resumed>) = 0 [pid 5088] read(5, [pid 5083] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5065] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5088] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5083] read(5, [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5088] read(5, "name : __xts(aes)\ndriver : __xts-aes-aesni\nmodule : kernel\npriority : 401\nre"..., 8224) = 3922 [pid 5088] creat("./bus", 000 [pid 5083] <... read resumed>"name : __xts(aes)\ndriver : __xts-aes-aesni\nmodule : kernel\npriority : 401\nre"..., 8224) = 3922 [pid 5088] <... creat resumed>) = 6 [pid 5060] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5088] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL./strace-static-x86_64: Process 5096 attached ) = 0 [pid 5083] creat("./bus", 000 [pid 5060] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5096] set_robust_list(0x5555565f3660, 24 [pid 5088] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 5065] <... umount2 resumed>) = 0 [pid 5060] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5096] <... set_robust_list resumed>) = 0 [pid 5088] <... open resumed>) = 7 [pid 5083] <... creat resumed>) = 6 [pid 5064] <... clone resumed>, child_tidptr=0x5555565f3650) = 5096 [pid 5088] pwritev2(7, [{iov_base="\x85\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=2244608}, {iov_base=0x20797469726f6972, iov_len=3473436646628663328}], 2, 5120, RWF_DSYNC [pid 5060] <... openat resumed>) = 3 [pid 5096] chdir("./2" [pid 5083] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5096] <... chdir resumed>) = 0 [pid 5060] newfstatat(3, "", [pid 5096] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5088] <... pwritev2 resumed>) = 125952 [pid 5083] <... mount resumed>) = 0 [pid 5065] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5060] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5096] <... prctl resumed>) = 0 [pid 5088] exit_group(0 [pid 5083] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5062] <... umount2 resumed>) = 0 [pid 5060] getdents64(3, [pid 5096] setpgid(0, 0 [pid 5088] <... exit_group resumed>) = ? [pid 5065] newfstatat(AT_FDCWD, "./1/file0", [pid 5096] <... setpgid resumed>) = 0 [pid 5088] +++ exited with 0 +++ [pid 5083] <... open resumed>) = 7 [pid 5062] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5088, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=21 /* 0.21 s */} --- [pid 5060] <... getdents64 resumed>0x5555565f46f0 /* 5 entries */, 32768) = 136 [pid 5096] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5083] pwritev2(7, [{iov_base="\x85\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=2244608}, {iov_base=0x20797469726f6972, iov_len=3473436646628663328}], 2, 5120, RWF_DSYNC [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5062] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5060] umount2("./1/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5062] newfstatat(AT_FDCWD, "./1/file0", [pid 5065] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5060] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5062] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5060] newfstatat(AT_FDCWD, "./1/bus", [pid 5096] <... openat resumed>) = 3 [pid 5065] <... openat resumed>) = 4 [pid 5096] write(3, "1000", 4 [pid 5065] newfstatat(4, "", [pid 5062] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5060] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5096] <... write resumed>) = 4 [pid 5062] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5060] umount2("./1/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5096] close(3 [pid 5063] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5062] openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5096] <... close resumed>) = 0 [pid 5083] <... pwritev2 resumed>) = 125952 [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5060] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5096] symlink("/dev/binderfs", "./binderfs" [pid 5083] exit_group(0 [pid 5065] getdents64(4, [pid 5063] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5062] <... openat resumed>) = 4 [pid 5060] openat(AT_FDCWD, "./1/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5096] <... symlink resumed>) = 0 [pid 5083] <... exit_group resumed>) = ? [pid 5065] getdents64(4, [pid 5063] <... openat resumed>) = 3 [pid 5062] newfstatat(4, "", [pid 5060] <... openat resumed>) = 4 [pid 5065] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5063] newfstatat(3, "", [pid 5060] newfstatat(4, "", [pid 5062] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5060] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5062] getdents64(4, [pid 5060] getdents64(4, [pid 5065] close(4 [pid 5063] getdents64(3, [pid 5062] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5065] <... close resumed>) = 0 [pid 5063] <... getdents64 resumed>0x5555565f46f0 /* 5 entries */, 32768) = 136 [pid 5062] getdents64(4, [pid 5060] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5096] memfd_create("syzkaller", 0 [pid 5065] rmdir("./1/file0" [pid 5062] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5096] <... memfd_create resumed>) = 3 [pid 5083] +++ exited with 0 +++ [pid 5065] <... rmdir resumed>) = 0 [pid 5063] umount2("./1/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5062] close(4 [pid 5060] getdents64(4, [pid 5096] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5063] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5062] <... close resumed>) = 0 [pid 5096] <... mmap resumed>) = 0x7f753d06e000 [pid 5065] getdents64(3, [pid 5063] newfstatat(AT_FDCWD, "./1/bus", [pid 5062] rmdir("./1/file0" [pid 5061] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5083, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=17 /* 0.17 s */} --- [pid 5060] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5065] <... getdents64 resumed>0x5555565f46f0 /* 0 entries */, 32768) = 0 [pid 5061] restart_syscall(<... resuming interrupted clone ...> [pid 5065] close(3 [pid 5061] <... restart_syscall resumed>) = 0 [pid 5062] <... rmdir resumed>) = 0 [pid 5062] getdents64(3, [pid 5060] close(4 [pid 5065] <... close resumed>) = 0 [pid 5063] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5062] <... getdents64 resumed>0x5555565f46f0 /* 0 entries */, 32768) = 0 [pid 5061] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] rmdir("./1" [pid 5062] close(3 [pid 5061] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5060] <... close resumed>) = 0 [pid 5065] <... rmdir resumed>) = 0 [pid 5063] umount2("./1/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5062] <... close resumed>) = 0 [pid 5061] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5062] rmdir("./1" [pid 5061] <... openat resumed>) = 3 [pid 5060] rmdir("./1/bus" [pid 5061] newfstatat(3, "", [pid 5065] mkdir("./2", 0777 [pid 5062] <... rmdir resumed>) = 0 [pid 5061] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] <... mkdir resumed>) = 0 [pid 5063] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5062] mkdir("./2", 0777 [pid 5061] getdents64(3, [pid 5060] <... rmdir resumed>) = 0 [pid 5063] openat(AT_FDCWD, "./1/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5061] <... getdents64 resumed>0x5555565f46f0 /* 5 entries */, 32768) = 136 [pid 5062] <... mkdir resumed>) = 0 [pid 5061] umount2("./1/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5060] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5063] <... openat resumed>) = 4 [pid 5061] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5063] newfstatat(4, "", [pid 5062] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5061] newfstatat(AT_FDCWD, "./1/bus", [pid 5060] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... openat resumed>) = 3 [pid 5063] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5062] <... openat resumed>) = 3 [pid 5061] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] ioctl(3, LOOP_CLR_FD [pid 5063] getdents64(4, [pid 5062] ioctl(3, LOOP_CLR_FD [pid 5061] umount2("./1/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5060] newfstatat(AT_FDCWD, "./1/binderfs", [pid 5065] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5063] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5062] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5061] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] close(3 [pid 5063] getdents64(4, [pid 5062] close(3 [pid 5061] openat(AT_FDCWD, "./1/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5060] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] <... close resumed>) = 0 [pid 5063] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5062] <... close resumed>) = 0 [pid 5061] <... openat resumed>) = 4 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5062] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5061] newfstatat(4, "", [pid 5060] unlink("./1/binderfs" [pid 5061] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5061] getdents64(4, 0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5062] <... clone resumed>, child_tidptr=0x5555565f3650) = 5097 [pid 5060] <... unlink resumed>) = 0 ./strace-static-x86_64: Process 5097 attached [pid 5061] getdents64(4, 0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5060] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5097] set_robust_list(0x5555565f3660, 24 [pid 5061] close(4) = 0 [pid 5061] rmdir("./1/bus") = 0 [pid 5061] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5097] <... set_robust_list resumed>) = 0 [pid 5061] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5098 attached [pid 5097] chdir("./2" [pid 5065] <... clone resumed>, child_tidptr=0x5555565f3650) = 5098 [pid 5061] newfstatat(AT_FDCWD, "./1/binderfs", [pid 5098] set_robust_list(0x5555565f3660, 24 [pid 5061] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5098] <... set_robust_list resumed>) = 0 [pid 5061] unlink("./1/binderfs" [pid 5098] chdir("./2" [pid 5061] <... unlink resumed>) = 0 [pid 5063] close(4 [pid 5061] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5098] <... chdir resumed>) = 0 [pid 5097] <... chdir resumed>) = 0 [pid 5063] <... close resumed>) = 0 [pid 5098] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5097] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5063] rmdir("./1/bus" [pid 5060] <... umount2 resumed>) = 0 [pid 5097] setpgid(0, 0 [pid 5098] setpgid(0, 0) = 0 [pid 5098] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5097] <... setpgid resumed>) = 0 [pid 5060] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5097] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5060] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5098] <... openat resumed>) = 3 [pid 5097] <... openat resumed>) = 3 [pid 5063] <... rmdir resumed>) = 0 [pid 5098] write(3, "1000", 4 [pid 5097] write(3, "1000", 4 [pid 5063] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5061] <... umount2 resumed>) = 0 [pid 5060] newfstatat(AT_FDCWD, "./1/file0", [pid 5098] <... write resumed>) = 4 [pid 5063] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5098] close(3 [pid 5063] newfstatat(AT_FDCWD, "./1/binderfs", [pid 5098] <... close resumed>) = 0 [pid 5097] <... write resumed>) = 4 [pid 5063] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5060] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5097] close(3 [pid 5061] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5060] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5097] <... close resumed>) = 0 [pid 5061] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5097] symlink("/dev/binderfs", "./binderfs" [pid 5060] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5098] symlink("/dev/binderfs", "./binderfs" [pid 5063] unlink("./1/binderfs" [pid 5098] <... symlink resumed>) = 0 [pid 5063] <... unlink resumed>) = 0 [pid 5098] memfd_create("syzkaller", 0 [pid 5063] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5060] openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5098] <... memfd_create resumed>) = 3 [pid 5098] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5097] <... symlink resumed>) = 0 [pid 5061] newfstatat(AT_FDCWD, "./1/file0", [pid 5060] <... openat resumed>) = 4 [pid 5098] <... mmap resumed>) = 0x7f753d06e000 [pid 5061] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5060] newfstatat(4, "", [pid 5097] memfd_create("syzkaller", 0 [pid 5061] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5097] <... memfd_create resumed>) = 3 [pid 5096] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5061] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5060] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5097] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5061] openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5060] getdents64(4, [pid 5097] <... mmap resumed>) = 0x7f753d06e000 [pid 5061] <... openat resumed>) = 4 [pid 5060] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5060] getdents64(4, [pid 5063] <... umount2 resumed>) = 0 [pid 5061] newfstatat(4, "", [pid 5060] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5063] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5061] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5060] close(4 [pid 5061] getdents64(4, [pid 5060] <... close resumed>) = 0 [pid 5063] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5061] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5060] rmdir("./1/file0" [pid 5061] getdents64(4, [pid 5063] newfstatat(AT_FDCWD, "./1/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5061] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5060] <... rmdir resumed>) = 0 [pid 5063] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5061] close(4 [pid 5063] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5060] getdents64(3, [pid 5063] openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5061] <... close resumed>) = 0 [pid 5060] <... getdents64 resumed>0x5555565f46f0 /* 0 entries */, 32768) = 0 [pid 5061] rmdir("./1/file0" [pid 5063] <... openat resumed>) = 4 [pid 5061] <... rmdir resumed>) = 0 [pid 5060] close(3 [pid 5061] getdents64(3, [pid 5060] <... close resumed>) = 0 [pid 5063] newfstatat(4, "", [pid 5061] <... getdents64 resumed>0x5555565f46f0 /* 0 entries */, 32768) = 0 [pid 5060] rmdir("./1" [pid 5061] close(3 [pid 5063] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5061] <... close resumed>) = 0 [pid 5063] getdents64(4, 0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5061] rmdir("./1" [pid 5060] <... rmdir resumed>) = 0 [pid 5063] getdents64(4, 0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5061] <... rmdir resumed>) = 0 [pid 5060] mkdir("./2", 0777 [pid 5061] mkdir("./2", 0777 [pid 5063] close(4) = 0 [pid 5060] <... mkdir resumed>) = 0 [pid 5063] rmdir("./1/file0") = 0 [pid 5063] getdents64(3, 0x5555565f46f0 /* 0 entries */, 32768) = 0 [pid 5061] <... mkdir resumed>) = 0 [pid 5060] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5063] close(3) = 0 [pid 5061] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5060] <... openat resumed>) = 3 [pid 5063] rmdir("./1" [pid 5060] ioctl(3, LOOP_CLR_FD [pid 5061] <... openat resumed>) = 3 [pid 5063] <... rmdir resumed>) = 0 [pid 5061] ioctl(3, LOOP_CLR_FD [pid 5060] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5063] mkdir("./2", 0777 [pid 5061] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5060] close(3) = 0 [pid 5061] close(3 [pid 5060] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5063] <... mkdir resumed>) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD [pid 5061] <... close resumed>) = 0 [pid 5063] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5061] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5060] <... clone resumed>, child_tidptr=0x5555565f3650) = 5099 ./strace-static-x86_64: Process 5099 attached [pid 5063] close(3 [pid 5099] set_robust_list(0x5555565f3660, 24 [pid 5063] <... close resumed>) = 0 [pid 5099] <... set_robust_list resumed>) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5100 attached [pid 5099] chdir("./2"./strace-static-x86_64: Process 5101 attached ) = 0 [pid 5061] <... clone resumed>, child_tidptr=0x5555565f3650) = 5100 [pid 5101] set_robust_list(0x5555565f3660, 24 [pid 5100] set_robust_list(0x5555565f3660, 24 [pid 5099] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5100] <... set_robust_list resumed>) = 0 [pid 5100] chdir("./2" [pid 5063] <... clone resumed>, child_tidptr=0x5555565f3650) = 5101 [pid 5099] <... prctl resumed>) = 0 [pid 5101] <... set_robust_list resumed>) = 0 [pid 5099] setpgid(0, 0 [pid 5101] chdir("./2" [pid 5099] <... setpgid resumed>) = 0 [pid 5099] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5101] <... chdir resumed>) = 0 [pid 5099] write(3, "1000", 4) = 4 [pid 5101] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5099] close(3 [pid 5101] <... prctl resumed>) = 0 [pid 5099] <... close resumed>) = 0 [pid 5101] setpgid(0, 0 [pid 5099] symlink("/dev/binderfs", "./binderfs" [pid 5101] <... setpgid resumed>) = 0 [pid 5099] <... symlink resumed>) = 0 [pid 5101] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5100] <... chdir resumed>) = 0 [pid 5099] memfd_create("syzkaller", 0 [pid 5100] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5101] <... openat resumed>) = 3 [pid 5100] setpgid(0, 0 [pid 5099] <... memfd_create resumed>) = 3 [pid 5101] write(3, "1000", 4 [pid 5100] <... setpgid resumed>) = 0 [pid 5099] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5097] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5100] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5099] <... mmap resumed>) = 0x7f753d06e000 [pid 5101] <... write resumed>) = 4 [pid 5100] <... openat resumed>) = 3 [pid 5101] close(3) = 0 [pid 5101] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5100] write(3, "1000", 4) = 4 [pid 5101] memfd_create("syzkaller", 0) = 3 [pid 5101] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5100] close(3 [pid 5101] <... mmap resumed>) = 0x7f753d06e000 [pid 5100] <... close resumed>) = 0 [pid 5100] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5098] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5100] memfd_create("syzkaller", 0) = 3 [pid 5100] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f753d06e000 [pid 5096] <... write resumed>) = 4194304 [pid 5096] munmap(0x7f753d06e000, 138412032) = 0 [pid 5096] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5096] ioctl(4, LOOP_SET_FD, 3 [pid 5099] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5101] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5097] <... write resumed>) = 4194304 [pid 5096] <... ioctl resumed>) = 0 [pid 5096] close(3) = 0 [pid 5096] mkdir("./bus", 0777) = 0 [pid 5097] munmap(0x7f753d06e000, 138412032 [pid 5100] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5097] <... munmap resumed>) = 0 [pid 5096] mount("/dev/loop4", "./bus", "reiserfs", MS_RDONLY|MS_NOSUID|MS_NODEV, "barrier=none,jqfmt=vfsold,data=ordered,jdev=./bus,smackfshat=re" [pid 5097] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 60.000779][ T5096] loop4: detected capacity change from 0 to 8192 [pid 5097] ioctl(4, LOOP_SET_FD, 3 [pid 5098] <... write resumed>) = 4194304 [pid 5097] <... ioctl resumed>) = 0 [pid 5098] munmap(0x7f753d06e000, 138412032) = 0 [pid 5098] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5097] close(3) = 0 [pid 5097] mkdir("./bus", 0777 [pid 5098] <... openat resumed>) = 4 [pid 5097] <... mkdir resumed>) = 0 [pid 5098] ioctl(4, LOOP_SET_FD, 3 [ 60.057716][ T5097] loop2: detected capacity change from 0 to 8192 [ 60.058156][ T5096] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5097] mount("/dev/loop2", "./bus", "reiserfs", MS_RDONLY|MS_NOSUID|MS_NODEV, "barrier=none,jqfmt=vfsold,data=ordered,jdev=./bus,smackfshat=re" [pid 5098] <... ioctl resumed>) = 0 [pid 5098] close(3 [pid 5100] <... write resumed>) = 4194304 [pid 5098] <... close resumed>) = 0 [pid 5100] munmap(0x7f753d06e000, 138412032 [pid 5098] mkdir("./bus", 0777 [pid 5100] <... munmap resumed>) = 0 [pid 5098] <... mkdir resumed>) = 0 [pid 5100] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [ 60.105973][ T5098] loop5: detected capacity change from 0 to 8192 [ 60.122207][ T5096] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 60.135310][ T5097] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 60.138094][ T5100] loop1: detected capacity change from 0 to 8192 [pid 5100] ioctl(4, LOOP_SET_FD, 3 [pid 5098] mount("/dev/loop5", "./bus", "reiserfs", MS_RDONLY|MS_NOSUID|MS_NODEV, "barrier=none,jqfmt=vfsold,data=ordered,jdev=./bus,smackfshat=re" [pid 5099] <... write resumed>) = 4194304 [pid 5099] munmap(0x7f753d06e000, 138412032 [pid 5101] <... write resumed>) = 4194304 [pid 5100] <... ioctl resumed>) = 0 [pid 5099] <... munmap resumed>) = 0 [ 60.148930][ T5097] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 60.164867][ T5097] REISERFS (device loop2): using ordered data mode [ 60.174099][ T5097] REISERFS warning (device loop2): sh-457 journal_init_dev: journal_init_dev: Cannot open './bus': -15 [ 60.179848][ T5096] REISERFS (device loop4): using ordered data mode [ 60.187665][ T5097] REISERFS warning (device loop2): sh-462 journal_init: unable to initialize journal device [pid 5101] munmap(0x7f753d06e000, 138412032 [pid 5100] close(3 [pid 5099] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5101] <... munmap resumed>) = 0 [pid 5100] <... close resumed>) = 0 [pid 5099] <... openat resumed>) = 4 [pid 5097] <... mount resumed>) = -1 EINVAL (Invalid argument) [ 60.194621][ T5096] REISERFS warning (device loop4): sh-457 journal_init_dev: journal_init_dev: Cannot open './bus': -15 [ 60.205664][ T5097] REISERFS warning (device loop2): sh-2022 reiserfs_fill_super: unable to initialize journal space [ 60.213850][ T5096] REISERFS warning (device loop4): sh-462 journal_init: unable to initialize journal device [ 60.234336][ T5098] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 60.234752][ T5099] loop0: detected capacity change from 0 to 8192 [pid 5101] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5100] mkdir("./bus", 0777 [pid 5099] ioctl(4, LOOP_SET_FD, 3 [pid 5097] ioctl(4, LOOP_CLR_FD [pid 5101] <... openat resumed>) = 4 [pid 5100] <... mkdir resumed>) = 0 [ 60.248163][ T5101] loop3: detected capacity change from 0 to 8192 [ 60.256427][ T5096] REISERFS warning (device loop4): sh-2022 reiserfs_fill_super: unable to initialize journal space [ 60.271975][ T5098] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 