./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3831783712 <...> Warning: Permanently added '10.128.0.40' (ED25519) to the list of known hosts. execve("./syz-executor3831783712", ["./syz-executor3831783712"], 0x7ffe0ae0a130 /* 10 vars */) = 0 brk(NULL) = 0x555556d0c000 brk(0x555556d0cd00) = 0x555556d0cd00 arch_prctl(ARCH_SET_FS, 0x555556d0c380) = 0 set_tid_address(0x555556d0c650) = 5064 set_robust_list(0x555556d0c660, 24) = 0 rseq(0x555556d0cca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor3831783712", 4096) = 28 getrandom("\x70\x31\x0c\x87\xe0\x67\x43\x36", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555556d0cd00 brk(0x555556d2dd00) = 0x555556d2dd00 brk(0x555556d2e000) = 0x555556d2e000 mprotect(0x7f7172fce000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5065 attached [pid 5065] set_robust_list(0x555556d0c660, 24 [pid 5064] <... clone resumed>, child_tidptr=0x555556d0c650) = 5065 [pid 5065] <... set_robust_list resumed>) = 0 [pid 5065] mkdir("./syzkaller.nfmKeW", 0700 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5066 attached , child_tidptr=0x555556d0c650) = 5066 [pid 5066] set_robust_list(0x555556d0c660, 24 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5066] <... set_robust_list resumed>) = 0 [pid 5066] mkdir("./syzkaller.KwXLbQ", 0700 [pid 5065] <... mkdir resumed>) = 0 [pid 5065] chmod("./syzkaller.nfmKeW", 0777./strace-static-x86_64: Process 5067 attached [pid 5064] <... clone resumed>, child_tidptr=0x555556d0c650) = 5067 [pid 5067] set_robust_list(0x555556d0c660, 24 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5067] <... set_robust_list resumed>) = 0 [pid 5066] <... mkdir resumed>) = 0 [pid 5065] <... chmod resumed>) = 0 [pid 5067] mkdir("./syzkaller.P27JwQ", 0700./strace-static-x86_64: Process 5068 attached [pid 5066] chmod("./syzkaller.KwXLbQ", 0777 [pid 5065] chdir("./syzkaller.nfmKeW" [pid 5064] <... clone resumed>, child_tidptr=0x555556d0c650) = 5068 [pid 5068] set_robust_list(0x555556d0c660, 24 [pid 5067] <... mkdir resumed>) = 0 [pid 5065] <... chdir resumed>) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5067] chmod("./syzkaller.P27JwQ", 0777 [pid 5066] <... chmod resumed>) = 0 [pid 5065] mkdir("./0", 0777 [pid 5068] <... set_robust_list resumed>) = 0 [pid 5067] <... chmod resumed>) = 0 [pid 5068] mkdir("./syzkaller.71Wrx0", 0700./strace-static-x86_64: Process 5069 attached [pid 5067] chdir("./syzkaller.P27JwQ" [pid 5066] chdir("./syzkaller.KwXLbQ" [pid 5065] <... mkdir resumed>) = 0 [pid 5064] <... clone resumed>, child_tidptr=0x555556d0c650) = 5069 [pid 5069] set_robust_list(0x555556d0c660, 24 [pid 5067] <... chdir resumed>) = 0 [pid 5066] <... chdir resumed>) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5069] <... set_robust_list resumed>) = 0 [pid 5067] mkdir("./0", 0777 [pid 5069] mkdir("./syzkaller.RWivaJ", 0700 [pid 5068] <... mkdir resumed>) = 0 [pid 5067] <... mkdir resumed>) = 0 [pid 5066] mkdir("./0", 0777 [pid 5065] openat(AT_FDCWD, "/dev/loop0", O_RDWR./strace-static-x86_64: Process 5070 attached [pid 5070] set_robust_list(0x555556d0c660, 24 [pid 5064] <... clone resumed>, child_tidptr=0x555556d0c650) = 5070 [pid 5070] <... set_robust_list resumed>) = 0 [pid 5069] <... mkdir resumed>) = 0 [pid 5068] chmod("./syzkaller.71Wrx0", 0777 [pid 5067] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5066] <... mkdir resumed>) = 0 [pid 5065] <... openat resumed>) = 3 [pid 5070] mkdir("./syzkaller.yq3nix", 0700 [pid 5069] chmod("./syzkaller.RWivaJ", 0777 [pid 5067] <... openat resumed>) = 3 [pid 5069] <... chmod resumed>) = 0 [pid 5069] chdir("./syzkaller.RWivaJ") = 0 [pid 5068] <... chmod resumed>) = 0 [pid 5067] ioctl(3, LOOP_CLR_FD [pid 5066] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5065] ioctl(3, LOOP_CLR_FD [pid 5070] <... mkdir resumed>) = 0 [pid 5069] mkdir("./0", 0777 [pid 5068] chdir("./syzkaller.71Wrx0" [pid 5067] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5066] <... openat resumed>) = 3 [pid 5070] chmod("./syzkaller.yq3nix", 0777 [pid 5069] <... mkdir resumed>) = 0 [pid 5068] <... chdir resumed>) = 0 [pid 5067] close(3 [pid 5065] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5066] ioctl(3, LOOP_CLR_FD [pid 5070] <... chmod resumed>) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5068] mkdir("./0", 0777 [pid 5067] <... close resumed>) = 0 [pid 5065] close(3 [pid 5066] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5070] chdir("./syzkaller.yq3nix" [pid 5069] <... openat resumed>) = 3 [pid 5068] <... mkdir resumed>) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5066] close(3 [pid 5065] <... close resumed>) = 0 [pid 5070] <... chdir resumed>) = 0 [pid 5070] mkdir("./0", 0777) = 0 ./strace-static-x86_64: Process 5071 attached [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5068] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5066] <... close resumed>) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5071] set_robust_list(0x555556d0c660, 24 [pid 5070] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5068] <... openat resumed>) = 3 [pid 5067] <... clone resumed>, child_tidptr=0x555556d0c650) = 5071 [pid 5071] <... set_robust_list resumed>) = 0 [pid 5070] <... openat resumed>) = 3 [pid 5069] close(3./strace-static-x86_64: Process 5073 attached [pid 5071] chdir("./0" [pid 5068] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 5074 attached [pid 5073] set_robust_list(0x555556d0c660, 24 [pid 5071] <... chdir resumed>) = 0 [pid 5070] ioctl(3, LOOP_CLR_FD [pid 5069] <... close resumed>) = 0 [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5066] <... clone resumed>, child_tidptr=0x555556d0c650) = 5073 [pid 5065] <... clone resumed>, child_tidptr=0x555556d0c650) = 5074 [pid 5074] set_robust_list(0x555556d0c660, 24 [pid 5073] <... set_robust_list resumed>) = 0 [pid 5074] <... set_robust_list resumed>) = 0 [pid 5073] chdir("./0" [pid 5071] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5070] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] close(3 [pid 5074] chdir("./0" [pid 5073] <... chdir resumed>) = 0 [pid 5071] <... prctl resumed>) = 0 [pid 5074] <... chdir resumed>) = 0 [pid 5073] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5074] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 5075 attached ) = 0 [pid 5073] <... prctl resumed>) = 0 [pid 5071] setpgid(0, 0 [pid 5070] close(3 [pid 5068] <... close resumed>) = 0 [pid 5074] setpgid(0, 0 [pid 5073] setpgid(0, 0 [pid 5071] <... setpgid resumed>) = 0 [pid 5070] <... close resumed>) = 0 [pid 5075] set_robust_list(0x555556d0c660, 24 [pid 5074] <... setpgid resumed>) = 0 [pid 5073] <... setpgid resumed>) = 0 [pid 5071] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5069] <... clone resumed>, child_tidptr=0x555556d0c650) = 5075 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5075] <... set_robust_list resumed>) = 0 [pid 5074] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5073] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5071] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5077 attached ./strace-static-x86_64: Process 5076 attached [pid 5075] chdir("./0" [pid 5073] <... openat resumed>) = 3 [pid 5077] set_robust_list(0x555556d0c660, 24 [pid 5076] set_robust_list(0x555556d0c660, 24 [pid 5075] <... chdir resumed>) = 0 [pid 5073] write(3, "1000", 4 [pid 5071] write(3, "1000", 4 [pid 5077] <... set_robust_list resumed>) = 0 [pid 5076] <... set_robust_list resumed>) = 0 [pid 5075] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5073] <... write resumed>) = 4 [pid 5071] <... write resumed>) = 4 [pid 5074] <... openat resumed>) = 3 [pid 5077] chdir("./0" [pid 5076] chdir("./0" [pid 5075] <... prctl resumed>) = 0 [pid 5073] close(3 [pid 5071] close(3 [pid 5070] <... clone resumed>, child_tidptr=0x555556d0c650) = 5076 [pid 5068] <... clone resumed>, child_tidptr=0x555556d0c650) = 5077 [pid 5077] <... chdir resumed>) = 0 [pid 5076] <... chdir resumed>) = 0 [pid 5075] setpgid(0, 0 [pid 5074] write(3, "1000", 4 [pid 5073] <... close resumed>) = 0 [pid 5071] <... close resumed>) = 0 [pid 5077] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5076] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5075] <... setpgid resumed>) = 0 [pid 5074] <... write resumed>) = 4 [pid 5073] symlink("/dev/binderfs", "./binderfs" [pid 5071] symlink("/dev/binderfs", "./binderfs" [pid 5077] <... prctl resumed>) = 0 [pid 