60.286002][ T5098] REISERFS (device loop5): using ordered data mode [ 60.287588][ T5099] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5101] ioctl(4, LOOP_SET_FD, 3 [pid 5100] mount("/dev/loop1", "./bus", "reiserfs", MS_RDONLY|MS_NOSUID|MS_NODEV, "barrier=none,jqfmt=vfsold,data=ordered,jdev=./bus,smackfshat=re" [pid 5099] <... ioctl resumed>) = 0 [pid 5101] <... ioctl resumed>) = 0 [pid 5099] close(3) = 0 [pid 5101] close(3 [pid 5099] mkdir("./bus", 0777 [pid 5101] <... close resumed>) = 0 [pid 5101] mkdir("./bus", 0777 [pid 5099] <... mkdir resumed>) = 0 [pid 5099] mount("/dev/loop0", "./bus", "reiserfs", MS_RDONLY|MS_NOSUID|MS_NODEV, "barrier=none,jqfmt=vfsold,data=ordered,jdev=./bus,smackfshat=re" [pid 5101] <... mkdir resumed>) = 0 [pid 5101] mount("/dev/loop3", "./bus", "reiserfs", MS_RDONLY|MS_NOSUID|MS_NODEV, "barrier=none,jqfmt=vfsold,data=ordered,jdev=./bus,smackfshat=re" [pid 5096] <... mount resumed>) = -1 EINVAL (Invalid argument) [ 60.305928][ T5098] REISERFS warning (device loop5): sh-457 journal_init_dev: journal_init_dev: Cannot open './bus': -15 [ 60.307650][ T5100] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 60.317091][ T5098] REISERFS warning (device loop5): sh-462 journal_init: unable to initialize journal device [ 60.334325][ T5101] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 60.340366][ T5099] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 60.355273][ T5100] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 60.362980][ T5099] REISERFS (device loop0): using ordered data mode [ 60.380298][ T5099] REISERFS warning (device loop0): sh-457 journal_init_dev: journal_init_dev: Cannot open './bus': -15 [ 60.391401][ T5099] REISERFS warning (device loop0): sh-462 journal_init: unable to initialize journal device [pid 5096] ioctl(4, LOOP_CLR_FD [pid 5099] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5099] ioctl(4, LOOP_CLR_FD [pid 5097] <... ioctl resumed>) = 0 [pid 5098] <... mount resumed>) = -1 EINVAL (Invalid argument) [ 60.403829][ T5099] REISERFS warning (device loop0): sh-2022 reiserfs_fill_super: unable to initialize journal space [ 60.404504][ T5101] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 60.417527][ T5098] REISERFS warning (device loop5): sh-2022 reiserfs_fill_super: unable to initialize journal space [ 60.434908][ T5100] REISERFS (device loop1): using ordered data mode [ 60.443503][ T5100] REISERFS warning (device loop1): sh-457 journal_init_dev: journal_init_dev: Cannot open './bus': -15 [pid 5098] ioctl(4, LOOP_CLR_FD [pid 5100] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5097] close(4 [pid 5100] ioctl(4, LOOP_CLR_FD [pid 5097] <... close resumed>) = 0 [pid 5097] read(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 5097] openat(AT_FDCWD, "/proc/crypto", O_RDONLY) = 3 [pid 5097] read(3, "name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5097] memfd_create("syzkaller", 0) = 4 [pid 5097] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f753d06e000 [ 60.455012][ T5100] REISERFS warning (device loop1): sh-462 journal_init: unable to initialize journal device [ 60.467602][ T5100] REISERFS warning (device loop1): sh-2022 reiserfs_fill_super: unable to initialize journal space [ 60.479355][ T5101] REISERFS (device loop3): using ordered data mode [ 60.488602][ T5101] REISERFS warning (device loop3): sh-457 journal_init_dev: journal_init_dev: Cannot open './bus': -15 [pid 5096] <... ioctl resumed>) = 0 [pid 5097] write(4, "\x60\x1c\x6d\x6b\x64\x20\x00\x66\x81\x7c\xe1\x00\x08\x08\x01\x00\x02\x40\x00\x40\x00\xf8\x01\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x90\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 131072 [pid 5096] close(4) = 0 [pid 5096] read(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 5096] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5097] <... write resumed>) = 131072 [pid 5096] <... openat resumed>) = 3 [pid 5096] read(3, "name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5096] memfd_create("syzkaller", 0) = 4 [pid 5097] munmap(0x7f753d06e000, 138412032 [pid 5096] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f753d06e000 [pid 5096] write(4, "\x60\x1c\x6d\x6b\x64\x20\x00\x66\x81\x7c\xe1\x00\x08\x08\x01\x00\x02\x40\x00\x40\x00\xf8\x01\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x90\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 131072 [pid 5097] <... munmap resumed>) = 0 [pid 5096] <... write resumed>) = 131072 [pid 5097] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5096] munmap(0x7f753d06e000, 138412032 [pid 5097] <... openat resumed>) = 5 [pid 5096] <... munmap resumed>) = 0 [pid 5097] ioctl(5, LOOP_SET_FD, 4 [pid 5096] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 5096] ioctl(5, LOOP_SET_FD, 4 [pid 5101] <... mount resumed>) = -1 EINVAL (Invalid argument) [ 60.519589][ T5101] REISERFS warning (device loop3): sh-462 journal_init: unable to initialize journal device [ 60.546609][ T5101] REISERFS warning (device loop3): sh-2022 reiserfs_fill_super: unable to initialize journal space [pid 5101] ioctl(4, LOOP_CLR_FD [pid 5100] <... ioctl resumed>) = 0 [pid 5096] <... ioctl resumed>) = 0 [pid 5100] close(4) = 0 [pid 5097] <... ioctl resumed>) = 0 [pid 5100] read(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 5100] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5096] close(4 [pid 5100] <... openat resumed>) = 3 [pid 5096] <... close resumed>) = 0 [pid 5100] read(3, [pid 5096] mkdir("./file0", 0777 [pid 5100] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5096] <... mkdir resumed>) = 0 [pid 5100] memfd_create("syzkaller", 0 [pid 5097] close(4 [pid 5096] mount("/dev/loop4", "./file0", "vfat", 0, "nonumtail=0,quiet,uni_xlate=1,uni_xlate=1,nonumtail=1,fmask=01777777777777777777777,utf8=1,rodir,utf"... [pid 5097] <... close resumed>) = 0 [pid 5097] mkdir("./file0", 0777) = 0 [pid 5100] <... memfd_create resumed>) = 4 [pid 5096] <... mount resumed>) = 0 [ 60.578734][ T5097] loop2: detected capacity change from 0 to 256 [ 60.586656][ T5096] loop4: detected capacity change from 0 to 256 [pid 5100] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f753d06e000 [pid 5097] mount("/dev/loop2", "./file0", "vfat", 0, "nonumtail=0,quiet,uni_xlate=1,uni_xlate=1,nonumtail=1,fmask=01777777777777777777777,utf8=1,rodir,utf"... [pid 5096] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5100] write(4, "\x60\x1c\x6d\x6b\x64\x20\x00\x66\x81\x7c\xe1\x00\x08\x08\x01\x00\x02\x40\x00\x40\x00\xf8\x01\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x90\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 131072 [pid 5096] <... openat resumed>) = 4 [pid 5096] chdir("./file0") = 0 [pid 5097] <... mount resumed>) = 0 [pid 5096] ioctl(5, LOOP_CLR_FD [pid 5097] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5096] <... ioctl resumed>) = 0 [pid 5097] <... openat resumed>) = 4 [pid 5096] close(5 [pid 5097] chdir("./file0" [pid 5096] <... close resumed>) = 0 [pid 5097] <... chdir resumed>) = 0 [pid 5096] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5097] ioctl(5, LOOP_CLR_FD [pid 5096] <... openat resumed>) = 5 [pid 5097] <... ioctl resumed>) = 0 [pid 5096] read(5, [pid 5100] <... write resumed>) = 131072 [pid 5097] close(5 [pid 5096] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5096] read(5, [pid 5097] <... close resumed>) = 0 [pid 5096] <... read resumed>"name : __xts(aes)\ndriver : __xts-aes-aesni\nmodule : kernel\npriority : 401\nre"..., 8224) = 3922 [pid 5097] openat(AT_FDCWD, "/proc/crypto", O_RDONLY) = 5 [pid 5096] creat("./bus", 000 [pid 5097] read(5, "name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5100] munmap(0x7f753d06e000, 138412032 [pid 5097] read(5, [pid 5096] <... creat resumed>) = 6 [pid 5097] <... read resumed>"name : __xts(aes)\ndriver : __xts-aes-aesni\nmodule : kernel\npriority : 401\nre"..., 8224) = 3922 [pid 5096] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5097] creat("./bus", 000 [pid 5096] <... mount resumed>) = 0 [pid 5097] <... creat resumed>) = 6 [pid 5097] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5096] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 7 [pid 5097] <... mount resumed>) = 0 [pid 5097] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 5096] pwritev2(7, [{iov_base="\x85\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=2244608}, {iov_base=0x20797469726f6972, iov_len=3473436646628663328}], 2, 5120, RWF_DSYNC [pid 5097] <... open resumed>) = 7 [pid 5096] <... pwritev2 resumed>) = -1 ENOSPC (No space left on device) [pid 5097] pwritev2(7, [{iov_base="\x85\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=2244608}, {iov_base=0x20797469726f6972, iov_len=3473436646628663328}], 2, 5120, RWF_DSYNC [pid 5096] exit_group(0 [pid 5097] <... pwritev2 resumed>) = -1 ENOSPC (No space left on device) [pid 5097] exit_group(0 [pid 5096] <... exit_group resumed>) = ? [pid 5100] <... munmap resumed>) = 0 [pid 5097] <... exit_group resumed>) = ? [pid 5100] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 5097] +++ exited with 0 +++ [pid 5096] +++ exited with 0 +++ [pid 5100] ioctl(5, LOOP_SET_FD, 4 [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5096, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5062] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5097, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=17 /* 0.17 s */} --- [pid 5062] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5062] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5062] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5062] <... openat resumed>) = 3 [pid 5064] <... openat resumed>) = 3 [pid 5062] newfstatat(3, "", [pid 5064] newfstatat(3, "", [pid 5062] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5064] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5062] getdents64(3, [pid 5064] getdents64(3, [pid 5062] <... getdents64 resumed>0x5555565f46f0 /* 5 entries */, 32768) = 136 [pid 5064] <... getdents64 resumed>0x5555565f46f0 /* 5 entries */, 32768) = 136 [pid 5064] umount2("./2/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5100] <... ioctl resumed>) = 0 [pid 5064] newfstatat(AT_FDCWD, "./2/bus", [pid 5100] close(4 [pid 5064] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5062] umount2("./2/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5101] <... ioctl resumed>) = 0 [pid 5100] <... close resumed>) = 0 [pid 5098] <... ioctl resumed>) = 0 [pid 5064] umount2("./2/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5062] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5100] mkdir("./file0", 0777 [pid 5099] <... ioctl resumed>) = 0 [pid 5098] close(4 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5062] newfstatat(AT_FDCWD, "./2/bus", [pid 5064] openat(AT_FDCWD, "./2/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5064] newfstatat(4, "", [pid 5100] <... mkdir resumed>) = 0 [pid 5098] <... close resumed>) = 0 [pid 5064] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5062] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5100] mount("/dev/loop1", "./file0", "vfat", 0, "nonumtail=0,quiet,uni_xlate=1,uni_xlate=1,nonumtail=1,fmask=01777777777777777777777,utf8=1,rodir,utf"... [pid 5098] read(-1, [pid 5064] getdents64(4, [pid 5062] umount2("./2/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5101] close(4 [pid 5098] <... read resumed>NULL, 0) = -1 EBADF (Bad file descriptor) [pid 5064] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5062] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5101] <... close resumed>) = 0 [pid 5099] close(4 [pid 5098] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5064] getdents64(4, [pid 5062] openat(AT_FDCWD, "./2/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5101] read(-1, [pid 5099] <... close resumed>) = 0 [pid 5098] <... openat resumed>) = 3 [pid 5064] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5062] <... openat resumed>) = 4 [pid 5101] <... read resumed>NULL, 0) = -1 EBADF (Bad file descriptor) [pid 5099] read(-1, [pid 5098] read(3, [pid 5064] close(4 [pid 5062] newfstatat(4, "", [pid 5101] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5098] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5064] <... close resumed>) = 0 [pid 5062] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5101] <... openat resumed>) = 3 [pid 5099] <... read resumed>NULL, 0) = -1 EBADF (Bad file descriptor) [pid 5098] memfd_create("syzkaller", 0 [pid 5064] rmdir("./2/bus" [pid 5062] getdents64(4, [pid 5101] read(3, [pid 5100] <... mount resumed>) = 0 [pid 5099] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5098] <... memfd_create resumed>) = 4 [pid 5062] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5101] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5100] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5099] <... openat resumed>) = 3 [pid 5098] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5064] <... rmdir resumed>) = 0 [pid 5062] getdents64(4, [pid 5101] memfd_create("syzkaller", 0 [pid 5100] <... openat resumed>) = 4 [pid 5099] read(3, [pid 5098] <... mmap resumed>) = 0x7f753d06e000 [pid 5062] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5101] <... memfd_create resumed>) = 4 [pid 5100] chdir("./file0" [pid 5064] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5062] close(4 [pid 5101] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5100] <... chdir resumed>) = 0 [pid 5098] write(4, "\x60\x1c\x6d\x6b\x64\x20\x00\x66\x81\x7c\xe1\x00\x08\x08\x01\x00\x02\x40\x00\x40\x00\xf8\x01\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x90\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 131072 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5062] <... close resumed>) = 0 [pid 5101] <... mmap resumed>) = 0x7f753d06e000 [pid 5100] ioctl(5, LOOP_CLR_FD [pid 5099] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5064] newfstatat(AT_FDCWD, "./2/binderfs", [pid 5062] rmdir("./2/bus" [pid 5100] <... ioctl resumed>) = 0 [pid 5099] memfd_create("syzkaller", 0 [pid 5098] <... write resumed>) = 131072 [pid 5100] close(5 [pid 5099] <... memfd_create resumed>) = 4 [pid 5098] munmap(0x7f753d06e000, 138412032 [pid 5064] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5062] <... rmdir resumed>) = 0 [pid 5100] <... close resumed>) = 0 [pid 5099] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5064] unlink("./2/binderfs" [pid 5101] write(4, "\x60\x1c\x6d\x6b\x64\x20\x00\x66\x81\x7c\xe1\x00\x08\x08\x01\x00\x02\x40\x00\x40\x00\xf8\x01\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x90\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 131072 [pid 5100] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5099] <... mmap resumed>) = 0x7f753d06e000 [pid 5098] <... munmap resumed>) = 0 [pid 5064] <... unlink resumed>) = 0 [pid 5062] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5101] <... write resumed>) = 131072 [pid 5100] <... openat resumed>) = 5 [pid 5099] write(4, "\x60\x1c\x6d\x6b\x64\x20\x00\x66\x81\x7c\xe1\x00\x08\x08\x01\x00\x02\x40\x00\x40\x00\xf8\x01\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x90\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 131072 [pid 5098] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5064] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5062] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5099] <... write resumed>) = 131072 [pid 5098] <... openat resumed>) = 5 [pid 5098] ioctl(5, LOOP_SET_FD, 4 [pid 5062] newfstatat(AT_FDCWD, "./2/binderfs", [pid 5101] munmap(0x7f753d06e000, 138412032 [pid 5100] read(5, [pid 5064] <... umount2 resumed>) = 0 [pid 5062] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5101] <... munmap resumed>) = 0 [pid 5099] munmap(0x7f753d06e000, 138412032) = 0 [ 60.703625][ T5100] loop1: detected capacity change from 0 to 256 [pid 5101] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 5099] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 5099] ioctl(5, LOOP_SET_FD, 4 [pid 5101] ioctl(5, LOOP_SET_FD, 4 [pid 5100] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5099] <... ioctl resumed>) = 0 [pid 5098] <... ioctl resumed>) = 0 [pid 5100] read(5, [pid 5098] close(4 [pid 5062] unlink("./2/binderfs" [pid 5100] <... read resumed>"name : __xts(aes)\ndriver : __xts-aes-aesni\nmodule : kernel\npriority : 401\nre"..., 8224) = 3922 [pid 5098] <... close resumed>) = 0 [pid 5100] creat("./bus", 000 [pid 5098] mkdir("./file0", 0777 [pid 5100] <... creat resumed>) = 6 [pid 5062] <... unlink resumed>) = 0 [pid 5062] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5098] <... mkdir resumed>) = 0 [pid 5100] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5098] mount("/dev/loop5", "./file0", "vfat", 0, "nonumtail=0,quiet,uni_xlate=1,uni_xlate=1,nonumtail=1,fmask=01777777777777777777777,utf8=1,rodir,utf"... [pid 5100] <... mount resumed>) = 0 [pid 5100] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 7 [pid 5100] pwritev2(7, [{iov_base="\x85\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=2244608}, {iov_base=0x20797469726f6972, iov_len=3473436646628663328}], 2, 5120, RWF_DSYNC [pid 5099] close(4) = 0 [pid 5099] mkdir("./file0", 0777) = 0 [pid 5100] <... pwritev2 resumed>) = 125952 [pid 5099] mount("/dev/loop0", "./file0", "vfat", 0, "nonumtail=0,quiet,uni_xlate=1,uni_xlate=1,nonumtail=1,fmask=01777777777777777777777,utf8=1,rodir,utf"... [pid 5098] <... mount resumed>) = 0 [pid 5062] <... umount2 resumed>) = 0 [pid 5100] exit_group(0 [pid 5098] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5100] <... exit_group resumed>) = ? [pid 5098] <... openat resumed>) = 4 [pid 5098] chdir("./file0" [pid 5100] +++ exited with 0 +++ [pid 5064] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5062] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5098] <... chdir resumed>) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5062] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5061] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5100, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=19 /* 0.19 s */} --- [pid 5098] ioctl(5, LOOP_CLR_FD [pid 5064] newfstatat(AT_FDCWD, "./2/file0", [pid 5062] newfstatat(AT_FDCWD, "./2/file0", [pid 5098] <... ioctl resumed>) = 0 [ 60.763546][ T5098] loop5: detected capacity change from 0 to 256 [ 60.775198][ T5099] loop0: detected capacity change from 0 to 256 [ 60.776389][ T5101] loop3: detected capacity change from 0 to 256 [pid 5064] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5062] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5098] close(5 [pid 5062] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5061] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5062] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5061] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5099] <... mount resumed>) = 0 [pid 5098] <... close resumed>) = 0 [pid 5099] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5098] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5099] <... openat resumed>) = 4 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5062] openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5061] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5099] chdir("./file0" [pid 5098] <... openat resumed>) = 5 [pid 5064] openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5062] <... openat resumed>) = 4 [pid 5061] <... openat resumed>) = 3 [pid 5101] <... ioctl resumed>) = 0 [pid 5099] <... chdir resumed>) = 0 [pid 5098] read(5, [pid 5064] <... openat resumed>) = 4 [pid 5062] newfstatat(4, "", [pid 5061] newfstatat(3, "", [pid 5101] close(4 [pid 5099] ioctl(5, LOOP_CLR_FD [pid 5098] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5064] newfstatat(4, "", [pid 5062] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5061] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5101] <... close resumed>) = 0 [pid 5099] <... ioctl resumed>) = 0 [pid 5098] read(5, [pid 5064] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5062] getdents64(4, [pid 5061] getdents64(3, [pid 5101] mkdir("./file0", 0777 [pid 5099] close(5 [pid 5098] <... read resumed>"name : __xts(aes)\ndriver : __xts-aes-aesni\nmodule : kernel\npriority : 401\nre"..., 8224) = 3922 [pid 5064] getdents64(4, [pid 5062] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5061] <... getdents64 resumed>0x5555565f46f0 /* 5 entries */, 32768) = 136 [pid 5101] <... mkdir resumed>) = 0 [pid 5099] <... close resumed>) = 0 [pid 5098] creat("./bus", 000 [pid 5064] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5062] getdents64(4, [pid 5061] umount2("./2/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5099] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5098] <... creat resumed>) = 6 [pid 5064] getdents64(4, [pid 5062] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5061] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5099] <... openat resumed>) = 5 [pid 5098] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5064] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5062] close(4 [pid 5061] newfstatat(AT_FDCWD, "./2/bus", [pid 5101] mount("/dev/loop3", "./file0", "vfat", 0, "nonumtail=0,quiet,uni_xlate=1,uni_xlate=1,nonumtail=1,fmask=01777777777777777777777,utf8=1,rodir,utf"... [pid 5099] read(5, [pid 5098] <... mount resumed>) = 0 [pid 5064] close(4 [pid 5062] <... close resumed>) = 0 [pid 5061] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5099] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5098] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 5064] <... close resumed>) = 0 [pid 5062] rmdir("./2/file0" [pid 5061] umount2("./2/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5099] read(5, [pid 5098] <... open resumed>) = 7 [pid 5064] rmdir("./2/file0" [pid 5062] <... rmdir resumed>) = 0 [pid 5061] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5099] <... read resumed>"name : __xts(aes)\ndriver : __xts-aes-aesni\nmodule : kernel\npriority : 401\nre"..., 8224) = 3922 [pid 5098] pwritev2(7, [{iov_base="\x85\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=2244608}, {iov_base=0x20797469726f6972, iov_len=3473436646628663328}], 2, 5120, RWF_DSYNC [pid 5064] <... rmdir resumed>) = 0 [pid 5062] getdents64(3, [pid 5061] openat(AT_FDCWD, "./2/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5099] creat("./bus", 000 [pid 5064] getdents64(3, [pid 5062] <... getdents64 resumed>0x5555565f46f0 /* 0 entries */, 32768) = 0 [pid 5061] <... openat resumed>) = 4 [pid 5064] <... getdents64 resumed>0x5555565f46f0 /* 0 entries */, 32768) = 0 [pid 5062] close(3 [pid 5099] <... creat resumed>) = -1 ENOSPC (No space left on device) [pid 5064] close(3 [pid 5062] <... close resumed>) = 0 [pid 5061] newfstatat(4, "", [pid 5099] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5064] <... close resumed>) = 0 [pid 5062] rmdir("./2" [pid 5061] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5099] <... mount resumed>) = -1 ENOENT (No such file or directory) [pid 5064] rmdir("./2" [pid 5062] <... rmdir resumed>) = 0 [pid 5061] getdents64(4, [pid 5099] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 5064] <... rmdir resumed>) = 0 [pid 5062] mkdir("./3", 0777 [pid 5101] <... mount resumed>) = 0 [pid 5099] <... open resumed>) = -1 ENOSPC (No space left on device) [pid 5064] mkdir("./3", 0777 [pid 5062] <... mkdir resumed>) = 0 [pid 5101] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5099] pwritev2(-1, [{iov_base="\x85\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=2244608}, {iov_base=0x20797469726f6972, iov_len=3473436646628663328}], 2, 5120, RWF_DSYNC [pid 5064] <... mkdir resumed>) = 0 [pid 5061] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5064] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5061] getdents64(4, [pid 5064] <... openat resumed>) = 3 [pid 5062] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5061] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5062] <... openat resumed>) = 3 [pid 5061] close(4 [pid 5064] ioctl(3, LOOP_CLR_FD [pid 5061] <... close resumed>) = 0 [pid 5064] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5062] ioctl(3, LOOP_CLR_FD [pid 5061] rmdir("./2/bus" [pid 5064] close(3 [pid 5062] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5061] <... rmdir resumed>) = 0 [pid 5064] <... close resumed>) = 0 [pid 5062] close(3 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5062] <... close resumed>) = 0 [pid 5061] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5101] <... openat resumed>) = 4 [pid 5099] <... pwritev2 resumed>) = -1 EBADF (Bad file descriptor) [pid 5098] <... pwritev2 resumed>) = 125952 [pid 5062] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5061] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5108 attached [pid 5061] newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5108] set_robust_list(0x5555565f3660, 24 [pid 5061] unlink("./2/binderfs") = 0 [pid 5108] <... set_robust_list resumed>) = 0 [pid 5099] exit_group(0 [pid 5061] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5108] chdir("./3" [pid 5101] chdir("./file0" [pid 5099] <... exit_group resumed>) = ? [pid 5098] exit_group(0 [pid 5108] <... chdir resumed>) = 0 [pid 5064] <... clone resumed>, child_tidptr=0x5555565f3650) = 5108 [pid 5108] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5108] setpgid(0, 0 [pid 5062] <... clone resumed>, child_tidptr=0x5555565f3650) = 5109 ./strace-static-x86_64: Process 5109 attached [pid 5108] <... setpgid resumed>) = 0 [pid 5101] <... chdir resumed>) = 0 [pid 5099] +++ exited with 0 +++ [pid 5098] <... exit_group resumed>) = ? [pid 5109] set_robust_list(0x5555565f3660, 24 [pid 5108] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5101] ioctl(5, LOOP_CLR_FD [pid 5061] <... umount2 resumed>) = 0 [pid 5060] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5099, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=15 /* 0.15 s */} --- [pid 5108] <... openat resumed>) = 3 [pid 5060] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5109] <... set_robust_list resumed>) = 0 [pid 5098] +++ exited with 0 +++ [pid 5101] <... ioctl resumed>) = 0 [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5098, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=17 /* 0.17 s */} --- [pid 5060] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5109] chdir("./3" [pid 5108] write(3, "1000", 4 [pid 5101] close(5 [pid 5065] restart_syscall(<... resuming interrupted clone ...> [pid 5060] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5109] <... chdir resumed>) = 0 [pid 5101] <... close resumed>) = 0 [pid 5065] <... restart_syscall resumed>) = 0 [pid 5060] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5109] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5108] <... write resumed>) = 4 [pid 5101] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5060] <... openat resumed>) = 3 [pid 5109] <... prctl resumed>) = 0 [pid 5108] close(3 [pid 5061] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5060] newfstatat(3, "", [pid 5108] <... close resumed>) = 0 [pid 5065] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5060] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5109] setpgid(0, 0 [pid 5108] symlink("/dev/binderfs", "./binderfs" [pid 5101] <... openat resumed>) = 5 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5061] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5060] getdents64(3, [pid 5109] <... setpgid resumed>) = 0 [pid 5108] <... symlink resumed>) = 0 [pid 5065] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5061] newfstatat(AT_FDCWD, "./2/file0", [pid 5060] <... getdents64 resumed>0x5555565f46f0 /* 5 entries */, 32768) = 136 [pid 5109] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5108] memfd_create("syzkaller", 0 [pid 5101] read(5, [pid 5065] <... openat resumed>) = 3 [pid 5061] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5060] umount2("./2/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5109] <... openat resumed>) = 3 [pid 5065] newfstatat(3, "", [pid 5061] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5060] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5109] write(3, "1000", 4 [pid 5108] <... memfd_create resumed>) = 3 [pid 5101] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5061] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5060] newfstatat(AT_FDCWD, "./2/bus", [pid 5109] <... write resumed>) = 4 [pid 5108] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5101] read(5, [pid 5065] getdents64(3, [pid 5061] openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5060] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5109] close(3 [pid 5108] <... mmap resumed>) = 0x7f753d06e000 [pid 5101] <... read resumed>"name : __xts(aes)\ndriver : __xts-aes-aesni\nmodule : kernel\npriority : 401\nre"..., 8224) = 3922 [pid 5065] <... getdents64 resumed>0x5555565f46f0 /* 5 entries */, 32768) = 136 [pid 5061] <... openat resumed>) = 4 [pid 5060] umount2("./2/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5109] <... close resumed>) = 0 [pid 5101] creat("./bus", 000 [pid 5065] umount2("./2/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5109] symlink("/dev/binderfs", "./binderfs" [pid 5065] newfstatat(AT_FDCWD, "./2/bus", [pid 5061] newfstatat(4, "", [pid 5101] <... creat resumed>) = 6 [pid 5109] <... symlink resumed>) = 0 [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5060] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5061] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5060] openat(AT_FDCWD, "./2/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5109] memfd_create("syzkaller", 0 [pid 5101] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5065] umount2("./2/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5061] getdents64(4, [pid 5060] <... openat resumed>) = 4 [pid 5109] <... memfd_create resumed>) = 3 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5109] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5101] <... mount resumed>) = 0 [pid 5065] openat(AT_FDCWD, "./2/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5061] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5060] newfstatat(4, "", [pid 5109] <... mmap resumed>) = 0x7f753d06e000 [pid 5101] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 5065] <... openat resumed>) = 4 [pid 5061] getdents64(4, [pid 5060] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] newfstatat(4, "", [pid 5060] getdents64(4, [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] getdents64(4, [pid 5060] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5065] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5060] getdents64(4, [pid 5065] getdents64(4, [pid 5060] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5065] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5060] close(4 [pid 5065] close(4 [pid 5060] <... close resumed>) = 0 [pid 5065] <... close resumed>) = 0 [pid 5060] rmdir("./2/bus" [pid 5101] <... open resumed>) = 7 [pid 5065] rmdir("./2/bus" [pid 5061] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5101] pwritev2(7, [{iov_base="\x85\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=2244608}, {iov_base=0x20797469726f6972, iov_len=3473436646628663328}], 2, 5120, RWF_DSYNC [pid 5065] <... rmdir resumed>) = 0 [pid 5061] close(4 [pid 5060] <... rmdir resumed>) = 0 [pid 5101] <... pwritev2 resumed>) = 125952 [pid 5065] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5061] <... close resumed>) = 0 [pid 5101] exit_group(0 [pid 5061] rmdir("./2/file0" [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] newfstatat(AT_FDCWD, "./2/binderfs", [pid 5101] <... exit_group resumed>) = ? [pid 5065] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5061] <... rmdir resumed>) = 0 [pid 5060] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] unlink("./2/binderfs" [pid 5060] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5060] newfstatat(AT_FDCWD, "./2/binderfs", [pid 5061] getdents64(3, [pid 5060] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5101] +++ exited with 0 +++ [pid 5065] <... unlink resumed>) = 0 [pid 5061] <... getdents64 resumed>0x5555565f46f0 /* 0 entries */, 32768) = 0 [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5101, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=17 /* 0.17 s */} --- [pid 5060] unlink("./2/binderfs" [pid 5063] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5060] <... unlink resumed>) = 0 [pid 5065] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5063] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5060] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5063] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555565f46f0 /* 5 entries */, 32768) = 136 [pid 5061] close(3 [pid 5063] umount2("./2/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5061] <... close resumed>) = 0 [pid 5063] newfstatat(AT_FDCWD, "./2/bus", [pid 5061] rmdir("./2" [pid 5063] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./2/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./2/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5061] <... rmdir resumed>) = 0 [pid 5063] <... openat resumed>) = 4 [pid 5061] mkdir("./3", 0777 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5061] <... mkdir resumed>) = 0 [pid 5063] getdents64(4, 0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5061] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5063] close(4) = 0 [pid 5063] rmdir("./2/bus" [pid 5061] <... openat resumed>) = 3 [pid 5063] <... rmdir resumed>) = 0 [pid 5061] ioctl(3, LOOP_CLR_FD [pid 5063] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5061] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5063] newfstatat(AT_FDCWD, "./2/binderfs", [pid 5061] close(3 [pid 5063] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5061] <... close resumed>) = 0 [pid 5065] <... umount2 resumed>) = 0 [pid 5061] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5060] <... umount2 resumed>) = 0 [pid 5065] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5063] unlink("./2/binderfs") = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5063] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] newfstatat(AT_FDCWD, "./2/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] getdents64(4, 0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [pid 5061] <... clone resumed>, child_tidptr=0x5555565f3650) = 5110 [pid 5065] rmdir("./2/file0"./strace-static-x86_64: Process 5110 attached ) = 0 [pid 5060] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5110] set_robust_list(0x5555565f3660, 24) = 0 [pid 5060] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5110] chdir("./3" [pid 5065] getdents64(3, [pid 5060] newfstatat(AT_FDCWD, "./2/file0", [pid 5110] <... chdir resumed>) = 0 [pid 5063] <... umount2 resumed>) = 0 [pid 5063] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5110] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5060] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./2/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] <... getdents64 resumed>0x5555565f46f0 /* 0 entries */, 32768) = 0 [pid 5063] newfstatat(4, "", [pid 5110] <... prctl resumed>) = 0 [pid 5109] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5065] close(3 [pid 5063] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5060] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5110] setpgid(0, 0 [pid 5065] <... close resumed>) = 0 [pid 5063] getdents64(4, [pid 5110] <... setpgid resumed>) = 0 [pid 5108] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5065] rmdir("./2" [pid 5063] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5060] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5110] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5065] <... rmdir resumed>) = 0 [pid 5063] getdents64(4, [pid 5060] openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] mkdir("./3", 0777 [pid 5110] <... openat resumed>) = 3 [pid 5063] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5110] write(3, "1000", 4 [pid 5060] <... openat resumed>) = 4 [pid 5110] <... write resumed>) = 4 [pid 5060] newfstatat(4, "", [pid 5110] close(3 [pid 5065] <... mkdir resumed>) = 0 [pid 5063] close(4 [pid 5060] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5110] <... close resumed>) = 0 [pid 5060] getdents64(4, [pid 5110] symlink("/dev/binderfs", "./binderfs" [pid 5060] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5110] <... symlink resumed>) = 0 [pid 5063] <... close resumed>) = 0 [pid 5060] getdents64(4, [pid 5063] rmdir("./2/file0" [pid 5060] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5110] memfd_create("syzkaller", 0 [pid 5063] <... rmdir resumed>) = 0 [pid 5110] <... memfd_create resumed>) = 3 [pid 5063] getdents64(3, [pid 5060] close(4 [pid 5110] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5063] <... getdents64 resumed>0x5555565f46f0 /* 0 entries */, 32768) = 0 [pid 5060] <... close resumed>) = 0 [pid 5110] <... mmap resumed>) = 0x7f753d06e000 [pid 5063] close(3 [pid 5060] rmdir("./2/file0" [pid 5063] <... close resumed>) = 0 [pid 5063] rmdir("./2" [pid 5065] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5063] <... rmdir resumed>) = 0 [pid 5060] <... rmdir resumed>) = 0 [pid 5065] <... openat resumed>) = 3 [pid 5063] mkdir("./3", 0777) = 0 [pid 5065] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5065] close(3 [pid 5063] <... openat resumed>) = 3 [pid 5065] <... close resumed>) = 0 [pid 5063] ioctl(3, LOOP_CLR_FD [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5063] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5060] getdents64(3, [pid 5065] <... clone resumed>, child_tidptr=0x5555565f3650) = 5111 [pid 5060] <... getdents64 resumed>0x5555565f46f0 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 5111 attached [pid 5063] <... clone resumed>, child_tidptr=0x5555565f3650) = 5112 [pid 5060] close(3./strace-static-x86_64: Process 5112 attached [pid 5111] set_robust_list(0x5555565f3660, 24) = 0 [pid 5111] chdir("./3") = 0 [pid 5111] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5111] setpgid(0, 0) = 0 [pid 5060] <... close resumed>) = 0 [pid 5112] set_robust_list(0x5555565f3660, 24 [pid 5111] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5060] rmdir("./2" [pid 5111] <... openat resumed>) = 3 [pid 5111] write(3, "1000", 4) = 4 [pid 5111] close(3) = 0 [pid 5111] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5111] memfd_create("syzkaller", 0) = 3 [pid 5111] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f753d06e000 [pid 5112] <... set_robust_list resumed>) = 0 [pid 5060] <... rmdir resumed>) = 0 [pid 5112] chdir("./3" [pid 5060] mkdir("./3", 0777 [pid 5112] <... chdir resumed>) = 0 [pid 5060] <... mkdir resumed>) = 0 [pid 5112] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5060] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5112] setpgid(0, 0) = 0 [pid 5060] <... openat resumed>) = 3 [pid 5060] ioctl(3, LOOP_CLR_FD [pid 5112] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5060] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5112] <... openat resumed>) = 3 [pid 5060] close(3 [pid 5112] write(3, "1000", 4 [pid 5060] <... close resumed>) = 0 [pid 5060] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5113 attached [pid 5112] <... write resumed>) = 4 [pid 5113] set_robust_list(0x5555565f3660, 24 [pid 5112] close(3 [pid 5060] <... clone resumed>, child_tidptr=0x5555565f3650) = 5113 [pid 5113] <... set_robust_list resumed>) = 0 [pid 5112] <... close resumed>) = 0 [pid 5113] chdir("./3" [pid 5112] symlink("/dev/binderfs", "./binderfs" [pid 5113] <... chdir resumed>) = 0 [pid 5113] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5112] <... symlink resumed>) = 0 [pid 5113] <... prctl resumed>) = 0 [pid 5113] setpgid(0, 0 [pid 5112] memfd_create("syzkaller", 0 [pid 5113] <... setpgid resumed>) = 0 [pid 5113] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5113] write(3, "1000", 4 [pid 5112] <... memfd_create resumed>) = 3 [pid 5113] <... write resumed>) = 4 [pid 5112] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5113] close(3 [pid 5112] <... mmap resumed>) = 0x7f753d06e000 [pid 5113] <... close resumed>) = 0 [pid 5113] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5110] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5113] memfd_create("syzkaller", 0) = 3 [pid 5109] <... write resumed>) = 4194304 [pid 5113] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f753d06e000 [pid 5109] munmap(0x7f753d06e000, 138412032 [pid 5108] <... write resumed>) = 4194304 [pid 5111] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5109] <... munmap resumed>) = 0 [pid 5109] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5109] ioctl(4, LOOP_SET_FD, 3 [pid 5108] munmap(0x7f753d06e000, 138412032) = 0 [pid 5108] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5108] ioctl(4, LOOP_SET_FD, 3 [pid 5109] <... ioctl resumed>) = 0 [pid 5109] close(3) = 0 [pid 5109] mkdir("./bus", 0777) = 0 [pid 5109] mount("/dev/loop2", "./bus", "reiserfs", MS_RDONLY|MS_NOSUID|MS_NODEV, "barrier=none,jqfmt=vfsold,data=ordered,jdev=./bus,smackfshat=re" [pid 5108] <... ioctl resumed>) = 0 [ 61.193653][ T5109] loop2: detected capacity change from 0 to 8192 [ 61.211832][ T5108] loop4: detected capacity change from 0 to 8192 [pid 5108] close(3) = 0 [pid 5108] mkdir("./bus", 0777) = 0 [ 61.246031][ T5109] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 61.265048][ T5108] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5108] mount("/dev/loop4", "./bus", "reiserfs", MS_RDONLY|MS_NOSUID|MS_NODEV, "barrier=none,jqfmt=vfsold,data=ordered,jdev=./bus,smackfshat=re" [pid 5112] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5113] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5110] <... write resumed>) = 4194304 [ 61.304481][ T5109] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 61.314331][ T5109] REISERFS (device loop2): using ordered data mode [ 61.318422][ T5108] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [pid 5111] <... write resumed>) = 4194304 [pid 5111] munmap(0x7f753d06e000, 138412032 [pid 5110] munmap(0x7f753d06e000, 138412032 [pid 5111] <... munmap resumed>) = 0 [pid 5111] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5110] <... munmap resumed>) = 0 [ 61.347473][ T5109] REISERFS warning (device loop2): sh-457 journal_init_dev: journal_init_dev: Cannot open './bus': -15 [pid 5111] <... openat resumed>) = 4 [pid 5110] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5110] ioctl(4, LOOP_SET_FD, 3 [pid 5111] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5111] close(3) = 0 [pid 5111] mkdir("./bus", 0777 [pid 5110] <... ioctl resumed>) = 0 [pid 5111] <... mkdir resumed>) = 0 [pid 5110] close(3) = 0 [pid 5111] mount("/dev/loop5", "./bus", "reiserfs", MS_RDONLY|MS_NOSUID|MS_NODEV, "barrier=none,jqfmt=vfsold,data=ordered,jdev=./bus,smackfshat=re" [pid 5110] mkdir("./bus", 0777 [pid 5112] <... write resumed>) = 4194304 [ 61.377089][ T5110] loop1: detected capacity change from 0 to 8192 [ 61.385353][ T5111] loop5: detected capacity change from 0 to 8192 [ 61.392001][ T5108] REISERFS (device loop4): using ordered data mode [ 61.408570][ T5108] REISERFS warning (device loop4): sh-457 journal_init_dev: journal_init_dev: Cannot open './bus': -15 [pid 5110] <... mkdir resumed>) = 0 [pid 5110] mount("/dev/loop1", "./bus", "reiserfs", MS_RDONLY|MS_NOSUID|MS_NODEV, "barrier=none,jqfmt=vfsold,data=ordered,jdev=./bus,smackfshat=re" [ 61.415751][ T5109] REISERFS warning (device loop2): sh-462 journal_init: unable to initialize journal device [ 61.420612][ T5111] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 61.443493][ T5108] REISERFS warning (device loop4): sh-462 journal_init: unable to initialize journal device [ 61.456717][ T5110] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5112] munmap(0x7f753d06e000, 138412032) = 0 [pid 5112] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5108] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5112] <... openat resumed>) = 4 [pid 5112] ioctl(4, LOOP_SET_FD, 3 [pid 5108] ioctl(4, LOOP_CLR_FD [pid 5112] <... ioctl resumed>) = 0 [pid 5112] close(3) = 0 [ 61.458329][ T5108] REISERFS warning (device loop4): sh-2022 reiserfs_fill_super: unable to initialize journal space [ 61.474127][ T5109] REISERFS warning (device loop2): sh-2022 reiserfs_fill_super: unable to initialize journal space [ 61.481383][ T5110] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 61.500858][ T5110] REISERFS (device loop1): using ordered data mode [ 61.505347][ T5112] loop3: detected capacity change from 0 to 8192 [ 61.515991][ T5111] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [pid 5112] mkdir("./bus", 0777) = 0 [pid 5113] <... write resumed>) = 4194304 [pid 5113] munmap(0x7f753d06e000, 138412032) = 0 [pid 5113] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5112] mount("/dev/loop3", "./bus", "reiserfs", MS_RDONLY|MS_NOSUID|MS_NODEV, "barrier=none,jqfmt=vfsold,data=ordered,jdev=./bus,smackfshat=re" [pid 