5076] <... prctl resumed>) = 0 [pid 5075] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5074] close(3 [pid 5073] <... symlink resumed>) = 0 [pid 5071] <... symlink resumed>) = 0 [pid 5077] setpgid(0, 0 [pid 5076] setpgid(0, 0 [pid 5075] <... openat resumed>) = 3 [pid 5074] <... close resumed>) = 0 [pid 5073] memfd_create("syzkaller", 0 [pid 5077] <... setpgid resumed>) = 0 [pid 5076] <... setpgid resumed>) = 0 [pid 5075] write(3, "1000", 4 [pid 5074] symlink("/dev/binderfs", "./binderfs" [pid 5073] <... memfd_create resumed>) = 3 [pid 5071] memfd_create("syzkaller", 0 [pid 5077] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5075] <... write resumed>) = 4 [pid 5077] <... openat resumed>) = 3 [pid 5075] close(3 [pid 5071] <... memfd_create resumed>) = 3 [pid 5077] write(3, "1000", 4 [pid 5076] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5075] <... close resumed>) = 0 [pid 5073] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5071] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5077] <... write resumed>) = 4 [pid 5075] symlink("/dev/binderfs", "./binderfs" [pid 5074] <... symlink resumed>) = 0 [pid 5077] close(3 [pid 5076] <... openat resumed>) = 3 [pid 5074] memfd_create("syzkaller", 0 [pid 5073] <... mmap resumed>) = 0x7f716ab16000 [pid 5071] <... mmap resumed>) = 0x7f716ab16000 [pid 5077] <... close resumed>) = 0 [pid 5076] write(3, "1000", 4 [pid 5075] <... symlink resumed>) = 0 [pid 5077] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5076] <... write resumed>) = 4 [pid 5075] memfd_create("syzkaller", 0 [pid 5074] <... memfd_create resumed>) = 3 [pid 5075] <... memfd_create resumed>) = 3 [pid 5077] memfd_create("syzkaller", 0 [pid 5075] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 5076] close(3 [pid 5074] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5077] <... memfd_create resumed>) = 3 [pid 5076] <... close resumed>) = 0 [pid 5074] <... mmap resumed>) = 0x7f716ab16000 [pid 5077] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] symlink("/dev/binderfs", "./binderfs" [pid 5077] <... mmap resumed>) = 0x7f716ab16000 [pid 5076] <... symlink resumed>) = 0 [pid 5076] memfd_create("syzkaller", 0) = 3 [pid 5076] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 5071] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5073] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5074] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5075] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5077] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5076] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5074] <... write resumed>) = 16777216 [pid 5073] <... write resumed>) = 16777216 [pid 5073] munmap(0x7f716ab16000, 138412032 [pid 5076] <... write resumed>) = 16777216 [pid 5074] munmap(0x7f716ab16000, 138412032 [pid 5071] <... write resumed>) = 16777216 [pid 5071] munmap(0x7f716ab16000, 138412032 [pid 5077] <... write resumed>) = 16777216 [pid 5076] munmap(0x7f716ab16000, 138412032 [pid 5075] <... write resumed>) = 16777216 [pid 5074] <... munmap resumed>) = 0 [pid 5073] <... munmap resumed>) = 0 [pid 5071] <... munmap resumed>) = 0 [pid 5077] munmap(0x7f716ab16000, 138412032 [pid 5073] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5075] munmap(0x7f716ab16000, 138412032) = 0 [pid 5074] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5071] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5074] ioctl(4, LOOP_SET_FD, 3 [pid 5077] <... munmap resumed>) = 0 [pid 5076] <... munmap resumed>) = 0 [pid 5075] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5073] <... openat resumed>) = 4 [pid 5077] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5076] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5075] <... openat resumed>) = 4 [pid 5073] ioctl(4, LOOP_SET_FD, 3 [pid 5077] <... openat resumed>) = 4 [pid 5076] <... openat resumed>) = 4 [pid 5074] <... ioctl resumed>) = 0 [pid 5071] <... openat resumed>) = 4 [pid 5074] close(3 [pid 5071] ioctl(4, LOOP_SET_FD, 3 [pid 5077] ioctl(4, LOOP_SET_FD, 3 [pid 5076] ioctl(4, LOOP_SET_FD, 3 [pid 5075] ioctl(4, LOOP_SET_FD, 3 [pid 5074] <... close resumed>) = 0 [pid 5073] <... ioctl resumed>) = 0 [pid 5074] mkdir("./bus", 