5113] <... openat resumed>) = 4 [ 61.516276][ T5110] REISERFS warning (device loop1): sh-457 journal_init_dev: journal_init_dev: Cannot open './bus': -15 [ 61.536247][ T5110] REISERFS warning (device loop1): sh-462 journal_init: unable to initialize journal device [ 61.546934][ T5111] REISERFS (device loop5): using ordered data mode [ 61.548536][ T5110] REISERFS warning (device loop1): sh-2022 reiserfs_fill_super: unable to initialize journal space [ 61.559100][ T5113] loop0: detected capacity change from 0 to 8192 [pid 5113] ioctl(4, LOOP_SET_FD, 3 [pid 5109] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5113] <... ioctl resumed>) = 0 [pid 5113] close(3) = 0 [pid 5113] mkdir("./bus", 0777 [pid 5111] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5110] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5109] ioctl(4, LOOP_CLR_FD [pid 5111] ioctl(4, LOOP_CLR_FD [pid 5110] ioctl(4, LOOP_CLR_FD [pid 5113] <... mkdir resumed>) = 0 [pid 5108] <... ioctl resumed>) = 0 [ 61.573334][ T5111] REISERFS warning (device loop5): sh-457 journal_init_dev: journal_init_dev: Cannot open './bus': -15 [ 61.584647][ T5111] REISERFS warning (device loop5): sh-462 journal_init: unable to initialize journal device [ 61.585602][ T5112] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 61.596900][ T5111] REISERFS warning (device loop5): sh-2022 reiserfs_fill_super: unable to initialize journal space [pid 5108] close(4 [pid 5113] mount("/dev/loop0", "./bus", "reiserfs", MS_RDONLY|MS_NOSUID|MS_NODEV, "barrier=none,jqfmt=vfsold,data=ordered,jdev=./bus,smackfshat=re" [pid 5108] <... close resumed>) = 0 [ 61.632841][ T5112] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 61.642389][ T5112] REISERFS (device loop3): using ordered data mode [ 61.651095][ T5112] REISERFS warning (device loop3): sh-457 journal_init_dev: journal_init_dev: Cannot open './bus': -15 [pid 5108] read(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 5108] openat(AT_FDCWD, "/proc/crypto", O_RDONLY) = 3 [pid 5108] read(3, "name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [ 61.674488][ T5113] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5108] memfd_create("syzkaller", 0 [pid 5111] <... ioctl resumed>) = 0 [pid 5109] <... ioctl resumed>) = 0 [pid 5108] <... memfd_create resumed>) = 4 [pid 5109] close(4 [pid 5108] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f753d06e000 [pid 5112] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5111] close(4 [pid 5109] <... close resumed>) = 0 [pid 5108] write(4, "\x60\x1c\x6d\x6b\x64\x20\x00\x66\x81\x7c\xe1\x00\x08\x08\x01\x00\x02\x40\x00\x40\x00\xf8\x01\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x90\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 131072 [pid 5111] <... close resumed>) = 0 [pid 5109] read(-1, [pid 5108] <... write resumed>) = 131072 [pid 5111] read(-1, [pid 5109] <... read resumed>NULL, 0) = -1 EBADF (Bad file descriptor) [pid 5108] munmap(0x7f753d06e000, 138412032 [pid 5112] ioctl(4, LOOP_CLR_FD [pid 5111] <... read resumed>NULL, 0) = -1 EBADF (Bad file descriptor) [pid 5110] <... ioctl resumed>) = 0 [pid 5109] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5111] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5109] <... openat resumed>) = 3 [pid 5108] <... munmap resumed>) = 0 [pid 5108] openat(AT_FDCWD, "/dev/loop4", O_RDWR [ 61.708137][ T5112] REISERFS warning (device loop3): sh-462 journal_init: unable to initialize journal device [ 61.720743][ T5112] REISERFS warning (device loop3): sh-2022 reiserfs_fill_super: unable to initialize journal space [ 61.733912][ T5113] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 61.746524][ T5113] REISERFS (device loop0): using ordered data mode [pid 5111] <... openat resumed>) = 3 [pid 5110] close(4 [pid 5109] read(3, [pid 5108] <... openat resumed>) = 5 [pid 5108] ioctl(5, LOOP_SET_FD, 4 [pid 5109] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5108] <... ioctl resumed>) = 0 [pid 5111] read(3, [pid 5110] <... close resumed>) = 0 [pid 5109] memfd_create("syzkaller", 0 [pid 5108] close(4) = 0 [pid 5108] mkdir("./file0", 0777 [pid 5110] read(-1, [pid 5109] <... memfd_create resumed>) = 4 [pid 5108] <... mkdir resumed>) = 0 [pid 5111] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5110] <... read resumed>NULL, 0) = -1 EBADF (Bad file descriptor) [pid 5109] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5108] mount("/dev/loop4", "./file0", "vfat", 0, "nonumtail=0,quiet,uni_xlate=1,uni_xlate=1,nonumtail=1,fmask=01777777777777777777777,utf8=1,rodir,utf"... [pid 5109] <... mmap resumed>) = 0x7f753d06e000 [pid 5109] write(4, "\x60\x1c\x6d\x6b\x64\x20\x00\x66\x81\x7c\xe1\x00\x08\x08\x01\x00\x02\x40\x00\x40\x00\xf8\x01\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x90\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 131072 [pid 5110] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5109] <... write resumed>) = 131072 [pid 5110] <... openat resumed>) = 3 [pid 5109] munmap(0x7f753d06e000, 138412032 [pid 5111] memfd_create("syzkaller", 0 [pid 5108] <... mount resumed>) = 0 [pid 5110] read(3, [pid 5109] <... munmap resumed>) = 0 [ 61.762070][ T5113] REISERFS warning (device loop0): sh-457 journal_init_dev: journal_init_dev: Cannot open './bus': -15 [ 61.774493][ T5108] loop4: detected capacity change from 0 to 256 [ 61.781565][ T5113] REISERFS warning (device loop0): sh-462 journal_init: unable to initialize journal device [pid 5108] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5111] <... memfd_create resumed>) = 4 [pid 5112] <... ioctl resumed>) = 0 [pid 5111] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5110] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5109] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5108] <... openat resumed>) = 4 [pid 5112] close(4 [pid 5111] <... mmap resumed>) = 0x7f753d06e000 [pid 5110] memfd_create("syzkaller", 0 [pid 5109] <... openat resumed>) = 5 [pid 5108] chdir("./file0" [pid 5112] <... close resumed>) = 0 [pid 5111] write(4, "\x60\x1c\x6d\x6b\x64\x20\x00\x66\x81\x7c\xe1\x00\x08\x08\x01\x00\x02\x40\x00\x40\x00\xf8\x01\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x90\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 131072 [pid 5110] <... memfd_create resumed>) = 4 [pid 5109] ioctl(5, LOOP_SET_FD, 4 [pid 5108] <... chdir resumed>) = 0 [pid 5112] read(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 5111] <... write resumed>) = 131072 [pid 5108] ioctl(5, LOOP_CLR_FD) = 0 [pid 5112] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5110] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5111] munmap(0x7f753d06e000, 138412032 [pid 5109] <... ioctl resumed>) = 0 [pid 5108] close(5 [pid 5112] <... openat resumed>) = 3 [pid 5108] <... close resumed>) = 0 [pid 5113] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5112] read(3, [pid 5111] <... munmap resumed>) = 0 [pid 5110] <... mmap resumed>) = 0x7f753d06e000 [pid 5109] close(4 [pid 5108] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5112] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5108] <... openat resumed>) = 5 [pid 5109] <... close resumed>) = 0 [pid 5111] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5113] ioctl(4, LOOP_CLR_FD [pid 5112] memfd_create("syzkaller", 0 [pid 5111] <... openat resumed>) = 5 [pid 5110] write(4, "\x60\x1c\x6d\x6b\x64\x20\x00\x66\x81\x7c\xe1\x00\x08\x08\x01\x00\x02\x40\x00\x40\x00\xf8\x01\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x90\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 131072 [pid 5109] mkdir("./file0", 0777 [pid 5108] read(5, [pid 5112] <... memfd_create resumed>) = 4 [pid 5111] ioctl(5, LOOP_SET_FD, 4) = 0 [pid 5109] <... mkdir resumed>) = 0 [pid 5108] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5109] mount("/dev/loop2", "./file0", "vfat", 0, "nonumtail=0,quiet,uni_xlate=1,uni_xlate=1,nonumtail=1,fmask=01777777777777777777777,utf8=1,rodir,utf"... [pid 5112] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5111] close(4 [pid 5108] read(5, [pid 5111] <... close resumed>) = 0 [pid 5108] <... read resumed>"name : __xts(aes)\ndriver : __xts-aes-aesni\nmodule : kernel\npriority : 401\nre"..., 8224) = 3922 [pid 5112] <... mmap resumed>) = 0x7f753d06e000 [pid 5111] mkdir("./file0", 0777 [pid 5108] creat("./bus", 000 [pid 5112] write(4, "\x60\x1c\x6d\x6b\x64\x20\x00\x66\x81\x7c\xe1\x00\x08\x08\x01\x00\x02\x40\x00\x40\x00\xf8\x01\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x90\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 131072 [pid 5108] <... creat resumed>) = 6 [pid 5111] <... mkdir resumed>) = 0 [pid 5108] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0 [pid 5111] mount("/dev/loop5", "./file0", "vfat", 0, "nonumtail=0,quiet,uni_xlate=1,uni_xlate=1,nonumtail=1,fmask=01777777777777777777777,utf8=1,rodir,utf"... [pid 5108] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 7 [pid 5108] pwritev2(7, [{iov_base="\x85\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=2244608}, {iov_base=0x20797469726f6972, iov_len=3473436646628663328}], 2, 5120, RWF_DSYNC [pid 5112] <... write resumed>) = 131072 [pid 5111] <... mount resumed>) = 0 [pid 5110] <... write resumed>) = 131072 [pid 5109] <... mount resumed>) = 0 [pid 5108] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 5112] munmap(0x7f753d06e000, 138412032 [pid 5111] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5110] munmap(0x7f753d06e000, 138412032 [pid 5109] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5108] exit_group(0 [pid 5112] <... munmap resumed>) = 0 [pid 5111] <... openat resumed>) = 4 [pid 5110] <... munmap resumed>) = 0 [pid 5109] <... openat resumed>) = 4 [pid 5108] <... exit_group resumed>) = ? [pid 5112] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5111] chdir("./file0" [pid 5109] chdir("./file0" [pid 5112] <... openat resumed>) = 5 [pid 5111] <... chdir resumed>) = 0 [pid 5110] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5109] <... chdir resumed>) = 0 [pid 5108] +++ exited with 0 +++ [pid 5111] ioctl(5, LOOP_CLR_FD [pid 5109] ioctl(5, LOOP_CLR_FD [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5108, si_uid=0, si_status=0, si_utime=0, si_stime=18 /* 0.18 s */} --- [pid 5111] <... ioctl resumed>) = 0 [pid 5109] <... ioctl resumed>) = 0 [pid 5111] close(5 [pid 5109] close(5 [pid 5111] <... close resumed>) = 0 [pid 5109] <... close resumed>) = 0 [ 61.825215][ T5113] REISERFS warning (device loop0): sh-2022 reiserfs_fill_super: unable to initialize journal space [ 61.839997][ T5109] loop2: detected capacity change from 0 to 256 [ 61.856647][ T5111] loop5: detected capacity change from 0 to 256 [pid 5112] ioctl(5, LOOP_SET_FD, 4 [pid 5111] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5110] <... openat resumed>) = 5 [pid 5109] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5111] <... openat resumed>) = 5 [pid 5109] <... openat resumed>) = 5 [pid 5109] read(5, [pid 5064] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5109] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5109] read(5, [pid 5064] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5109] <... read resumed>"name : __xts(aes)\ndriver : __xts-aes-aesni\nmodule : kernel\npriority : 401\nre"..., 8224) = 3922 [pid 5064] <... openat resumed>) = 3 [pid 5109] creat("./bus", 000 [pid 5064] newfstatat(3, "", [pid 5111] read(5, [pid 5109] <... creat resumed>) = 6 [pid 5112] <... ioctl resumed>) = 0 [pid 5111] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5110] ioctl(5, LOOP_SET_FD, 4 [pid 5109] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5064] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5111] read(5, [pid 5109] <... mount resumed>) = 0 [pid 5064] getdents64(3, [pid 5111] <... read resumed>"name : __xts(aes)\ndriver : __xts-aes-aesni\nmodule : kernel\npriority : 401\nre"..., 8224) = 3922 [pid 5109] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 5064] <... getdents64 resumed>0x5555565f46f0 /* 5 entries */, 32768) = 136 [pid 5111] creat("./bus", 000 [pid 5109] <... open resumed>) = 7 [pid 5064] umount2("./3/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5111] <... creat resumed>) = 6 [pid 5109] pwritev2(7, [{iov_base="\x85\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=2244608}, {iov_base=0x20797469726f6972, iov_len=3473436646628663328}], 2, 5120, RWF_DSYNC [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5109] <... pwritev2 resumed>) = -1 ENOSPC (No space left on device) [pid 5064] newfstatat(AT_FDCWD, "./3/bus", [pid 5113] <... ioctl resumed>) = 0 [pid 5109] exit_group(0 [pid 5064] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5111] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5109] <... exit_group resumed>) = ? [pid 5064] umount2("./3/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5112] close(4 [pid 5111] <... mount resumed>) = 0 [pid 5110] <... ioctl resumed>) = 0 [pid 5109] +++ exited with 0 +++ [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5113] close(4 [pid 5112] <... close resumed>) = 0 [pid 5111] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 5110] close(4 [pid 5064] openat(AT_FDCWD, "./3/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5062] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5109, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=16 /* 0.16 s */} --- [pid 5113] <... close resumed>) = 0 [pid 5112] mkdir("./file0", 0777 [pid 5111] <... open resumed>) = 7 [pid 5064] <... openat resumed>) = 4 [pid 5064] newfstatat(4, "", [pid 5110] <... close resumed>) = 0 [pid 5064] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5062] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5113] read(-1, [pid 5112] <... mkdir resumed>) = 0 [pid 5110] mkdir("./file0", 0777 [pid 5062] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5113] <... read resumed>NULL, 0) = -1 EBADF (Bad file descriptor) [pid 5112] mount("/dev/loop3", "./file0", "vfat", 0, "nonumtail=0,quiet,uni_xlate=1,uni_xlate=1,nonumtail=1,fmask=01777777777777777777777,utf8=1,rodir,utf"... [pid 5111] pwritev2(7, [{iov_base="\x85\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=2244608}, {iov_base=0x20797469726f6972, iov_len=3473436646628663328}], 2, 5120, RWF_DSYNC [pid 5064] getdents64(4, [pid 5062] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5113] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5112] <... mount resumed>) = 0 [pid 5111] <... pwritev2 resumed>) = -1 ENOSPC (No space left on device) [pid 5110] <... mkdir resumed>) = 0 [pid 5064] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5062] <... openat resumed>) = 3 [pid 5112] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5111] exit_group(0 [pid 5064] getdents64(4, [pid 5062] newfstatat(3, "", [pid 5111] <... exit_group resumed>) = ? [pid 5064] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5062] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5111] +++ exited with 0 +++ [pid 5064] close(4 [pid 5062] getdents64(3, [pid 5113] <... openat resumed>) = 3 [pid 5112] <... openat resumed>) = 4 [pid 5110] mount("/dev/loop1", "./file0", "vfat", 0, "nonumtail=0,quiet,uni_xlate=1,uni_xlate=1,nonumtail=1,fmask=01777777777777777777777,utf8=1,rodir,utf"... [pid 5064] <... close resumed>) = 0 [ 61.917207][ T5112] loop3: detected capacity change from 0 to 256 [ 61.933315][ T5110] loop1: detected capacity change from 0 to 256 [pid 5062] <... getdents64 resumed>0x5555565f46f0 /* 5 entries */, 32768) = 136 [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5111, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=13 /* 0.13 s */} --- [pid 5064] rmdir("./3/bus" [pid 5062] umount2("./3/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] restart_syscall(<... resuming interrupted clone ...> [pid 5064] <... rmdir resumed>) = 0 [pid 5062] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... restart_syscall resumed>) = 0 [pid 5064] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5062] newfstatat(AT_FDCWD, "./3/bus", [pid 5113] read(3, [pid 5112] chdir("./file0" [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5062] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5113] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5112] <... chdir resumed>) = 0 [pid 5110] <... mount resumed>) = 0 [pid 5113] memfd_create("syzkaller", 0 [pid 5112] ioctl(5, LOOP_CLR_FD [pid 5110] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5062] umount2("./3/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5113] <... memfd_create resumed>) = 4 [pid 5112] <... ioctl resumed>) = 0 [pid 5110] <... openat resumed>) = 4 [pid 5065] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5062] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5113] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5112] close(5 [pid 5110] chdir("./file0" [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] newfstatat(AT_FDCWD, "./3/binderfs", [pid 5062] openat(AT_FDCWD, "./3/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5113] <... mmap resumed>) = 0x7f753d06e000 [pid 5112] <... close resumed>) = 0 [pid 5110] <... chdir resumed>) = 0 [pid 5065] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5062] <... openat resumed>) = 4 [pid 5113] write(4, "\x60\x1c\x6d\x6b\x64\x20\x00\x66\x81\x7c\xe1\x00\x08\x08\x01\x00\x02\x40\x00\x40\x00\xf8\x01\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x90\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 131072 [pid 5112] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5110] ioctl(5, LOOP_CLR_FD [pid 5065] <... openat resumed>) = 3 [pid 5064] unlink("./3/binderfs" [pid 5062] newfstatat(4, "", [pid 5113] <... write resumed>) = 131072 [pid 5112] <... openat resumed>) = 5 [pid 5110] <... ioctl resumed>) = 0 [pid 5065] newfstatat(3, "", [pid 5064] <... unlink resumed>) = 0 [pid 5113] munmap(0x7f753d06e000, 138412032 [pid 5112] read(5, [pid 5110] close(5 [pid 5112] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5110] <... close resumed>) = 0 [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5112] read(5, [pid 5110] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5065] getdents64(3, [pid 5112] <... read resumed>"name : __xts(aes)\ndriver : __xts-aes-aesni\nmodule : kernel\npriority : 401\nre"..., 8224) = 3922 [pid 5110] <... openat resumed>) = 5 [pid 5065] <... getdents64 resumed>0x5555565f46f0 /* 5 entries */, 32768) = 136 [pid 5062] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5113] <... munmap resumed>) = 0 [pid 5112] creat("./bus", 000 [pid 5110] read(5, [pid 5065] umount2("./3/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5062] getdents64(4, [pid 5113] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5112] <... creat resumed>) = 6 [pid 5110] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... umount2 resumed>) = 0 [pid 5062] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5113] <... openat resumed>) = 5 [pid 5112] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5110] read(5, [pid 5065] newfstatat(AT_FDCWD, "./3/bus", [pid 5064] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5062] getdents64(4, [pid 5110] <... read resumed>"name : __xts(aes)\ndriver : __xts-aes-aesni\nmodule : kernel\npriority : 401\nre"..., 8224) = 3922 [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5062] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5110] creat("./bus", 000 [pid 5065] umount2("./3/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] newfstatat(AT_FDCWD, "./3/file0", [pid 5062] close(4 [pid 5113] ioctl(5, LOOP_SET_FD, 4 [pid 5112] <... mount resumed>) = 0 [pid 5110] <... creat resumed>) = 6 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5062] <... close resumed>) = 0 [pid 5112] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 5110] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5065] openat(AT_FDCWD, "./3/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5062] rmdir("./3/bus" [pid 5110] <... mount resumed>) = 0 [pid 5065] <... openat resumed>) = 4 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5062] <... rmdir resumed>) = 0 [pid 5110] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 5065] newfstatat(4, "", [pid 5064] openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5112] <... open resumed>) = 7 [pid 5110] <... open resumed>) = 7 [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5064] <... openat resumed>) = 4 [pid 5062] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5113] <... ioctl resumed>) = 0 [pid 5112] pwritev2(7, [{iov_base="\x85\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=2244608}, {iov_base=0x20797469726f6972, iov_len=3473436646628663328}], 2, 5120, RWF_DSYNC [pid 5110] pwritev2(7, [{iov_base="\x85\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=2244608}, {iov_base=0x20797469726f6972, iov_len=3473436646628663328}], 2, 5120, RWF_DSYNC [pid 5065] getdents64(4, [pid 5064] newfstatat(4, "", [pid 5062] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5113] close(4 [pid 5112] <... pwritev2 resumed>) = 125952 [pid 5110] <... pwritev2 resumed>) = 125952 [pid 5065] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5064] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5113] <... close resumed>) = 0 [pid 5112] exit_group(0 [pid 5110] exit_group(0 [pid 5065] getdents64(4, [pid 5064] getdents64(4, [pid 5113] mkdir("./file0", 0777 [pid 5112] <... exit_group resumed>) = ? [pid 5110] <... exit_group resumed>) = ? [pid 5065] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5064] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5062] newfstatat(AT_FDCWD, "./3/binderfs", [pid 5113] <... mkdir resumed>) = 0 [pid 5112] +++ exited with 0 +++ [pid 5110] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5112, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=19 /* 0.19 s */} --- [pid 5065] close(4 [pid 5064] getdents64(4, [pid 5062] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] <... close resumed>) = 0 [pid 5064] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5061] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5110, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=16 /* 0.16 s */} --- [pid 5065] rmdir("./3/bus" [pid 5064] close(4 [pid 5063] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5061] restart_syscall(<... resuming interrupted clone ...> [pid 5065] <... rmdir resumed>) = 0 [pid 5064] <... close resumed>) = 0 [pid 5063] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5062] unlink("./3/binderfs" [pid 5061] <... restart_syscall resumed>) = 0 [pid 5065] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] rmdir("./3/file0" [pid 5063] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5062] <... unlink resumed>) = 0 [pid 5113] mount("/dev/loop0", "./file0", "vfat", 0, "nonumtail=0,quiet,uni_xlate=1,uni_xlate=1,nonumtail=1,fmask=01777777777777777777777,utf8=1,rodir,utf"... [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... rmdir resumed>) = 0 [pid 5063] <... openat resumed>) = 3 [pid 5065] newfstatat(AT_FDCWD, "./3/binderfs", [pid 5064] getdents64(3, [pid 5063] newfstatat(3, "", [pid 5065] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5064] <... getdents64 resumed>0x5555565f46f0 /* 0 entries */, 32768) = 0 [pid 5063] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5061] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] unlink("./3/binderfs" [pid 5064] close(3 [pid 5063] getdents64(3, [pid 5062] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5061] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5113] <... mount resumed>) = 0 [pid 5065] <... unlink resumed>) = 0 [pid 5064] <... close resumed>) = 0 [pid 5063] <... getdents64 resumed>0x5555565f46f0 /* 5 entries */, 32768) = 136 [pid 5061] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5113] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5065] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] rmdir("./3" [pid 5063] umount2("./3/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5061] <... openat resumed>) = 3 [pid 5113] <... openat resumed>) = 4 [pid 5063] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5062] <... umount2 resumed>) = 0 [pid 5113] chdir("./file0" [pid 5063] newfstatat(AT_FDCWD, "./3/bus", [pid 5113] <... chdir resumed>) = 0 [pid 5064] <... rmdir resumed>) = 0 [pid 5063] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5061] newfstatat(3, "", [pid 5064] mkdir("./4", 0777 [pid 5063] umount2("./3/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5113] ioctl(5, LOOP_CLR_FD [pid 5064] <... mkdir resumed>) = 0 [pid 5063] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5061] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5113] <... ioctl resumed>) = 0 [pid 5065] <... umount2 resumed>) = 0 [pid 5063] openat(AT_FDCWD, "./3/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5061] getdents64(3, [pid 5113] close(5 [pid 5064] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5063] <... openat resumed>) = 4 [pid 5061] <... getdents64 resumed>0x5555565f46f0 /* 5 entries */, 32768) = 136 [ 62.031573][ T5113] loop0: detected capacity change from 0 to 256 [pid 5113] <... close resumed>) = 0 [pid 5064] <... openat resumed>) = 3 [pid 5063] newfstatat(4, "", [pid 5062] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5061] umount2("./3/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5113] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5063] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5061] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5113] <... openat resumed>) = 5 [pid 5065] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] ioctl(3, LOOP_CLR_FD [pid 5063] getdents64(4, [pid 5062] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5061] newfstatat(AT_FDCWD, "./3/bus", [pid 5113] read(5, [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5063] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5062] newfstatat(AT_FDCWD, "./3/file0", [pid 5061] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5113] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5065] newfstatat(AT_FDCWD, "./3/file0", [pid 5064] close(3 [pid 5063] getdents64(4, [pid 5062] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5061] umount2("./3/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5113] read(5, [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5064] <... close resumed>) = 0 [pid 5063] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5062] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5061] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5113] <... read resumed>"name : __xts(aes)\ndriver : __xts-aes-aesni\nmodule : kernel\npriority : 401\nre"..., 8224) = 3922 [pid 5065] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5063] close(4 [pid 5062] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5061] openat(AT_FDCWD, "./3/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5113] creat("./bus", 000 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5063] <... close resumed>) = 0 [pid 5062] openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5061] <... openat resumed>) = 4 [pid 5063] rmdir("./3/bus" [pid 5113] <... creat resumed>) = -1 ENOSPC (No space left on device) [pid 5065] openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5063] <... rmdir resumed>) = 0 [pid 5062] <... openat resumed>) = 4 ./strace-static-x86_64: Process 5120 attached [pid 5065] <... openat resumed>) = 4 [pid 5061] newfstatat(4, "", [pid 5120] set_robust_list(0x5555565f3660, 24 [pid 5113] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5065] newfstatat(4, "", [pid 5063] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5062] newfstatat(4, "", [pid 5061] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5120] <... set_robust_list resumed>) = 0 [pid 5113] <... mount resumed>) = -1 ENOENT (No such file or directory) [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5064] <... clone resumed>, child_tidptr=0x5555565f3650) = 5120 [pid 5063] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5062] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5061] getdents64(4, [pid 5120] chdir("./4" [pid 5065] getdents64(4, [pid 5063] newfstatat(AT_FDCWD, "./3/binderfs", [pid 5062] getdents64(4, [pid 5061] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5120] <... chdir resumed>) = 0 [pid 5065] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5113] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 5063] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5062] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5120] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5113] <... open resumed>) = -1 ENOSPC (No space left on device) [pid 5065] getdents64(4, [pid 5063] unlink("./3/binderfs" [pid 5062] getdents64(4, [pid 5061] getdents64(4, [pid 5120] <... prctl resumed>) = 0 [pid 5113] pwritev2(-1, [{iov_base="\x85\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=2244608}, {iov_base=0x20797469726f6972, iov_len=3473436646628663328}], 2, 5120, RWF_DSYNC [pid 5065] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5063] <... unlink resumed>) = 0 [pid 5062] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5061] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5120] setpgid(0, 0 [pid 5113] <... pwritev2 resumed>) = -1 EBADF (Bad file descriptor) [pid 5065] close(4 [pid 5062] close(4 [pid 5113] exit_group(0 [pid 5063] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5061] close(4 [pid 5120] <... setpgid resumed>) = 0 [pid 5113] <... exit_group resumed>) = ? [pid 5065] <... close resumed>) = 0 [pid 5062] <... close resumed>) = 0 [pid 5061] <... close resumed>) = 0 [pid 5061] rmdir("./3/bus" [pid 5062] rmdir("./3/file0" [pid 5061] <... rmdir resumed>) = 0 [pid 5120] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5113] +++ exited with 0 +++ [pid 5065] rmdir("./3/file0" [pid 5062] <... rmdir resumed>) = 0 [pid 5120] <... openat resumed>) = 3 [pid 5065] <... rmdir resumed>) = 0 [pid 5061] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5120] write(3, "1000", 4 [pid 5061] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5060] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5113, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=17 /* 0.17 s */} --- [pid 5120] <... write resumed>) = 4 [pid 5065] getdents64(3, [pid 5062] getdents64(3, [pid 5061] newfstatat(AT_FDCWD, "./3/binderfs", [pid 5060] restart_syscall(<... resuming interrupted clone ...> [pid 5120] close(3 [pid 5065] <... getdents64 resumed>0x5555565f46f0 /* 0 entries */, 32768) = 0 [pid 5063] <... umount2 resumed>) = 0 [pid 5062] <... getdents64 resumed>0x5555565f46f0 /* 0 entries */, 32768) = 0 [pid 5061] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5060] <... restart_syscall resumed>) = 0 [pid 5120] <... close resumed>) = 0 [pid 5065] close(3 [pid 5062] close(3 [pid 5120] symlink("/dev/binderfs", "./binderfs" [pid 5065] <... close resumed>) = 0 [pid 5062] <... close resumed>) = 0 [pid 5061] unlink("./3/binderfs" [pid 5120] <... symlink resumed>) = 0 [pid 5065] rmdir("./3" [pid 5060] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5061] <... unlink resumed>) = 0 [pid 5060] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... rmdir resumed>) = 0 [pid 5062] rmdir("./3" [pid 5060] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5120] memfd_create("syzkaller", 0 [pid 5061] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5060] <... openat resumed>) = 3 [pid 5065] mkdir("./4", 0777 [pid 5063] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5062] <... rmdir resumed>) = 0 [pid 5060] newfstatat(3, "", [pid 5120] <... memfd_create resumed>) = 3 [pid 5063] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5120] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5063] newfstatat(AT_FDCWD, "./3/file0", [pid 5062] mkdir("./4", 0777 [pid 5061] <... umount2 resumed>) = 0 [pid 5060] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5120] <... mmap resumed>) = 0x7f753d06e000 [pid 5063] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5062] <... mkdir resumed>) = 0 [pid 5063] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5062] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5061] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... mkdir resumed>) = 0 [pid 5063] openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5062] <... openat resumed>) = 3 [pid 5061] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5060] getdents64(3, [pid 5063] <... openat resumed>) = 4 [pid 5062] ioctl(3, LOOP_CLR_FD [pid 5061] newfstatat(AT_FDCWD, "./3/file0", [pid 5060] <... getdents64 resumed>0x5555565f46f0 /* 5 entries */, 32768) = 136 [pid 5063] newfstatat(4, "", [pid 5061] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5060] umount2("./3/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5063] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5061] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5063] getdents64(4, [pid 5060] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5061] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5063] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5062] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5061] openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5060] newfstatat(AT_FDCWD, "./3/bus", [pid 5065] <... openat resumed>) = 3 [pid 5063] getdents64(4, [pid 5062] close(3) = 0 [pid 5061] <... openat resumed>) = 4 [pid 5060] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5062] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5060] umount2("./3/bus", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5121 attached [pid 5065] ioctl(3, LOOP_CLR_FD [pid 5063] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5061] newfstatat(4, "", [pid 5065] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5063] close(4 [pid 5121] set_robust_list(0x5555565f3660, 24 [pid 5065] close(3 [pid 5062] <... clone resumed>, child_tidptr=0x5555565f3650) = 5121 [pid 5061] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5060] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... close resumed>) = 0 [pid 5063] <... close resumed>) = 0 [pid 5060] openat(AT_FDCWD, "./3/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5063] rmdir("./3/file0" [pid 5061] getdents64(4, [pid 5063] <... rmdir resumed>) = 0 [pid 5121] <... set_robust_list resumed>) = 0 ./strace-static-x86_64: Process 5122 attached [pid 5121] chdir("./4" [pid 5063] getdents64(3, [pid 5061] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5060] <... openat resumed>) = 4 [pid 5122] set_robust_list(0x5555565f3660, 24 [pid 5061] getdents64(4, [pid 5060] newfstatat(4, "", [pid 5063] <... getdents64 resumed>0x5555565f46f0 /* 0 entries */, 32768) = 0 [pid 5121] <... chdir resumed>) = 0 [pid 5063] close(3 [pid 5061] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5060] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] <... close resumed>) = 0 [pid 5061] close(4 [pid 5122] <... set_robust_list resumed>) = 0 [pid 5060] getdents64(4, [pid 5061] <... close resumed>) = 0 [pid 5122] chdir("./4" [pid 5121] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5065] <... clone resumed>, child_tidptr=0x5555565f3650) = 5122 [pid 5063] rmdir("./3" [pid 5061] rmdir("./3/file0" [pid 5060] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5122] <... chdir resumed>) = 0 [pid 5121] <... prctl resumed>) = 0 [pid 5122] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5121] setpgid(0, 0 [pid 5061] <... rmdir resumed>) = 0 [pid 5060] getdents64(4, [pid 5122] <... prctl resumed>) = 0 [pid 5121] <... setpgid resumed>) = 0 [pid 5063] <... rmdir resumed>) = 0 [pid 5061] getdents64(3, [pid 5060] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5122] setpgid(0, 0 [pid 5121] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5061] <... getdents64 resumed>0x5555565f46f0 /* 0 entries */, 32768) = 0 [pid 5060] close(4 [pid 5122] <... setpgid resumed>) = 0 [pid 5121] <... openat resumed>) = 3 [pid 5063] mkdir("./4", 0777 [pid 5121] write(3, "1000", 4 [pid 5122] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5060] <... close resumed>) = 0 [pid 5121] <... write resumed>) = 4 [pid 5121] close(3) = 0 [pid 5063] <... mkdir resumed>) = 0 [pid 5060] rmdir("./3/bus" [pid 5122] <... openat resumed>) = 3 [pid 5121] symlink("/dev/binderfs", "./binderfs" [pid 5122] write(3, "1000", 4 [pid 5121] <... symlink resumed>) = 0 [pid 5061] close(3 [pid 5060] <... rmdir resumed>) = 0 [pid 5122] <... write resumed>) = 4 [pid 5121] memfd_create("syzkaller", 0 [pid 5063] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5061] <... close resumed>) = 0 [pid 5060] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5122] close(3 [pid 5121] <... memfd_create resumed>) = 3 [pid 5061] rmdir("./3" [pid 5122] <... close resumed>) = 0 [pid 5063] <... openat resumed>) = 3 [pid 5060] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5122] symlink("/dev/binderfs", "./binderfs" [pid 5121] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5063] ioctl(3, LOOP_CLR_FD [pid 5061] <... rmdir resumed>) = 0 [pid 5060] newfstatat(AT_FDCWD, "./3/binderfs", [pid 5122] <... symlink resumed>) = 0 [pid 5121] <... mmap resumed>) = 0x7f753d06e000 [pid 5063] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5060] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5122] memfd_create("syzkaller", 0 [pid 5063] close(3 [pid 5061] mkdir("./4", 0777 [pid 5060] unlink("./3/binderfs" [pid 5063] <... close resumed>) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5061] <... mkdir resumed>) = 0 [pid 5060] <... unlink resumed>) = 0 [pid 5122] <... memfd_create resumed>) = 3 [pid 5060] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5123 attached [pid 5122] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5120] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5063] <... clone resumed>, child_tidptr=0x5555565f3650) = 5123 [pid 5061] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5122] <... mmap resumed>) = 0x7f753d06e000 [pid 5123] set_robust_list(0x5555565f3660, 24) = 0 [pid 5123] chdir("./4") = 0 [pid 5123] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5123] setpgid(0, 0) = 0 [pid 5123] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5123] write(3, "1000", 4 [pid 5061] <... openat resumed>) = 3 [pid 5123] <... write resumed>) = 4 [pid 5123] close(3 [pid 5061] ioctl(3, LOOP_CLR_FD [pid 5060] <... umount2 resumed>) = 0 [pid 5123] <... close resumed>) = 0 [pid 5123] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5123] memfd_create("syzkaller", 0) = 3 [pid 5123] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f753d06e000 [pid 5061] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5060] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5061] close(3 [pid 5060] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5060] newfstatat(AT_FDCWD, "./3/file0", [pid 5061] <... close resumed>) = 0 [pid 5060] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5061] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5060] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5061] <... clone resumed>, child_tidptr=0x5555565f3650) = 5124 ./strace-static-x86_64: Process 5124 attached [pid 5060] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5060] openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5124] set_robust_list(0x5555565f3660, 24) = 0 [pid 5060] <... openat resumed>) = 4 [pid 5124] chdir("./4") = 0 [pid 5060] newfstatat(4, "", [pid 5124] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5060] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5060] getdents64(4, [pid 5124] setpgid(0, 0) = 0 [pid 5124] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5060] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5124] <... openat resumed>) = 3 [pid 5060] getdents64(4, [pid 5124] write(3, "1000", 4 [pid 5060] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5124] <... write resumed>) = 4 [pid 5060] close(4 [pid 5124] close(3 [pid 5060] <... close resumed>) = 0 [pid 5124] <... close resumed>) = 0 [pid 5060] rmdir("./3/file0" [pid 5124] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5060] <... rmdir resumed>) = 0 [pid 5124] memfd_create("syzkaller", 0) = 3 [pid 5060] getdents64(3, [pid 5124] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f753d06e000 [pid 5121] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5060] <... getdents64 resumed>0x5555565f46f0 /* 0 entries */, 32768) = 0 [pid 5060] close(3 [pid 5122] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5060] <... close resumed>) = 0 [pid 5060] rmdir("./3") = 0 [pid 5060] mkdir("./4", 0777) = 0 [pid 5123] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5120] <... write resumed>) = 4194304 [pid 5060] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5060] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5120] munmap(0x7f753d06e000, 138412032 [pid 5060] close(3) = 0 [pid 5060] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555565f3650) = 5125 [pid 5120] <... munmap resumed>) = 0 ./strace-static-x86_64: Process 5125 attached [pid 5125] set_robust_list(0x5555565f3660, 24 [pid 5120] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5120] ioctl(4, LOOP_SET_FD, 3 [pid 5125] <... set_robust_list resumed>) = 0 [pid 5125] chdir("./4") = 0 [pid 5120] <... ioctl resumed>) = 0 [pid 5125] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5120] close(3 [pid 5125] <... prctl resumed>) = 0 [pid 5125] setpgid(0, 0 [pid 5120] <... close resumed>) = 0 [pid 5125] <... setpgid resumed>) = 0 [pid 5120] mkdir("./bus", 0777 [pid 5125] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5120] <... mkdir resumed>) = 0 [pid 5125] write(3, "1000", 4 [pid 5120] mount("/dev/loop4", "./bus", "reiserfs", MS_RDONLY|MS_NOSUID|MS_NODEV, "barrier=none,jqfmt=vfsold,data=ordered,jdev=./bus,smackfshat=re" [pid 5125] <... write resumed>) = 4 [pid 5122] <... write resumed>) = 4194304 [pid 5125] close(3 [pid 5122] munmap(0x7f753d06e000, 138412032 [pid 5125] <... close resumed>) = 0 [pid 5122] <... munmap resumed>) = 0 [pid 5125] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5122] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5122] ioctl(4, LOOP_SET_FD, 3 [ 62.409278][ T5120] loop4: detected capacity change from 0 to 8192 [pid 5125] memfd_create("syzkaller", 0 [pid 5124] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5125] <... memfd_create resumed>) = 3 [pid 5125] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f753d06e000 [pid 5122] <... ioctl resumed>) = 0 [pid 5122] close(3 [pid 5121] <... write resumed>) = 4194304 [pid 5122] <... close resumed>) = 0 [pid 5122] mkdir("./bus", 0777) = 0 [pid 5122] mount("/dev/loop5", "./bus", "reiserfs", MS_RDONLY|MS_NOSUID|MS_NODEV, "barrier=none,jqfmt=vfsold,data=ordered,jdev=./bus,smackfshat=re" [ 62.455340][ T5122] loop5: detected capacity change from 0 to 8192 [ 62.463361][ T5120] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 62.490205][ T5120] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [pid 5121] munmap(0x7f753d06e000, 138412032 [pid 5123] <... write resumed>) = 4194304 [pid 5121] <... munmap resumed>) = 0 [pid 5121] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 62.500161][ T5120] REISERFS (device loop4): using ordered data mode [ 62.509126][ T5122] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 62.509801][ T5120] REISERFS warning (device loop4): sh-457 journal_init_dev: journal_init_dev: Cannot open './bus': -15 [ 62.533448][ T5120] REISERFS warning (device loop4): sh-462 journal_init: unable to initialize journal device [ 62.546341][ T5121] loop2: detected capacity change from 0 to 8192 [pid 5121] ioctl(4, LOOP_SET_FD, 3 [pid 5123] munmap(0x7f753d06e000, 138412032 [pid 5121] <... ioctl resumed>) = 0 [pid 5121] close(3) = 0 [pid 5121] mkdir("./bus", 0777) = 0 [pid 5121] mount("/dev/loop2", "./bus", "reiserfs", MS_RDONLY|MS_NOSUID|MS_NODEV, "barrier=none,jqfmt=vfsold,data=ordered,jdev=./bus,smackfshat=re" [pid 5123] <... munmap resumed>) = 0 [pid 5123] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [ 62.555020][ T5122] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 62.564313][ T5122] REISERFS (device loop5): using ordered data mode [ 62.576972][ T5121] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 62.586629][ T5120] REISERFS warning (device loop4): sh-2022 reiserfs_fill_super: unable to initialize journal space [pid 5123] ioctl(4, LOOP_SET_FD, 3 [pid 5124] <... write resumed>) = 4194304 [pid 5124] munmap(0x7f753d06e000, 138412032) = 0 [pid 5125] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5124] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5124] ioctl(4, LOOP_SET_FD, 3 [pid 5123] <... ioctl resumed>) = 0 [pid 5122] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5120] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5123] close(3 [pid 5122] ioctl(4, LOOP_CLR_FD [pid 5120] ioctl(4, LOOP_CLR_FD [pid 5123] <... close resumed>) = 0 [ 62.592276][ T5123] loop3: detected capacity change from 0 to 8192 [ 62.605114][ T5122] REISERFS warning (device loop5): sh-457 journal_init_dev: journal_init_dev: Cannot open './bus': -15 [ 62.618161][ T5122] REISERFS warning (device loop5): sh-462 journal_init: unable to initialize journal device [ 62.630046][ T5121] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 62.630538][ T5122] REISERFS warning (device loop5): sh-2022 reiserfs_fill_super: unable to initialize journal space [ 62.642615][ T5124] loop1: detected capacity change from 0 to 8192 [pid 5123] mkdir("./bus", 0777) = 0 [pid 5123] mount("/dev/loop3", "./bus", "reiserfs", MS_RDONLY|MS_NOSUID|MS_NODEV, "barrier=none,jqfmt=vfsold,data=ordered,jdev=./bus,smackfshat=re" [pid 5124] <... ioctl resumed>) = 0 [pid 5124] close(3) = 0 [pid 5124] mkdir("./bus", 0777) = 0 [ 62.675003][ T5123] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 62.677260][ T5121] REISERFS (device loop2): using ordered data mode [ 62.694453][ T5123] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 62.703854][ T5123] REISERFS (device loop3): using ordered data mode [pid 5124] mount("/dev/loop1", "./bus", "reiserfs", MS_RDONLY|MS_NOSUID|MS_NODEV, "barrier=none,jqfmt=vfsold,data=ordered,jdev=./bus,smackfshat=re" [pid 5125] <... write resumed>) = 4194304 [pid 5125] munmap(0x7f753d06e000, 138412032) = 0 [pid 5125] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 62.714576][ T5124] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 62.723824][ T5123] REISERFS warning (device loop3): sh-457 journal_init_dev: journal_init_dev: Cannot open './bus': -15 [ 62.730425][ T5124] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 62.749917][ T5124] REISERFS (device loop1): using ordered data mode [ 62.759757][ T5125] loop0: detected capacity change from 0 to 8192 [pid 5125] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5125] close(3) = 0 [pid 5125] mkdir("./bus", 0777) = 0 [ 62.762629][ T5124] REISERFS warning (device loop1): sh-457 journal_init_dev: journal_init_dev: Cannot open './bus': -15 [ 62.778350][ T5124] REISERFS warning (device loop1): sh-462 journal_init: unable to initialize journal device [ 62.794345][ T5124] REISERFS warning (device loop1): sh-2022 reiserfs_fill_super: unable to initialize journal space [ 62.796204][ T5121] REISERFS warning (device loop2): sh-457 journal_init_dev: journal_init_dev: Cannot open './bus': -15 [pid 5124] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5125] mount("/dev/loop0", "./bus", "reiserfs", MS_RDONLY|MS_NOSUID|MS_NODEV, "barrier=none,jqfmt=vfsold,data=ordered,jdev=./bus,smackfshat=re" [ 62.810130][ T5123] REISERFS warning (device loop3): sh-462 journal_init: unable to initialize journal device [ 62.816991][ T5121] REISERFS warning (device loop2): sh-462 journal_init: unable to initialize journal device [ 62.840415][ T5121] REISERFS warning (device loop2): sh-2022 reiserfs_fill_super: unable to initialize journal space [ 62.852265][ T5125] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 62.866092][ T5125] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [pid 5124] ioctl(4, LOOP_CLR_FD [pid 5121] <... mount resumed>) = -1 EINVAL (Invalid argument) [ 62.877051][ T5125] REISERFS (device loop0): using ordered data mode [ 62.886582][ T5125] REISERFS warning (device loop0): sh-457 journal_init_dev: journal_init_dev: Cannot open './bus': -15 [ 62.898061][ T5125] REISERFS warning (device loop0): sh-462 journal_init: unable to initialize journal device [ 62.910511][ T5123] REISERFS warning (device loop3): sh-2022 reiserfs_fill_super: unable to initialize journal space [pid 5121] ioctl(4, LOOP_CLR_FD [pid 5122] <... ioctl resumed>) = 0 [pid 5125] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5120] <... ioctl resumed>) = 0 [pid 5125] ioctl(4, LOOP_CLR_FD [pid 5120] close(4 [pid 5123] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5122] close(4) = 0 [pid 5122] read(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 5122] openat(AT_FDCWD, "/proc/crypto", O_RDONLY) = 3 [pid 5122] read(3, "name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5122] memfd_create("syzkaller", 0) = 4 [pid 5122] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f753d06e000 [pid 5122] write(4, "\x60\x1c\x6d\x6b\x64\x20\x00\x66\x81\x7c\xe1\x00\x08\x08\x01\x00\x02\x40\x00\x40\x00\xf8\x01\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x90\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 131072) = 131072 [pid 5123] ioctl(4, LOOP_CLR_FD [pid 5122] munmap(0x7f753d06e000, 138412032 [pid 5120] <... close resumed>) = 0 [pid 5122] <... munmap resumed>) = 0 [pid 5120] read(-1, [pid 5122] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5120] <... read resumed>NULL, 0) = -1 EBADF (Bad file descriptor) [ 62.910621][ T5125] REISERFS warning (device loop0): sh-2022 reiserfs_fill_super: unable to initialize journal space [pid 5122] <... openat resumed>) = 5 [pid 5120] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5122] ioctl(5, LOOP_SET_FD, 4 [pid 5120] <... openat resumed>) = 3 [pid 5120] read(3, "name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5120] memfd_create("syzkaller", 0 [pid 5122] <... ioctl resumed>) = 0 [pid 5120] <... memfd_create resumed>) = 4 [pid 5122] close(4 [pid 5120] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5122] <... close resumed>) = 0 [pid 5120] <... mmap resumed>) = 0x7f753d06e000 [pid 5122] mkdir("./file0", 0777 [pid 5124] <... ioctl resumed>) = 0 [pid 5122] <... mkdir resumed>) = 0 [pid 5120] write(4, "\x60\x1c\x6d\x6b\x64\x20\x00\x66\x81\x7c\xe1\x00\x08\x08\x01\x00\x02\x40\x00\x40\x00\xf8\x01\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x90\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 131072 [pid 5124] close(4 [pid 5122] mount("/dev/loop5", "./file0", "vfat", 0, "nonumtail=0,quiet,uni_xlate=1,uni_xlate=1,nonumtail=1,fmask=01777777777777777777777,utf8=1,rodir,utf"... [pid 5124] <... close resumed>) = 0 [pid 5124] read(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 5124] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5122] <... mount resumed>) = 0 [pid 5124] <... openat resumed>) = 3 [pid 5122] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5124] read(3, [pid 5122] <... openat resumed>) = 4 [pid 5124] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5122] chdir("./file0" [pid 5124] memfd_create("syzkaller", 0 [pid 5122] <... chdir resumed>) = 0 [pid 5124] <... memfd_create resumed>) = 4 [pid 5122] ioctl(5, LOOP_CLR_FD [pid 5120] <... write resumed>) = 131072 [pid 5124] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5122] <... ioctl resumed>) = 0 [pid 5124] <... mmap resumed>) = 0x7f753d06e000 [pid 5122] close(5 [pid 5124] write(4, "\x60\x1c\x6d\x6b\x64\x20\x00\x66\x81\x7c\xe1\x00\x08\x08\x01\x00\x02\x40\x00\x40\x00\xf8\x01\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x90\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 131072 [pid 5122] <... close resumed>) = 0 [pid 5120] munmap(0x7f753d06e000, 138412032 [pid 5122] openat(AT_FDCWD, "/proc/crypto", O_RDONLY) = 5 [pid 5120] <... munmap resumed>) = 0 [ 62.969540][ T5122] loop5: detected capacity change from 0 to 256 [pid 5122] read(5, [pid 5120] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5124] <... write resumed>) = 131072 [pid 5122] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5120] <... openat resumed>) = 5 [pid 5122] read(5, [pid 5121] <... ioctl resumed>) = 0 [pid 5120] ioctl(5, LOOP_SET_FD, 4 [pid 5122] <... read resumed>"name : __xts(aes)\ndriver : __xts-aes-aesni\nmodule : kernel\npriority : 401\nre"..., 8224) = 3922 [pid 5121] close(4 [pid 5124] munmap(0x7f753d06e000, 138412032 [pid 5122] creat("./bus", 000 [pid 5124] <... munmap resumed>) = 0 [pid 5122] <... creat resumed>) = 6 [pid 5121] <... close resumed>) = 0 [pid 5122] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5124] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5122] <... mount resumed>) = 0 [pid 5124] <... openat resumed>) = 5 [pid 5122] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 7 [pid 5124] ioctl(5, LOOP_SET_FD, 4 [pid 5122] pwritev2(7, [{iov_base="\x85\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=2244608}, {iov_base=0x20797469726f6972, iov_len=3473436646628663328}], 2, 5120, RWF_DSYNC) = -1 ENOSPC (No space left on device) [pid 5122] exit_group(0) = ? [pid 5121] read(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 5121] openat(AT_FDCWD, "/proc/crypto", O_RDONLY) = 3 [pid 5121] read(3, "name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5122] +++ exited with 0 +++ [pid 5121] memfd_create("syzkaller", 0 [pid 5120] <... ioctl resumed>) = 0 [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5122, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=17 /* 0.17 s */} --- [pid 5121] <... memfd_create resumed>) = 4 [pid 5121] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5065] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5124] <... ioctl resumed>) = 0 [pid 5121] <... mmap resumed>) = 0x7f753d06e000 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5120] close(4 [pid 5124] close(4 [pid 5065] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] newfstatat(3, "", [pid 5124] <... close resumed>) = 0 [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5124] mkdir("./file0", 0777) = 0 [pid 5121] write(4, "\x60\x1c\x6d\x6b\x64\x20\x00\x66\x81\x7c\xe1\x00\x08\x08\x01\x00\x02\x40\x00\x40\x00\xf8\x01\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x90\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 131072 [pid 5120] <... close resumed>) = 0 [pid 5065] getdents64(3, [pid 5124] mount("/dev/loop1", "./file0", "vfat", 0, "nonumtail=0,quiet,uni_xlate=1,uni_xlate=1,nonumtail=1,fmask=01777777777777777777777,utf8=1,rodir,utf"... [pid 5120] mkdir("./file0", 0777 [pid 5065] <... getdents64 resumed>0x5555565f46f0 /* 5 entries */, 32768) = 136 [pid 5121] <... write resumed>) = 131072 [pid 5065] umount2("./4/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5121] munmap(0x7f753d06e000, 138412032 [pid 5120] <... mkdir resumed>) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5124] <... mount resumed>) = 0 [pid 5124] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 4 [pid 5124] chdir("./file0" [pid 5120] mount("/dev/loop4", "./file0", "vfat", 0, "nonumtail=0,quiet,uni_xlate=1,uni_xlate=1,nonumtail=1,fmask=01777777777777777777777,utf8=1,rodir,utf"... [pid 5065] newfstatat(AT_FDCWD, "./4/bus", [pid 5124] <... chdir resumed>) = 0 [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5124] ioctl(5, LOOP_CLR_FD) = 0 [pid 5124] close(5) = 0 [pid 5124] openat(AT_FDCWD, "/proc/crypto", O_RDONLY) = 5 [pid 5121] <... munmap resumed>) = 0 [pid 5124] read(5, "name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5124] read(5, "name : __xts(aes)\ndriver : __xts-aes-aesni\nmodule : kernel\npriority : 401\nre"..., 8224) = 3922 [pid 5124] creat("./bus", 000) = 6 [pid 5121] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5120] <... mount resumed>) = 0 [pid 5124] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5121] <... openat resumed>) = 5 [pid 5120] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5065] umount2("./4/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5124] <... mount resumed>) = 0 [pid 5121] ioctl(5, LOOP_SET_FD, 4 [pid 5120] <... openat resumed>) = 4 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5124] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [ 63.039577][ T5120] loop4: detected capacity change from 0 to 256 [ 63.043755][ T5124] loop1: detected capacity change from 0 to 256 [pid 5120] chdir("./file0" [pid 5124] <... open resumed>) = 7 [pid 5120] <... chdir resumed>) = 0 [pid 5124] pwritev2(7, [{iov_base="\x85\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=2244608}, {iov_base=0x20797469726f6972, iov_len=3473436646628663328}], 2, 5120, RWF_DSYNC) = -1 ENOSPC (No space left on device) [pid 5124] exit_group(0) = ? [pid 5120] ioctl(5, LOOP_CLR_FD [pid 5124] +++ exited with 0 +++ [pid 5123] <... ioctl resumed>) = 0 [pid 5120] <... ioctl resumed>) = 0 [pid 5120] close(5 [pid 5061] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5124, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=23 /* 0.23 s */} --- [pid 5120] <... close resumed>) = 0 [pid 5120] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5061] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5120] <... openat resumed>) = 5 [pid 5061] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5061] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5120] read(5, [pid 5065] openat(AT_FDCWD, "./4/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5061] <... openat resumed>) = 3 [pid 5061] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5061] getdents64(3, [pid 5120] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5065] <... openat resumed>) = 4 [pid 5065] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] getdents64(4, 0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5123] close(4 [pid 5065] getdents64(4, [pid 5125] <... ioctl resumed>) = 0 [pid 5065] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5125] close(4 [pid 5123] <... close resumed>) = 0 [pid 5121] <... ioctl resumed>) = 0 [pid 5120] read(5, [pid 5065] close(4 [pid 5061] <... getdents64 resumed>0x5555565f46f0 /* 5 entries */, 32768) = 136 [pid 5125] <... close resumed>) = 0 [pid 5123] read(-1, [pid 5121] close(4 [pid 5120] <... read resumed>"name : __xts(aes)\ndriver : __xts-aes-aesni\nmodule : kernel\npriority : 401\nre"..., 8224) = 3922 [pid 5065] <... close resumed>) = 0 [pid 5125] read(-1, [pid 5123] <... read resumed>NULL, 0) = -1 EBADF (Bad file descriptor) [pid 5121] <... close resumed>) = 0 [pid 5120] creat("./bus", 000 [pid 5065] rmdir("./4/bus" [pid 5061] umount2("./4/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5125] <... read resumed>NULL, 0) = -1 EBADF (Bad file descriptor) [pid 5123] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5121] mkdir("./file0", 0777 [pid 5065] <... rmdir resumed>) = 0 [pid 5061] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5125] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5123] <... openat resumed>) = 3 [pid 5120] <... creat resumed>) = 6 [pid 5065] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5125] <... openat resumed>) = 3 [pid 5123] read(3, [pid 5121] <... mkdir resumed>) = 0 [pid 5120] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5061] newfstatat(AT_FDCWD, "./4/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] newfstatat(AT_FDCWD, "./4/binderfs", [pid 5123] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5065] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5061] umount2("./4/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5120] <... mount resumed>) = 0 [pid 5065] unlink("./4/binderfs" [pid 5061] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5123] memfd_create("syzkaller", 0 [pid 5061] openat(AT_FDCWD, "./4/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5123] <... memfd_create resumed>) = 4 [pid 5120] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 5065] <... unlink resumed>) = 0 [pid 5123] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5121] mount("/dev/loop2", "./file0", "vfat", 0, "nonumtail=0,quiet,uni_xlate=1,uni_xlate=1,nonumtail=1,fmask=01777777777777777777777,utf8=1,rodir,utf"... [pid 5120] <... open resumed>) = 7 [pid 5065] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5061] <... openat resumed>) = 4 [pid 5123] <... mmap resumed>) = 0x7f753d06e000 [pid 5061] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5123] write(4, "\x60\x1c\x6d\x6b\x64\x20\x00\x66\x81\x7c\xe1\x00\x08\x08\x01\x00\x02\x40\x00\x40\x00\xf8\x01\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x90\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 131072 [pid 5061] getdents64(4, 0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5120] pwritev2(7, [{iov_base="\x85\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=2244608}, {iov_base=0x20797469726f6972, iov_len=3473436646628663328}], 2, 5120, RWF_DSYNC) = -1 ENOSPC (No space left on device) [pid 5061] getdents64(4, [pid 5120] exit_group(0 [pid 5061] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5120] <... exit_group resumed>) = ? [pid 5061] close(4) = 0 [pid 5123] <... write resumed>) = 131072 [pid 5061] rmdir("./4/bus" [pid 5121] <... mount resumed>) = 0 [pid 5061] <... rmdir resumed>) = 0 [pid 5121] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5125] read(3, [pid 5121] <... openat resumed>) = 4 [pid 5125] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5123] munmap(0x7f753d06e000, 138412032 [pid 5121] chdir("./file0" [pid 5120] +++ exited with 0 +++ [pid 5065] <... umount2 resumed>) = 0 [pid 5061] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5121] <... chdir resumed>) = 0 [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5120, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=21 /* 0.21 s */} --- [pid 5125] memfd_create("syzkaller", 0 [pid 5123] <... munmap resumed>) = 0 [pid 5121] ioctl(5, LOOP_CLR_FD [pid 5065] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5061] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5125] <... memfd_create resumed>) = 4 [pid 5123] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5121] <... ioctl resumed>) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5125] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5123] <... openat resumed>) = 5 [pid 5121] close(5 [pid 5065] newfstatat(AT_FDCWD, "./4/file0", [pid 5064] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5061] newfstatat(AT_FDCWD, "./4/binderfs", [pid 5125] <... mmap resumed>) = 0x7f753d06e000 [pid 5123] ioctl(5, LOOP_SET_FD, 4 [pid 5121] <... close resumed>) = 0 [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 63.099392][ T5121] loop2: detected capacity change from 0 to 256 [pid 5121] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5065] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5061] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] <... openat resumed>) = 3 [pid 5125] write(4, "\x60\x1c\x6d\x6b\x64\x20\x00\x66\x81\x7c\xe1\x00\x08\x08\x01\x00\x02\x40\x00\x40\x00\xf8\x01\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x90\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 131072 [pid 5065] openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] newfstatat(3, "", [pid 5061] unlink("./4/binderfs" [pid 5065] <... openat resumed>) = 4 [pid 5065] newfstatat(4, "", [pid 5064] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5061] <... unlink resumed>) = 0 [pid 5125] <... write resumed>) = 131072 [pid 5121] <... openat resumed>) = 5 [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5064] getdents64(3, [pid 5121] read(5, "name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5065] getdents64(4, [pid 5064] <... getdents64 resumed>0x5555565f46f0 /* 5 entries */, 32768) = 136 [pid 5061] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5121] read(5, [pid 5065] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5121] <... read resumed>"name : __xts(aes)\ndriver : __xts-aes-aesni\nmodule : kernel\npriority : 401\nre"..., 8224) = 3922 [pid 5065] getdents64(4, [pid 5064] umount2("./4/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5125] munmap(0x7f753d06e000, 138412032 [pid 5121] creat("./bus", 000 [pid 5065] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5125] <... munmap resumed>) = 0 [pid 5065] close(4 [pid 5064] newfstatat(AT_FDCWD, "./4/bus", [pid 5121] <... creat resumed>) = 6 [pid 5065] <... close resumed>) = 0 [pid 5061] <... umount2 resumed>) = 0 [pid 5121] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5065] rmdir("./4/file0" [pid 5064] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5125] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5121] <... mount resumed>) = 0 [pid 5065] <... rmdir resumed>) = 0 [pid 5061] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5125] <... openat resumed>) = 5 [pid 5123] <... ioctl resumed>) = 0 [pid 5121] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 5064] umount2("./4/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5125] ioctl(5, LOOP_SET_FD, 4 [pid 5123] close(4 [pid 5121] <... open resumed>) = 7 [pid 5065] getdents64(3, [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5061] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./4/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] <... getdents64 resumed>0x5555565f46f0 /* 0 entries */, 32768) = 0 [pid 5064] newfstatat(4, "", [pid 5121] pwritev2(7, [{iov_base="\x85\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=2244608}, {iov_base=0x20797469726f6972, iov_len=3473436646628663328}], 2, 5120, RWF_DSYNC [pid 5065] close(3 [pid 5064] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5061] newfstatat(AT_FDCWD, "./4/file0", [pid 5123] <... close resumed>) = 0 [pid 5123] mkdir("./file0", 0777 [pid 5065] <... close resumed>) = 0 [pid 5064] getdents64(4, [pid 5061] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] rmdir("./4" [pid 5064] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5065] <... rmdir resumed>) = 0 [pid 5064] getdents64(4, [pid 5065] mkdir("./5", 0777 [pid 5064] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5065] <... mkdir resumed>) = 0 [pid 5064] close(4) = 0 [pid 5064] rmdir("./4/bus") = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5064] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] ioctl(3, LOOP_CLR_FD [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5125] <... ioctl resumed>) = 0 [pid 5065] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5064] newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5125] close(4 [pid 5065] close(3 [pid 5064] unlink("./4/binderfs" [pid 5125] <... close resumed>) = 0 [pid 5123] <... mkdir resumed>) = 0 [pid 5065] <... close resumed>) = 0 [pid 5064] <... unlink resumed>) = 0 [pid 5061] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5125] mkdir("./file0", 0777 [pid 5123] mount("/dev/loop3", "./file0", "vfat", 0, "nonumtail=0,quiet,uni_xlate=1,uni_xlate=1,nonumtail=1,fmask=01777777777777777777777,utf8=1,rodir,utf"... [ 63.153851][ T5123] loop3: detected capacity change from 0 to 256 [ 63.175970][ T5125] loop0: detected capacity change from 0 to 256 [ 63.187581][ T5121] I/O error, dev loop0, sector 10 op 0x1:(WRITE) flags 0x8800 phys_seg 31 prio class 2 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5061] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5125] <... mkdir resumed>) = 0 [pid 5064] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5132 attached [pid 5132] set_robust_list(0x5555565f3660, 24) = 0 [pid 5125] mount("/dev/loop0", "./file0", "vfat", 0, "nonumtail=0,quiet,uni_xlate=1,uni_xlate=1,nonumtail=1,fmask=01777777777777777777777,utf8=1,rodir,utf"... [pid 5132] chdir("./5") = 0 [pid 5065] <... clone resumed>, child_tidptr=0x5555565f3650) = 5132 [pid 5132] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5132] setpgid(0, 0 [pid 5061] openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5132] <... setpgid resumed>) = 0 [pid 5132] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5061] <... openat resumed>) = 4 [pid 5123] <... mount resumed>) = 0 [pid 5061] newfstatat(4, "", [pid 5123] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5132] <... openat resumed>) = 3 [pid 5125] <... mount resumed>) = 0 [pid 5123] <... openat resumed>) = 4 [pid 5061] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5125] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5123] chdir("./file0" [pid 5061] getdents64(4, [pid 5132] write(3, "1000", 4 [pid 5125] <... openat resumed>) = 4 [pid 5132] <... write resumed>) = 4 [pid 5125] chdir("./file0" [pid 5123] <... chdir resumed>) = 0 [pid 5061] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5132] close(3 [pid 5125] <... chdir resumed>) = 0 [pid 5123] ioctl(5, LOOP_CLR_FD [pid 5061] getdents64(4, [pid 5132] <... close resumed>) = 0 [pid 5125] ioctl(5, LOOP_CLR_FD [pid 5123] <... ioctl resumed>) = 0 [pid 5061] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5132] symlink("/dev/binderfs", "./binderfs" [pid 5125] <... ioctl resumed>) = 0 [pid 5123] close(5 [pid 5061] close(4 [pid 5132] <... symlink resumed>) = 0 [pid 5125] close(5 [pid 5123] <... close resumed>) = 0 [pid 5125] <... close resumed>) = 0 [pid 5123] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5121] <... pwritev2 resumed>) = -1 EIO (Input/output error) [pid 5061] <... close resumed>) = 0 [pid 5132] memfd_create("syzkaller", 0 [pid 5125] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5061] rmdir("./4/file0" [pid 5123] <... openat resumed>) = 5 [pid 5132] <... memfd_create resumed>) = 3 [pid 5125] <... openat resumed>) = 5 [pid 5121] exit_group(0 [pid 5064] <... umount2 resumed>) = 0 [pid 5132] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5125] read(5, [pid 5064] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5132] <... mmap resumed>) = 0x7f753d06e000 [pid 5125] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5123] read(5, [pid 5121] <... exit_group resumed>) = ? [pid 5064] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5061] <... rmdir resumed>) = 0 [pid 5123] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5121] +++ exited with 0 +++ [pid 5061] getdents64(3, [pid 5123] read(5, [pid 5125] read(5, "name : __xts(aes)\ndriver : __xts-aes-aesni\nmodule : kernel\npriority : 401\nre"..., 8224) = 3922 [pid 5062] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5121, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=21 /* 0.21 s */} --- [pid 5123] <... read resumed>"name : __xts(aes)\ndriver : __xts-aes-aesni\nmodule : kernel\npriority : 401\nre"..., 8224) = 3922 [pid 5062] restart_syscall(<... resuming interrupted clone ...