0777) = 0 [pid 5074] mount("/dev/loop0", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5071] <... ioctl resumed>) = 0 [pid 5077] <... ioctl resumed>) = 0 [pid 5075] <... ioctl resumed>) = 0 [pid 5073] close(3 [pid 5077] close(3 [pid 5071] close(3 [pid 5077] <... close resumed>) = 0 [pid 5076] <... ioctl resumed>) = 0 [pid 5071] <... close resumed>) = 0 [pid 5077] mkdir("./bus", 0777 [pid 5076] close(3 [pid 5071] mkdir("./bus", 0777 [pid 5077] <... mkdir resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5071] <... mkdir resumed>) = 0 [pid 5076] mkdir("./bus", 0777) = 0 [ 69.150478][ T5074] loop0: detected capacity change from 0 to 32768 [ 69.154745][ T5073] loop1: detected capacity change from 0 to 32768 [ 69.161157][ T5071] loop2: detected capacity change from 0 to 32768 [ 69.165598][ T5077] loop3: detected capacity change from 0 to 32768 [ 69.178153][ T5075] loop4: detected capacity change from 0 to 32768 [ 69.180258][ T5076] loop5: detected capacity change from 0 to 32768 [pid 5077] mount("/dev/loop3", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5071] mount("/dev/loop2", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5076] mount("/dev/loop5", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5073] <... close resumed>) = 0 [pid 5075] close(3 [pid 5073] mkdir("./bus", 0777 [pid 5075] <... close resumed>) = 0 [pid 5073] <... mkdir resumed>) = 0 [pid 5075] mkdir("./bus", 0777 [pid 5073] mount("/dev/loop1", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5075] <... mkdir resumed>) = 0 [ 69.186151][ T5074] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz-executor383 (5074) [ 69.213454][ T5071] BTRFS: device /dev/loop2 using temp-fsid 35e89342-b261-4184-a66a-e016d4bbd2c2 [ 69.225032][ T5071] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz-executor383 (5071) [ 69.239572][ T5074] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm [ 69.242438][ T5076] BTRFS: device /dev/loop5 using temp-fsid 59dbb67c-1f7d-4e67-8bdc-6189fe32ccdd [ 69.250314][ T5074] BTRFS info (device loop0): enabling auto defrag [ 69.258283][ T5071] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm [ 69.264593][ T5076] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 scanned by syz-executor383 (5076) [ 69.272542][ T5071] BTRFS info (device loop2): enabling auto defrag [ 69.285774][ T5074] BTRFS info (device loop0): enabling disk space caching [ 69.291828][ T5071] BTRFS info (device loop2): enabling disk space caching [ 69.299473][ T5074] BTRFS info (device loop0): max_inline at 0 [ 69.306067][ T5071] BTRFS info (device loop2): max_inline at 0 [ 69.313756][ T5074] BTRFS info (device loop0): force clearing of disk cache [ 69.318090][ T5071] BTRFS info (device loop2): force clearing of disk cache [ 69.325998][ T5074] BTRFS info (device loop0): turning on sync discard [ 69.332543][ T5071] BTRFS info (device loop2): turning on sync discard [ 69.346918][ T5071] BTRFS info (device loop2): disk space caching is enabled [ 69.347115][ T5076] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm [ 69.356846][ T5074] BTRFS info (device loop0): disk space caching is enabled [ 69.364048][ T5077] BTRFS: device /dev/loop3 using temp-fsid eeee61d8-c343-44aa-aa72-51d9ea5e176e [ 69.372069][ T5076] BTRFS info (device loop5): enabling auto defrag [ 69.380089][ T5077] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz-executor383 (5077) [ 69.387540][ T5076] BTRFS info (device loop5): enabling disk space caching [ 69.406311][ T5076] BTRFS info (device loop5): max_inline at 0 [ 69.408460][ T5073] BTRFS: device /dev/loop1 using temp-fsid 674b4665-e6f4-4885-99fc-0bad020de85c [ 69.412440][ T5076] BTRFS info (device loop5): force clearing of disk cache [ 69.424978][ T5077] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm [ 69.428519][ T5076] BTRFS info (device loop5): turning on sync discard [ 69.444629][ T5077] BTRFS info (device loop3): enabling auto defrag [ 69.446085][ T5073] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz-executor383 (5073) [ 69.452738][ T5076] BTRFS info (device loop5): disk space caching is enabled [ 69.472622][ T5077] BTRFS info (device loop3): enabling disk space caching [ 69.479718][ T5077] BTRFS info (device loop3): max_inline at 0 [ 69.488341][ T5077] BTRFS info (device loop3): force clearing of disk cache [ 69.493039][ T5073] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm [ 69.495665][ T5077] BTRFS info (device loop3): turning on sync discard [ 69.506081][ T5075] BTRFS: device /dev/loop4 using temp-fsid 55d66b01-5115-4837-a627-c810f51830c4 [ 69.511490][ T5073] BTRFS info (device loop1): enabling auto defrag [ 69.520004][ T5075] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz-executor383 (5075) [ 69.526309][ T5073] BTRFS info (device loop1): enabling disk space caching [ 69.541753][ T5077] BTRFS info (device loop3): disk space caching is enabled [ 69.548449][ T5073] BTRFS info (device loop1): max_inline at 0 [ 69.561564][ T5073] BTRFS info (device loop1): force clearing of disk cache [ 69.570938][ T5073] BTRFS info (device loop1): turning on sync discard [ 69.581073][ T5073] BTRFS info (device loop1): disk space caching is enabled [ 69.594570][ T5075] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm [ 69.596526][ T5071] BTRFS info (device loop2): enabling ssd optimizations [ 69.605434][ T5075] BTRFS info (device loop4): enabling auto defrag [ 69.612521][ T5074] BTRFS info (device loop0): enabling ssd optimizations [ 69.618550][ T5075] BTRFS info (device loop4): enabling disk space caching [ 69.629173][ T5071] BTRFS info (device loop2): rebuilding free space tree [ 69.631284][ T5074] BTRFS info (device loop0): rebuilding free space tree [ 69.660479][ T5075] BTRFS info (device loop4): max_inline at 0 [ 69.671349][ T5074] BTRFS info (device loop0): disabling free space tree [ 69.679915][ T5074] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 69.690489][ T5074] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 69.692184][ T5076] BTRFS info (device loop5): enabling ssd optimizations [pid 5075] mount("/dev/loop4", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5074] <... mount resumed>) = 0 [pid 5074] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5074] chdir("./bus") = 0 [pid 5074] ioctl(4, LOOP_CLR_FD) = 0 [pid 5074] close(4) = 0 [pid 5074] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [ 69.705522][ T5075] BTRFS info (device loop4): force clearing of disk cache [ 69.715775][ T5071] BTRFS info (device loop2): disabling free space tree [ 69.724822][ T5071] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 69.735228][ T5071] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 69.750613][ T5075] BTRFS info (device loop4): turning on sync discard [pid 5074] pwrite64(4, "2", 1, 55022 [pid 5071] <... mount resumed>) = 0 [pid 5071] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5071] chdir("./bus") = 0 [pid 5071] ioctl(4, LOOP_CLR_FD) = 0 [pid 5071] close(4) = 0 [pid 5071] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [ 69.762711][ T5075] BTRFS info (device loop4): disk space caching is enabled [ 69.762774][ T5073] BTRFS info (device loop1): enabling ssd optimizations [ 69.781864][ T5076] BTRFS info (device loop5): rebuilding free space tree [ 69.792756][ T5077] BTRFS info (device loop3): enabling ssd optimizations [pid 5071] pwrite64(4, "2", 1, 55022 [pid 5074] <... pwrite64 resumed>) = 1 [ 69.836163][ T5077] BTRFS info (device loop3): rebuilding free space tree [ 69.863632][ T5073] BTRFS info (device loop1): rebuilding free space tree [ 69.876288][ T5076] BTRFS info (device loop5): disabling free space tree [pid 5074] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 5074] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5071] <... pwrite64 resumed>) = 1 [pid 5074] <... write resumed>) = 65191 [pid 5071] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 5071] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 5074] ftruncate(5, 43006 [pid 5071] ftruncate(5, 43006 [pid 5074] <... ftruncate resumed>) = 0 [pid 5074] exit_group(0) = ? [pid 5074] +++ exited with 0 +++ [pid 5071] <... ftruncate resumed>) = 0 [pid 5071] exit_group(0 [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5074, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=44 /* 0.44 s */} --- [pid 5065] restart_syscall(<... resuming interrupted clone ...