> [pid 5061] <... getdents64 resumed>0x5555565f46f0 /* 0 entries */, 32768) = 0 [pid 5123] creat("./bus", 000 [pid 5062] <... restart_syscall resumed>) = 0 [pid 5061] close(3 [pid 5125] creat("./bus", 000 [pid 5061] <... close resumed>) = 0 [pid 5125] <... creat resumed>) = 6 [pid 5123] <... creat resumed>) = 6 [pid 5061] rmdir("./4" [pid 5123] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5125] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0 [pid 5064] newfstatat(AT_FDCWD, "./4/file0", [pid 5062] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5061] <... rmdir resumed>) = 0 [pid 5064] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5064] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5125] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 5064] <... openat resumed>) = 4 [pid 5125] <... open resumed>) = 7 [pid 5123] <... mount resumed>) = 0 [pid 5064] newfstatat(4, "", [pid 5062] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5061] mkdir("./5", 0777 [pid 5125] pwritev2(7, [{iov_base="\x85\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=2244608}, {iov_base=0x20797469726f6972, iov_len=3473436646628663328}], 2, 5120, RWF_DSYNC [pid 5123] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 5064] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5062] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] getdents64(4, [pid 5061] <... mkdir resumed>) = 0 [pid 5123] <... open resumed>) = 7 [pid 5064] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5062] <... openat resumed>) = 3 [pid 5061] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5123] pwritev2(7, [{iov_base="\x85\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=2244608}, {iov_base=0x20797469726f6972, iov_len=3473436646628663328}], 2, 5120, RWF_DSYNC [pid 5064] getdents64(4, [pid 5062] newfstatat(3, "", [pid 5061] <... openat resumed>) = 3 [pid 5064] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5061] ioctl(3, LOOP_CLR_FD [pid 5064] close(4 [pid 5062] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5061] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5061] close(3 [pid 5062] getdents64(3, [pid 5064] <... close resumed>) = 0 [pid 5064] rmdir("./4/file0" [pid 5062] <... getdents64 resumed>0x5555565f46f0 /* 5 entries */, 32768) = 136 [pid 5061] <... close resumed>) = 0 [ 63.205874][ T5121] I/O error, dev loop0, sector 10 op 0x1:(WRITE) flags 0x8800 phys_seg 31 prio class 2 [pid 5064] <... rmdir resumed>) = 0 [pid 5062] umount2("./4/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5061] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5064] getdents64(3, 0x5555565f46f0 /* 0 entries */, 32768) = 0 [pid 5064] close(3) = 0 [pid 5064] rmdir("./4"./strace-static-x86_64: Process 5133 attached [pid 5123] <... pwritev2 resumed>) = 125952 [pid 5064] <... rmdir resumed>) = 0 [pid 5062] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5064] mkdir("./5", 0777 [pid 5062] newfstatat(AT_FDCWD, "./4/bus", [pid 5061] <... clone resumed>, child_tidptr=0x5555565f3650) = 5133 [pid 5133] set_robust_list(0x5555565f3660, 24 [pid 5123] exit_group(0 [pid 5064] <... mkdir resumed>) = 0 [pid 5133] <... set_robust_list resumed>) = 0 [pid 5123] <... exit_group resumed>) = ? [pid 5062] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5062] umount2("./4/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5125] <... pwritev2 resumed>) = 125952 [pid 5064] close(3 [pid 5062] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5133] chdir("./5" [pid 5125] exit_group(0 [pid 5123] +++ exited with 0 +++ [pid 5064] <... close resumed>) = 0 [pid 5062] openat(AT_FDCWD, "./4/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5133] <... chdir resumed>) = 0 [pid 5125] <... exit_group resumed>) = ? [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5123, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=16 /* 0.16 s */} --- [pid 5133] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5125] +++ exited with 0 +++ [pid 5062] <... openat resumed>) = 4 [pid 5133] <... prctl resumed>) = 0 [pid 5062] newfstatat(4, "", ./strace-static-x86_64: Process 5134 attached [pid 5133] setpgid(0, 0 [pid 5064] <... clone resumed>, child_tidptr=0x5555565f3650) = 5134 [pid 5134] set_robust_list(0x5555565f3660, 24 [pid 5133] <... setpgid resumed>) = 0 [pid 5062] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5060] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5125, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=19 /* 0.19 s */} --- [pid 5134] <... set_robust_list resumed>) = 0 [pid 5133] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5060] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5134] chdir("./5" [pid 5062] getdents64(4, [pid 5060] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5134] <... chdir resumed>) = 0 [pid 5133] <... openat resumed>) = 3 [pid 5063] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5060] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5134] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5133] write(3, "1000", 4 [pid 5063] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5062] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5134] <... prctl resumed>) = 0 [pid 5133] <... write resumed>) = 4 [pid 5063] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5062] getdents64(4, [pid 5060] <... openat resumed>) = 3 [pid 5134] setpgid(0, 0 [pid 5133] close(3 [pid 5063] <... openat resumed>) = 3 [pid 5062] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5060] newfstatat(3, "", [pid 5134] <... setpgid resumed>) = 0 [pid 5133] <... close resumed>) = 0 [pid 5063] newfstatat(3, "", [pid 5062] close(4 [pid 5060] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5134] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5133] symlink("/dev/binderfs", "./binderfs" [pid 5063] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5062] <... close resumed>) = 0 [pid 5060] getdents64(3, [pid 5134] <... openat resumed>) = 3 [pid 5063] getdents64(3, [pid 5134] write(3, "1000", 4 [pid 5133] <... symlink resumed>) = 0 [pid 5063] <... getdents64 resumed>0x5555565f46f0 /* 5 entries */, 32768) = 136 [pid 5060] <... getdents64 resumed>0x5555565f46f0 /* 5 entries */, 32768) = 136 [pid 5134] <... write resumed>) = 4 [pid 5063] umount2("./4/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5134] close(3 [pid 5133] memfd_create("syzkaller", 0 [pid 5063] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5060] umount2("./4/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5134] <... close resumed>) = 0 [pid 5133] <... memfd_create resumed>) = 3 [pid 5063] newfstatat(AT_FDCWD, "./4/bus", [pid 5062] rmdir("./4/bus" [pid 5060] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5134] symlink("/dev/binderfs", "./binderfs" [pid 5133] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5063] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5060] newfstatat(AT_FDCWD, "./4/bus", [pid 5063] umount2("./4/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5134] <... symlink resumed>) = 0 [pid 5133] <... mmap resumed>) = 0x7f753d06e000 [pid 5132] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5063] openat(AT_FDCWD, "./4/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5060] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] <... openat resumed>) = 4 [pid 5060] umount2("./4/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5060] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5063] getdents64(4, [pid 5060] openat(AT_FDCWD, "./4/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5063] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5134] memfd_create("syzkaller", 0 [pid 5063] getdents64(4, [pid 5062] <... rmdir resumed>) = 0 [pid 5060] <... openat resumed>) = 4 [pid 5063] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5134] <... memfd_create resumed>) = 3 [pid 5063] close(4 [pid 5060] newfstatat(4, "", [pid 5134] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5062] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5134] <... mmap resumed>) = 0x7f753d06e000 [pid 5060] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5062] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5063] <... close resumed>) = 0 [pid 5063] rmdir("./4/bus") = 0 [pid 5063] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./4/binderfs") = 0 [pid 5063] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5062] newfstatat(AT_FDCWD, "./4/binderfs", [pid 5060] getdents64(4, [pid 5062] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5062] unlink("./4/binderfs" [pid 5060] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5062] <... unlink resumed>) = 0 [pid 5060] getdents64(4, [pid 5062] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5060] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5060] close(4) = 0 [pid 5060] rmdir("./4/bus") = 0 [pid 5060] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5060] newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5060] unlink("./4/binderfs") = 0 [pid 5060] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5062] <... umount2 resumed>) = 0 [pid 5060] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5062] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5060] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5062] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5063] <... umount2 resumed>) = 0 [pid 5060] newfstatat(AT_FDCWD, "./4/file0", [pid 5063] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5060] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] newfstatat(AT_FDCWD, "./4/file0", [pid 5060] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5063] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5060] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5063] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5060] openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5063] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5060] <... openat resumed>) = 4 [pid 5063] openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5060] newfstatat(4, "", [pid 5063] <... openat resumed>) = 4 [pid 5060] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5062] newfstatat(AT_FDCWD, "./4/file0", [pid 5060] getdents64(4, [pid 5062] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5060] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5063] newfstatat(4, "", [pid 5060] getdents64(4, [pid 5063] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5060] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5063] getdents64(4, [pid 5060] close(4 [pid 5063] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5060] <... close resumed>) = 0 [pid 5062] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5060] rmdir("./4/file0" [pid 5063] getdents64(4, [pid 5062] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5060] <... rmdir resumed>) = 0 [pid 5062] openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5060] getdents64(3, [pid 5063] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5060] <... getdents64 resumed>0x5555565f46f0 /* 0 entries */, 32768) = 0 [pid 5063] close(4 [pid 5062] <... openat resumed>) = 4 [pid 5060] close(3 [pid 5063] <... close resumed>) = 0 [pid 5060] <... close resumed>) = 0 [pid 5063] rmdir("./4/file0" [pid 5060] rmdir("./4" [pid 5063] <... rmdir resumed>) = 0 [pid 5063] getdents64(3, 0x5555565f46f0 /* 0 entries */, 32768) = 0 [pid 5062] newfstatat(4, "", [pid 5060] <... rmdir resumed>) = 0 [pid 5063] close(3 [pid 5062] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5060] mkdir("./5", 0777 [pid 5063] <... close resumed>) = 0 [pid 5063] rmdir("./4") = 0 [pid 5062] getdents64(4, [pid 5060] <... mkdir resumed>) = 0 [pid 5063] mkdir("./5", 0777 [pid 5060] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5062] <... getdents64 resumed>0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5063] <... mkdir resumed>) = 0 [pid 5062] getdents64(4, [pid 5060] <... openat resumed>) = 3 [pid 5062] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5062] close(4 [pid 5060] ioctl(3, LOOP_CLR_FD [pid 5063] <... openat resumed>) = 3 [pid 5062] <... close resumed>) = 0 [pid 5060] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5062] rmdir("./4/file0" [pid 5060] close(3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5062] <... rmdir resumed>) = 0 [pid 5063] close(3 [pid 5062] getdents64(3, [pid 5060] <... close resumed>) = 0 [pid 5063] <... close resumed>) = 0 [pid 5062] <... getdents64 resumed>0x5555565f46f0 /* 0 entries */, 32768) = 0 [pid 5060] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5062] close(3./strace-static-x86_64: Process 5135 attached ) = 0 [pid 5060] <... clone resumed>, child_tidptr=0x5555565f3650) = 5135 [pid 5135] set_robust_list(0x5555565f3660, 24 [pid 5062] rmdir("./4" [pid 5135] <... set_robust_list resumed>) = 0 [pid 5062] <... rmdir resumed>) = 0 [pid 5135] chdir("./5" [pid 5062] mkdir("./5", 0777 [pid 5135] <... chdir resumed>) = 0 [pid 5063] <... clone resumed>, child_tidptr=0x5555565f3650) = 5136 ./strace-static-x86_64: Process 5136 attached [pid 5135] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5062] <... mkdir resumed>) = 0 [pid 5135] <... prctl resumed>) = 0 [pid 5135] setpgid(0, 0) = 0 [pid 5135] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5062] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5136] set_robust_list(0x5555565f3660, 24 [pid 5062] <... openat resumed>) = 3 [pid 5135] <... openat resumed>) = 3 [pid 5136] <... set_robust_list resumed>) = 0 [pid 5062] ioctl(3, LOOP_CLR_FD [pid 5136] chdir("./5" [pid 5135] write(3, "1000", 4 [pid 5062] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5136] <... chdir resumed>) = 0 [pid 5135] <... write resumed>) = 4 [pid 5062] close(3 [pid 5136] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5134] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5133] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5135] close(3 [pid 5062] <... close resumed>) = 0 [pid 5135] <... close resumed>) = 0 [pid 5062] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5135] symlink("/dev/binderfs", "./binderfs" [pid 5136] <... prctl resumed>) = 0 [pid 5136] setpgid(0, 0) = 0 ./strace-static-x86_64: Process 5137 attached [pid 5136] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5135] <... symlink resumed>) = 0 [pid 5135] memfd_create("syzkaller", 0 [pid 5062] <... clone resumed>, child_tidptr=0x5555565f3650) = 5137 [pid 5137] set_robust_list(0x5555565f3660, 24) = 0 [pid 5136] <... openat resumed>) = 3 [pid 5135] <... memfd_create resumed>) = 3 [pid 5137] chdir("./5" [pid 5135] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5137] <... chdir resumed>) = 0 [pid 5135] <... mmap resumed>) = 0x7f753d06e000 [pid 5136] write(3, "1000", 4) = 4 [pid 5136] close(3) = 0 [pid 5136] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5136] memfd_create("syzkaller", 0) = 3 [pid 5136] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f753d06e000 [pid 5137] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5137] setpgid(0, 0 [pid 5132] <... write resumed>) = 4194304 [pid 5132] munmap(0x7f753d06e000, 138412032 [pid 5137] <... setpgid resumed>) = 0 [pid 5137] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5137] write(3, "1000", 4 [pid 5132] <... munmap resumed>) = 0 [pid 5137] <... write resumed>) = 4 [pid 5132] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5132] ioctl(4, LOOP_SET_FD, 3 [pid 5137] close(3) = 0 [pid 5137] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5132] <... ioctl resumed>) = 0 [pid 5137] memfd_create("syzkaller", 0) = 3 [pid 5132] close(3) = 0 [pid 5132] mkdir("./bus", 0777 [pid 5137] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f753d06e000 [pid 5132] <... mkdir resumed>) = 0 [pid 5132] mount("/dev/loop5", "./bus", "reiserfs", MS_RDONLY|MS_NOSUID|MS_NODEV, "barrier=none,jqfmt=vfsold,data=ordered,jdev=./bus,smackfshat=re" [pid 5134] <... write resumed>) = 4194304 [ 63.495031][ T5132] loop5: detected capacity change from 0 to 8192 [pid 5135] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5134] munmap(0x7f753d06e000, 138412032) = 0 [ 63.546466][ T5132] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5134] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5134] ioctl(4, LOOP_SET_FD, 3 [pid 5133] <... write resumed>) = 4194304 [pid 5133] munmap(0x7f753d06e000, 138412032) = 0 [pid 5134] <... ioctl resumed>) = 0 [pid 5134] close(3) = 0 [pid 5136] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5137] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5134] mkdir("./bus", 0777 [ 63.589864][ T5134] loop4: detected capacity change from 0 to 8192 [ 63.612844][ T5132] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 63.632192][ T5132] REISERFS (device loop5): using ordered data mode [pid 5133] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5134] <... mkdir resumed>) = 0 [pid 5133] <... openat resumed>) = 4 [pid 5134] mount("/dev/loop4", "./bus", "reiserfs", MS_RDONLY|MS_NOSUID|MS_NODEV, "barrier=none,jqfmt=vfsold,data=ordered,jdev=./bus,smackfshat=re" [ 63.644351][ T5133] loop1: detected capacity change from 0 to 8192 [ 63.654353][ T5132] REISERFS warning (device loop5): sh-457 journal_init_dev: journal_init_dev: Cannot open './bus': -15 [pid 5133] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5133] close(3) = 0 [ 63.690024][ T5134] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 63.719549][ T5134] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 63.730020][ T5134] REISERFS (device loop4): using ordered data mode [pid 5137] <... write resumed>) = 4194304 [pid 5133] mkdir("./bus", 0777 [pid 5137] munmap(0x7f753d06e000, 138412032) = 0 [pid 5137] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5137] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5135] <... write resumed>) = 4194304 [pid 5133] <... mkdir resumed>) = 0 [pid 5133] mount("/dev/loop1", "./bus", "reiserfs", MS_RDONLY|MS_NOSUID|MS_NODEV, "barrier=none,jqfmt=vfsold,data=ordered,jdev=./bus,smackfshat=re" [pid 5135] munmap(0x7f753d06e000, 138412032 [pid 5137] close(3 [pid 5135] <... munmap resumed>) = 0 [pid 5135] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5137] <... close resumed>) = 0 [ 63.756815][ T5137] loop2: detected capacity change from 0 to 8192 [ 63.770589][ T5132] REISERFS warning (device loop5): sh-462 journal_init: unable to initialize journal device [ 63.774725][ T5134] REISERFS warning (device loop4): sh-457 journal_init_dev: journal_init_dev: Cannot open './bus': -15 [ 63.792343][ T5134] REISERFS warning (device loop4): sh-462 journal_init: unable to initialize journal device [pid 5137] mkdir("./bus", 0777) = 0 [pid 5135] ioctl(4, LOOP_SET_FD, 3 [ 63.808721][ T5133] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 63.823033][ T5134] REISERFS warning (device loop4): sh-2022 reiserfs_fill_super: unable to initialize journal space [ 63.836960][ T5132] REISERFS warning (device loop5): sh-2022 reiserfs_fill_super: unable to initialize journal space [pid 5137] mount("/dev/loop2", "./bus", "reiserfs", MS_RDONLY|MS_NOSUID|MS_NODEV, "barrier=none,jqfmt=vfsold,data=ordered,jdev=./bus,smackfshat=re" [pid 5136] <... write resumed>) = 4194304 [pid 5134] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5136] munmap(0x7f753d06e000, 138412032 [pid 5134] ioctl(4, LOOP_CLR_FD [pid 5132] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5132] ioctl(4, LOOP_CLR_FD [pid 5134] <... ioctl resumed>) = 0 [pid 5132] <... ioctl resumed>) = 0 [pid 5132] close(4 [pid 5136] <... munmap resumed>) = 0 [pid 5134] close(4 [pid 5132] <... close resumed>) = 0 [ 63.860364][ T5135] loop0: detected capacity change from 0 to 8192 [ 63.860870][ T5133] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 63.876356][ T5133] REISERFS (device loop1): using ordered data mode [ 63.886349][ T5137] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 63.887000][ T5133] REISERFS warning (device loop1): sh-457 journal_init_dev: journal_init_dev: Cannot open './bus': -15 [pid 5136] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5134] <... close resumed>) = 0 [pid 5132] read(-1, [pid 5134] read(-1, [pid 5132] <... read resumed>NULL, 0) = -1 EBADF (Bad file descriptor) [pid 5136] <... openat resumed>) = 4 [pid 5134] <... read resumed>NULL, 0) = -1 EBADF (Bad file descriptor) [pid 5132] openat(AT_FDCWD, "/proc/crypto", O_RDONLY) = 3 [pid 5132] read(3, "name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5132] memfd_create("syzkaller", 0) = 4 [pid 5132] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f753d06e000 [pid 5132] write(4, "\x60\x1c\x6d\x6b\x64\x20\x00\x66\x81\x7c\xe1\x00\x08\x08\x01\x00\x02\x40\x00\x40\x00\xf8\x01\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x90\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 131072) = 131072 [pid 5132] munmap(0x7f753d06e000, 138412032 [pid 5134] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5136] ioctl(4, LOOP_SET_FD, 3 [pid 5134] <... openat resumed>) = 3 [pid 5132] <... munmap resumed>) = 0 [pid 5132] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5134] read(3, "name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5135] <... ioctl resumed>) = 0 [ 63.910911][ T5133] REISERFS warning (device loop1): sh-462 journal_init: unable to initialize journal device [ 63.923272][ T5133] REISERFS warning (device loop1): sh-2022 reiserfs_fill_super: unable to initialize journal space [ 63.945961][ T5136] loop3: detected capacity change from 0 to 8192 [pid 5133] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5136] <... ioctl resumed>) = 0 [pid 5135] close(3 [pid 5134] memfd_create("syzkaller", 0 [pid 5133] ioctl(4, LOOP_CLR_FD) = 0 [pid 5133] close(4) = 0 [pid 5133] read(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 5133] openat(AT_FDCWD, "/proc/crypto", O_RDONLY) = 3 [pid 5136] close(3 [pid 5135] <... close resumed>) = 0 [pid 5134] <... memfd_create resumed>) = 4 [pid 5132] <... openat resumed>) = 5 [pid 5136] <... close resumed>) = 0 [pid 5135] mkdir("./bus", 0777 [pid 5134] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5132] ioctl(5, LOOP_SET_FD, 4 [pid 5136] mkdir("./bus", 0777 [pid 5135] <... mkdir resumed>) = 0 [pid 5134] <... mmap resumed>) = 0x7f753d06e000 [pid 5133] read(3, "name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5136] <... mkdir resumed>) = 0 [pid 5133] memfd_create("syzkaller", 0 [pid 5136] mount("/dev/loop3", "./bus", "reiserfs", MS_RDONLY|MS_NOSUID|MS_NODEV, "barrier=none,jqfmt=vfsold,data=ordered,jdev=./bus,smackfshat=re" [pid 5135] mount("/dev/loop0", "./bus", "reiserfs", MS_RDONLY|MS_NOSUID|MS_NODEV, "barrier=none,jqfmt=vfsold,data=ordered,jdev=./bus,smackfshat=re" [pid 5134] write(4, "\x60\x1c\x6d\x6b\x64\x20\x00\x66\x81\x7c\xe1\x00\x08\x08\x01\x00\x02\x40\x00\x40\x00\xf8\x01\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x90\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 131072 [pid 5133] <... memfd_create resumed>) = 4 [pid 5133] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f753d06e000 [pid 5134] <... write resumed>) = 131072 [pid 5133] write(4, "\x60\x1c\x6d\x6b\x64\x20\x00\x66\x81\x7c\xe1\x00\x08\x08\x01\x00\x02\x40\x00\x40\x00\xf8\x01\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x90\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 131072 [pid 5134] munmap(0x7f753d06e000, 138412032 [pid 5133] <... write resumed>) = 131072 [ 63.961211][ T5137] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 63.981148][ T5132] loop5: detected capacity change from 0 to 256 [pid 5133] munmap(0x7f753d06e000, 138412032) = 0 [pid 5134] <... munmap resumed>) = 0 [pid 5133] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5134] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5133] <... openat resumed>) = 5 [pid 5133] ioctl(5, LOOP_SET_FD, 4 [pid 5132] <... ioctl resumed>) = 0 [pid 5134] <... openat resumed>) = 5 [pid 5132] close(4) = 0 [pid 5132] mkdir("./file0", 0777) = 0 [pid 5134] ioctl(5, LOOP_SET_FD, 4 [ 64.004728][ T5135] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 64.006028][ T5133] loop1: detected capacity change from 0 to 256 [ 64.039275][ T5134] loop4: detected capacity change from 0 to 256 [ 64.046051][ T5136] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 64.059681][ T5136] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 64.059781][ T5137] REISERFS (device loop2): using ordered data mode [ 64.069267][ T5136] REISERFS (device loop3): using ordered data mode [ 64.083998][ T5136] REISERFS warning (device loop3): sh-457 journal_init_dev: journal_init_dev: Cannot open './bus': -15 [ 64.095348][ T5136] REISERFS warning (device loop3): sh-462 journal_init: unable to initialize journal device [pid 5132] mount("/dev/loop5", "./file0", "vfat", 0, "nonumtail=0,quiet,uni_xlate=1,uni_xlate=1,nonumtail=1,fmask=01777777777777777777777,utf8=1,rodir,utf"... [pid 5134] <... ioctl resumed>) = 0 [pid 5133] <... ioctl resumed>) = 0 [pid 5134] close(4 [pid 5133] close(4 [pid 5134] <... close resumed>) = 0 [pid 5133] <... close resumed>) = 0 [pid 5134] mkdir("./file0", 0777 [pid 5133] mkdir("./file0", 0777 [pid 5134] <... mkdir resumed>) = 0 [pid 5133] <... mkdir resumed>) = 0 [pid 5134] mount("/dev/loop4", "./file0", "vfat", 0, "nonumtail=0,quiet,uni_xlate=1,uni_xlate=1,nonumtail=1,fmask=01777777777777777777777,utf8=1,rodir,utf"... [pid 5133] mount("/dev/loop1", "./file0", "vfat", 0, "nonumtail=0,quiet,uni_xlate=1,uni_xlate=1,nonumtail=1,fmask=01777777777777777777777,utf8=1,rodir,utf"... [pid 5136] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5134] <... mount resumed>) = 0 [pid 5133] <... mount resumed>) = 0 [pid 5132] <... mount resumed>) = 0 [pid 5134] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5133] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5136] ioctl(4, LOOP_CLR_FD [pid 5132] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5134] <... openat resumed>) = 4 [pid 5134] chdir("./file0" [pid 5133] <... openat resumed>) = 4 [pid 5132] <... openat resumed>) = 4 [pid 5134] <... chdir resumed>) = 0 [pid 5134] ioctl(5, LOOP_CLR_FD [pid 5133] chdir("./file0" [pid 5132] chdir("./file0" [pid 5134] <... ioctl resumed>) = 0 [pid 5133] <... chdir resumed>) = 0 [pid 5132] <... chdir resumed>) = 0 [pid 5134] close(5 [pid 5133] ioctl(5, LOOP_CLR_FD [pid 5132] ioctl(5, LOOP_CLR_FD [pid 5133] <... ioctl resumed>) = 0 [pid 5132] <... ioctl resumed>) = 0 [pid 5133] close(5 [ 64.107880][ T5136] REISERFS warning (device loop3): sh-2022 reiserfs_fill_super: unable to initialize journal space [ 64.133023][ T5135] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [pid 5132] close(5 [pid 5134] <... close resumed>) = 0 [pid 5133] <... close resumed>) = 0 [pid 5132] <... close resumed>) = 0 [pid 5132] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5133] openat(AT_FDCWD, "/proc/crypto", O_RDONLY) = 5 [pid 5133] read(5, [pid 5132] <... openat resumed>) = 5 [pid 5133] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5134] openat(AT_FDCWD, "/proc/crypto", O_RDONLY [pid 5133] read(5, [pid 5132] read(5, "name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5133] <... read resumed>"name : __xts(aes)\ndriver : __xts-aes-aesni\nmodule : kernel\npriority : 401\nre"..., 8224) = 3922 [pid 5133] creat("./bus", 000 [pid 5134] <... openat resumed>) = 5 [pid 5133] <... creat resumed>) = 6 [pid 5132] read(5, "name : __xts(aes)\ndriver : __xts-aes-aesni\nmodule : kernel\npriority : 401\nre"..., 8224) = 3922 [pid 5133] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0 [pid 5133] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 5134] read(5, [pid 5133] <... open resumed>) = 7 [pid 5132] creat("./bus", 000) = 6 [pid 5134] <... read resumed>"name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5132] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5134] read(5, [pid 5133] pwritev2(7, [{iov_base="\x85\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=2244608}, {iov_base=0x20797469726f6972, iov_len=3473436646628663328}], 2, 5120, RWF_DSYNC [pid 5132] <... mount resumed>) = 0 [pid 5134] <... read resumed>"name : __xts(aes)\ndriver : __xts-aes-aesni\nmodule : kernel\npriority : 401\nre"..., 8224) = 3922 [pid 5134] creat("./bus", 000 [pid 5132] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 7 [pid 5134] <... creat resumed>) = 6 [ 64.156517][ T5137] REISERFS warning (device loop2): sh-457 journal_init_dev: journal_init_dev: Cannot open './bus': -15 [ 64.175464][ T5135] REISERFS (device loop0): using ordered data mode [pid 5132] pwritev2(7, [{iov_base="\x85\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=2244608}, {iov_base=0x20797469726f6972, iov_len=3473436646628663328}], 2, 5120, RWF_DSYNC [pid 5134] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0 [pid 5134] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 7 [ 64.216257][ T5135] REISERFS warning (device loop0): sh-457 journal_init_dev: journal_init_dev: Cannot open './bus': -15 [ 64.257930][ T5137] REISERFS warning (device loop2): sh-462 journal_init: unable to initialize journal device [ 64.305147][ T5135] REISERFS warning (device loop0): sh-462 journal_init: unable to initialize journal device [ 64.319022][ T5137] REISERFS warning (device loop2): sh-2022 reiserfs_fill_super: unable to initialize journal space [pid 5134] pwritev2(7, [{iov_base="\x85\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=2244608}, {iov_base=0x20797469726f6972, iov_len=3473436646628663328}], 2, 5120, RWF_DSYNC [pid 5136] <... ioctl resumed>) = 0 [pid 5136] close(4) = 0 [pid 5136] read(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 5136] openat(AT_FDCWD, "/proc/crypto", O_RDONLY) = 3 [pid 5136] read(3, "name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5136] memfd_create("syzkaller", 0) = 4 [pid 5136] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f753d06e000 [pid 5136] write(4, "\x60\x1c\x6d\x6b\x64\x20\x00\x66\x81\x7c\xe1\x00\x08\x08\x01\x00\x02\x40\x00\x40\x00\xf8\x01\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x90\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 131072) = 131072 [pid 5136] munmap(0x7f753d06e000, 138412032) = 0 [pid 5136] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [ 64.347857][ T5135] ================================================================== [ 64.355955][ T5135] BUG: KASAN: vmalloc-out-of-bounds in cleanup_bitmap_list+0x175/0x500 [ 64.364252][ T5135] Read of size 8 at addr ffffc90004ee7000 by task syz-executor238/5135 [ 64.372503][ T5135] [ 64.374836][ T5135] CPU: 0 PID: 5135 Comm: syz-executor238 Not tainted 6.7.0-rc3-syzkaller-00024-g18d46e76d7c2 #0 [ 64.385258][ T5135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [pid 5136] ioctl(5, LOOP_SET_FD, 4 [pid 5137] <... mount resumed>) = -1 EINVAL (Invalid argument) [ 64.395327][ T5135] Call Trace: [ 64.398617][ T5135] [ 64.401556][ T5135] dump_stack_lvl+0x1e7/0x2d0 [ 64.406271][ T5135] ? nf_tcp_handle_invalid+0x650/0x650 [ 64.411744][ T5135] ? panic+0x850/0x850 [ 64.415918][ T5135] ? _printk+0xd5/0x120 [ 64.420091][ T5135] print_report+0x163/0x540 [ 64.424614][ T5135] ? __virt_addr_valid+0xbd/0x2e0 [ 64.429655][ T5135] ? cleanup_bitmap_list+0x175/0x500 [ 64.432817][ T5136] loop3: detected capacity change from 0 to 256 [ 64.434938][ T5135] kasan_report+0x142/0x170 [pid 5137] ioctl(4, LOOP_CLR_FD [pid 5136] <... ioctl resumed>) = 0 [pid 5136] close(4) = 0 [pid 5136] mkdir("./file0", 0777) = 0 [pid 5136] mount("/dev/loop3", "./file0", "vfat", 0, "nonumtail=0,quiet,uni_xlate=1,uni_xlate=1,nonumtail=1,fmask=01777777777777777777777,utf8=1,rodir,utf"...) = 0 [ 64.434964][ T5135] ? cleanup_bitmap_list+0x175/0x500 [ 64.434987][ T5135] cleanup_bitmap_list+0x175/0x500 [ 64.435003][ T5135] ? __reiserfs_warning+0x153/0x1a0 [ 64.435026][ T5135] free_list_bitmaps+0x48/0x1a0 [ 64.435043][ T5135] free_journal_ram+0xf8/0x3c0 [ 64.470904][ T5135] ? __kmalloc+0xd0/0x1a0 [ 64.475254][ T5135] journal_init+0x311/0x2510 [ 64.479864][ T5135] ? reiserfs_init_bitmap_cache+0xf1/0x180 [ 64.485685][ T5135] reiserfs_fill_super+0x1039/0x2620 [ 64.490998][ T5135] ? reiserfs_kill_sb+0x150/0x150 [ 64.496048][ T5135] ? __down_write_common+0x161/0x200 [ 64.501356][ T5135] mount_bdev+0x237/0x300 [ 64.505698][ T5135] ? reiserfs_kill_sb+0x150/0x150 [ 64.510738][ T5135] ? get_tree_bdev+0x5b0/0x5b0 [ 64.515507][ T5135] ? __kmem_cache_free+0x263/0x3a0 [ 64.520630][ T5135] ? cap_capable+0x1b4/0x240 [ 64.525238][ T5135] legacy_get_tree+0xef/0x190 [ 64.529933][ T5135] ? remove_save_link+0x540/0x540 [ 64.534978][ T5135] vfs_get_tree+0x8c/0x2a0 [ 64.539411][ T5135] do_new_mount+0x28f/0xae0 [ 64.543929][ T5135] ? do_move_mount_old+0x170/0x170 [ 64.549053][ T5135] __se_sys_mount+0x2d9/0x3c0 [ 64.553746][ T5135] ? __x64_sys_mount+0xc0/0xc0 [ 64.558522][ T5135] ? syscall_enter_from_user_mode+0xa4/0x2d0 [ 64.564626][ T5135] ? syscall_enter_from_user_mode+0xf5/0x2d0 [ 64.570639][ T5135] ? __x64_sys_mount+0x20/0xc0 [ 64.575426][ T5135] do_syscall_64+0x45/0x110 [ 64.579952][ T5135] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 64.585872][ T5135] RIP: 0033:0x7f75454aea9a [ 64.590298][ T5135] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 5e 04 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 64.610007][ T5135] RSP: 002b:00007ffd7175a088 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5 [ 64.618440][ T5135] RAX: ffffffffffffffda RBX: 00007ffd7175a0d0 RCX: 00007f75454aea9a [ 64.626436][ T5135] RDX: 0000000020001100 RSI: 0000000020000000 RDI: 00007ffd7175a0d0 [ 64.634435][ T5135] RBP: 0000000020001100 R08: 00007ffd7175a110 R09: 00000000000010fb [ 64.642419][ T5135] R10: 0000000000000007 R11: 0000000000000286 R12: 0000000000001101 [ 64.650408][ T5135] R13: 00007ffd7175a110 R14: 0000000020000100 R15: 0000000000000004 [ 64.658405][ T5135] [ 64.661433][ T5135] [ 64.663764][ T5135] The buggy address belongs to the virtual mapping at [ 64.663764][ T5135] [ffffc90004edf000, ffffc90004ee8000) created by: [ 64.663764][ T5135] reiserfs_allocate_list_bitmaps+0x50/0x220 [ 64.682794][ T5135] [ 64.685122][ T5135] Memory state around the buggy address: [ 64.690767][ T5135] ffffc90004ee6f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [pid 5136] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 4 [pid 5136] chdir("./file0") = 0 [pid 5136] ioctl(5, LOOP_CLR_FD) = 0 [pid 5136] close(5) = 0 [pid 5136] openat(AT_FDCWD, "/proc/crypto", O_RDONLY) = 5 [pid 5136] read(5, "name : cbc(aes)\ndriver : cbc(ecb(aes-aesni))\nmodule : kernel\npriority : 300\n"..., 8224) = 3981 [pid 5136] read(5, "name : __xts(aes)\ndriver : __xts-aes-aesni\nmodule : kernel\npriority : 401\nre"..., 8224) = 3922 [pid 5136] creat("./bus", 000) = 6 [pid 5136] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0 [pid 5136] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 7 [pid 5136] pwritev2(7, [{iov_base="\x85\x2f\x66\x69\x6c\x65\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=2244608}, {iov_base=0x20797469726f6972, iov_len=3473436646628663328}], 2, 5120, RWF_DSYNC [pid 5133] <... pwritev2 resumed>) = 2244608 [pid 5133] exit_group(0) = ? [pid 5134] <... pwritev2 resumed>) = 2244608 [pid 5133] +++ exited with 0 +++ [pid 5134] exit_group(0) = ? [pid 5134] +++ exited with 0 +++ [pid 5064] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5134, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=15 /* 0.15 s */} --- [pid 5064] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5064] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5064] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5064] getdents64(3, 0x5555565f46f0 /* 5 entries */, 32768) = 136 [pid 5064] umount2("./5/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] newfstatat(AT_FDCWD, "./5/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5064] umount2("./5/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] openat(AT_FDCWD, "./5/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5064] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5064] getdents64(4, 0x5555565fc730 /* 2 entries */, 32768) = 48 [pid 5064] getdents64(4, [pid 5132] <... pwritev2 resumed>) = 2244608 [pid 5064] <... getdents64 resumed>0x5555565fc730 /* 0 entries */, 32768) = 0 [pid 5132] exit_group(0 [pid 5064] close(4 [pid 5132] <... exit_group resumed>) = ? [pid 5064] <... close resumed>) = 0 [pid 5132] +++ exited with 0 +++ [pid 5064] rmdir("./5/bus") = 0 [pid 5064] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5064] newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5064] unlink("./5/binderfs") = 0 [pid 5064] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5132, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=23 /* 0.23 s */} --- [pid 5061] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5133, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=19 /* 0.19 s */} --- [pid 5065] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5061] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5061] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... openat resumed>) = 3 [ 64.698836][ T5135] ffffc90004ee6f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 64.706909][ T5135] >ffffc90004ee7000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 64.714984][ T5135] ^ [ 64.719056][ T5135] ffffc90004ee7080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 64.727174][ T5135] ffffc90004ee7100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 64.735241][ T5135] ================================================================== [pid 5061] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] newfstatat(3, "", [pid 5061] <... openat resumed>) = 3 [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5061] newfstatat(3, "", [pid 5065] getdents64(3, [pid 5061] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] <... getdents64 resumed>0x5555565f46f0 /* 5 entries */, 32768) = 136 [pid 5061] getdents64(3, [pid 5065] umount2("./5/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5061] <... getdents64 resumed>0x5555565f46f0 /* 5 entries */, 32768) = 136 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5061] umount2("./5/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] newfstatat(AT_FDCWD, "./5/bus", [pid 5061] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5061] newfstatat(AT_FDCWD, "./5/bus", [pid 5065] umount2("./5/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5061] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 64.747375][ T5135] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 64.754594][ T5135] CPU: 0 PID: 5135 Comm: syz-executor238 Not tainted 6.7.0-rc3-syzkaller-00024-g18d46e76d7c2 #0 [ 64.765015][ T5135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 64.775068][ T5135] Call Trace: [ 64.778337][ T5135] [ 64.781257][ T5135] dump_stack_lvl+0x1e7/0x2d0 [ 64.785931][ T5135] ? nf_tcp_handle_invalid+0x650/0x650 [ 64.791382][ T5135] ? panic+0x850/0x850 [ 64.795450][ T5135] ? vscnprintf+0x5d/0x80 [ 64.799865][ T5135] panic+0x349/0x850 [ 64.803843][ T5135] ? check_panic_on_warn+0x21/0xa0 [ 64.808942][ T5135] ? __memcpy_flushcache+0x2b0/0x2b0 [ 64.814224][ T5135] ? _raw_spin_unlock_irqrestore+0x12c/0x140 [ 64.820194][ T5135] ? _raw_spin_unlock+0x40/0x40 [ 64.825040][ T5135] ? print_report+0x4fb/0x540 [ 64.829708][ T5135] check_panic_on_warn+0x82/0xa0 [ 64.834641][ T5135] ? cleanup_bitmap_list+0x175/0x500 [ 64.839917][ T5135] end_report+0x6e/0x140 [ 64.844147][ T5135] kasan_report+0x153/0x170 [ 64.848637][ T5135] ? cleanup_bitmap_list+0x175/0x500 [ 64.853914][ T5135] cleanup_bitmap_list+0x175/0x500 [ 64.859011][ T5135] ? __reiserfs_warning+0x153/0x1a0 [ 64.864205][ T5135] free_list_bitmaps+0x48/0x1a0 [ 64.869053][ T5135] free_journal_ram+0xf8/0x3c0 [ 64.873799][ T5135] ? __kmalloc+0xd0/0x1a0 [ 64.878115][ T5135] journal_init+0x311/0x2510 [ 64.882692][ T5135] ? reiserfs_init_bitmap_cache+0xf1/0x180 [ 64.888572][ T5135] reiserfs_fill_super+0x1039/0x2620 [ 64.893851][ T5135] ? reiserfs_kill_sb+0x150/0x150 [ 64.898868][ T5135] ? __down_write_common+0x161/0x200 [ 64.904144][ T5135] mount_bdev+0x237/0x300 [ 64.908463][ T5135] ? reiserfs_kill_sb+0x150/0x150 [ 64.913476][ T5135] ? get_tree_bdev+0x5b0/0x5b0 [ 64.918228][ T5135] ? __kmem_cache_free+0x263/0x3a0 [ 64.923336][ T5135] ? cap_capable+0x1b4/0x240 [ 64.927915][ T5135] legacy_get_tree+0xef/0x190 [ 64.932582][ T5135] ? remove_save_link+0x540/0x540 [ 64.937594][ T5135] vfs_get_tree+0x8c/0x2a0 [ 64.941995][ T5135] do_new_mount+0x28f/0xae0 [ 64.946486][ T5135] ? do_move_mount_old+0x170/0x170 [ 64.951589][ T5135] __se_sys_mount+0x2d9/0x3c0 [ 64.956256][ T5135] ? __x64_sys_mount+0xc0/0xc0 [ 64.961008][ T5135] ? syscall_enter_from_user_mode+0xa4/0x2d0 [ 64.966980][ T5135] ? syscall_enter_from_user_mode+0xf5/0x2d0 [ 64.972948][ T5135] ? __x64_sys_mount+0x20/0xc0 [ 64.977701][ T5135] do_syscall_64+0x45/0x110 [ 64.982204][ T5135] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 64.988089][ T5135] RIP: 0033:0x7f75454aea9a [ 64.992491][ T5135] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 5e 04 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 65.012084][ T5135] RSP: 002b:00007ffd7175a088 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5 [ 65.020482][ T5135] RAX: ffffffffffffffda RBX: 00007ffd7175a0d0 RCX: 00007f75454aea9a [ 65.028439][ T5135] RDX: 0000000020001100 RSI: 0000000020000000 RDI: 00007ffd7175a0d0 [ 65.036394][ T5135] RBP: 0000000020001100 R08: 00007ffd7175a110 R09: 00000000000010fb [ 65.044350][ T5135] R10: 0000000000000007 R11: 0000000000000286 R12: 0000000000001101 [ 65.052306][ T5135] R13: 00007ffd7175a110 R14: 0000000020000100 R15: 0000000000000004 [ 65.060273][ T5135] [ 65.063469][ T5135] Kernel Offset: disabled [ 65.067774][ T5135] Rebooting in 86400 seconds..