>) = 0 [ 69.878360][ T5077] BTRFS info (device loop3): disabling free space tree [ 69.894279][ T5077] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 69.906484][ T5077] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [pid 5077] <... mount resumed>) = 0 [pid 5071] <... exit_group resumed>) = ? [pid 5065] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5071] +++ exited with 0 +++ [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] <... openat resumed>) = 3 [pid 5077] chdir("./bus" [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5071, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=39 /* 0.39 s */} --- [pid 5065] <... openat resumed>) = 3 [pid 5065] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5065] umount2("./0/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5067] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5067] umount2("./0/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... chdir resumed>) = 0 [ 69.928338][ T5076] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 69.941960][ T5073] BTRFS info (device loop1): disabling free space tree [ 69.948968][ T5073] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 69.959523][ T5073] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 69.970204][ T5075] BTRFS info (device loop4): enabling ssd optimizations [pid 5077] ioctl(4, LOOP_CLR_FD) = 0 [pid 5077] close(4) = 0 [pid 5077] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5077] pwrite64(4, "2", 1, 55022) = 1 [pid 5077] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 5077] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 5077] ftruncate(5, 43006) = 0 [ 69.974943][ T5076] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 69.996413][ T5075] BTRFS info (device loop4): rebuilding free space tree [pid 5077] exit_group(0) = ? [pid 5077] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5077, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=34 /* 0.34 s */} --- [pid 5068] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5068] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5068] umount2("./0/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... mount resumed>) = 0 [pid 5073] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5073] chdir("./bus") = 0 [pid 5073] ioctl(4, LOOP_CLR_FD [pid 5076] <... mount resumed>) = 0 [pid 5073] <... ioctl resumed>) = 0 [pid 5076] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5073] close(4) = 0 [pid 5076] <... openat resumed>) = 3 [pid 5073] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5076] chdir("./bus") = 0 [pid 5076] ioctl(4, LOOP_CLR_FD) = 0 [pid 5076] close(4 [pid 5075] <... mount resumed>) = 0 [pid 5073] pwrite64(4, "2", 1, 55022 [pid 5075] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5076] <... close resumed>) = 0 [ 70.071059][ T5075] BTRFS info (device loop4): disabling free space tree [ 70.078047][ T5075] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 70.100826][ T5075] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [pid 5076] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5075] <... openat resumed>) = 3 [pid 5075] chdir("./bus" [pid 5076] <... open resumed>) = 4 [pid 5075] <... chdir resumed>) = 0 [pid 5076] pwrite64(4, "2", 1, 55022 [pid 5075] ioctl(4, LOOP_CLR_FD) = 0 [pid 5075] close(4) = 0 [pid 5075] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5073] <... pwrite64 resumed>) = 1 [pid 5073] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 5073] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5075] pwrite64(4, "2", 1, 55022 [pid 5073] <... write resumed>) = 65191 [pid 5073] ftruncate(5, 43006 [pid 5076] <... pwrite64 resumed>) = 1 [pid 5075] <... pwrite64 resumed>) = 1 [pid 5073] <... ftruncate resumed>) = 0 [pid 5075] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5076] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5075] <... openat resumed>) = 5 [pid 5073] exit_group(0 [pid 5076] <... openat resumed>) = 5 [pid 5075] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5073] <... exit_group resumed>) = ? [pid 5073] +++ exited with 0 +++ [pid 5065] <... umount2 resumed>) = 0 [pid 5075] <... write resumed>) = 65191 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5073, si_uid=0, si_status=0, si_utime=0, si_stime=40 /* 0.40 s */} --- [pid 5066] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5066] <... openat resumed>) = 3 [pid 5065] umount2("./0/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] newfstatat(3, "", [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] newfstatat(AT_FDCWD, "./0/bus", [pid 5075] ftruncate(5, 43006 [pid 5066] getdents64(3, [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5065] umount2("./0/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... write resumed>) = 65191 [pid 5066] umount2("./0/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./0/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] ftruncate(5, 43006 [pid 5075] <... ftruncate resumed>) = 0 [pid 5065] <... openat resumed>) = 4 [pid 5075] exit_group(0 [pid 5067] <... umount2 resumed>) = 0 [pid 5065] newfstatat(4, "", [pid 5067] umount2("./0/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] getdents64(4, [pid 5067] newfstatat(AT_FDCWD, "./0/bus", [pid 5065] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5067] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] getdents64(4, [pid 5067] umount2("./0/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... exit_group resumed>) = ? [pid 5065] close(4 [pid 5067] openat(AT_FDCWD, "./0/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] <... close resumed>) = 0 [pid 5067] <... openat resumed>) = 4 [pid 5065] rmdir("./0/bus" [pid 5067] newfstatat(4, "", [pid 5065] <... rmdir resumed>) = 0 [pid 5067] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5067] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5075] +++ exited with 0 +++ [pid 5067] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5065] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5075, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=36 /* 0.36 s */} --- [pid 5076] <... ftruncate resumed>) = 0 [pid 5069] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] close(4 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] <... close resumed>) = 0 [pid 5065] newfstatat(AT_FDCWD, "./0/binderfs", [pid 5067] rmdir("./0/bus" [pid 5065] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5067] <... rmdir resumed>) = 0 [pid 5065] unlink("./0/binderfs" [pid 5069] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5069] umount2("./0/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... unlink resumed>) = 0 [pid 5067] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] getdents64(3, [pid 5067] unlink("./0/binderfs" [pid 5065] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5067] <... unlink resumed>) = 0 [pid 5065] close(3) = 0 [pid 5067] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5065] rmdir("./0" [pid 5067] close(3 [pid 5065] <... rmdir resumed>) = 0 [pid 5067] <... close resumed>) = 0 [pid 5067] rmdir("./0" [pid 5076] exit_group(0 [pid 5067] <... rmdir resumed>) = 0 [pid 5065] mkdir("./1", 0777) = 0 [pid 5067] mkdir("./1", 0777) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5076] <... exit_group resumed>) = ? [pid 5067] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5065] <... openat resumed>) = 3 [pid 5067] <... openat resumed>) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = 0 [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5065] ioctl(3, LOOP_CLR_FD) = 0 [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5175 attached [pid 5076] +++ exited with 0 +++ [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5076, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=45 /* 0.45 s */} --- [pid 5067] <... clone resumed>, child_tidptr=0x555556d0c650) = 5174 [pid 5175] set_robust_list(0x555556d0c660, 24./strace-static-x86_64: Process 5174 attached [pid 5070] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5174] set_robust_list(0x555556d0c660, 24 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... clone resumed>, child_tidptr=0x555556d0c650) = 5175 [pid 5174] <... set_robust_list resumed>) = 0 [pid 5070] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5174] chdir("./1" [pid 5070] newfstatat(3, "", [pid 5175] <... set_robust_list resumed>) = 0 [pid 5174] <... chdir resumed>) = 0 [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5174] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5175] chdir("./1" [pid 5070] getdents64(3, [pid 5174] <... prctl resumed>) = 0 [pid 5070] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5174] setpgid(0, 0) = 0 [pid 5175] <... chdir resumed>) = 0 [pid 5174] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5070] umount2("./0/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5175] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5174] <... openat resumed>) = 3 [pid 5174] write(3, "1000", 4) = 4 [pid 5174] close(3) = 0 [pid 5174] symlink("/dev/binderfs", "./binderfs" [pid 5175] <... prctl resumed>) = 0 [pid 5174] <... symlink resumed>) = 0 [pid 5175] setpgid(0, 0) = 0 [pid 5174] memfd_create("syzkaller", 0) = 3 [pid 5175] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5174] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 5175] <... openat resumed>) = 3 [pid 5175] write(3, "1000", 4) = 4 [pid 5175] close(3) = 0 [pid 5175] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5175] memfd_create("syzkaller", 0) = 3 [pid 5175] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 5068] <... umount2 resumed>) = 0 [pid 5068] umount2("./0/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] newfstatat(AT_FDCWD, "./0/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] umount2("./0/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./0/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5068] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5068] rmdir("./0/bus") = 0 [pid 5068] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] unlink("./0/binderfs" [pid 5066] <... umount2 resumed>) = 0 [pid 5066] umount2("./0/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... unlink resumed>) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] getdents64(3, [pid 5066] newfstatat(AT_FDCWD, "./0/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] umount2("./0/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./0/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5066] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 5068] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5066] rmdir("./0/bus") = 0 [pid 5066] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] unlink("./0/binderfs") = 0 [pid 5066] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./0") = 0 [pid 5066] mkdir("./1", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = 0 [pid 5066] close(3) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] close(3) = 0 [pid 5066] <... clone resumed>, child_tidptr=0x555556d0c650) = 5177 [pid 5068] rmdir("./0"./strace-static-x86_64: Process 5177 attached ) = 0 [pid 5177] set_robust_list(0x555556d0c660, 24) = 0 [pid 5177] chdir("./1") = 0 [pid 5177] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5177] setpgid(0, 0 [pid 5068] mkdir("./1", 0777) = 0 [pid 5177] <... setpgid resumed>) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5177] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5068] <... openat resumed>) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5177] <... openat resumed>) = 3 [pid 5068] <... ioctl resumed>) = 0 [pid 5068] close(3 [pid 5177] write(3, "1000", 4) = 4 [pid 5177] close(3) = 0 [pid 5177] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5177] memfd_create("syzkaller", 0) = 3 [pid 5068] <... close resumed>) = 0 [pid 5177] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5181 attached , child_tidptr=0x555556d0c650) = 5181 [pid 5181] set_robust_list(0x555556d0c660, 24) = 0 [pid 5181] chdir("./1") = 0 [pid 5181] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5181] setpgid(0, 0) = 0 [pid 5181] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5181] write(3, "1000", 4) = 4 [pid 5181] close(3) = 0 [pid 5181] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5181] memfd_create("syzkaller", 0) = 3 [pid 5181] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 5175] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5174] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5070] <... umount2 resumed>) = 0 [pid 5070] umount2("./0/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... umount2 resumed>) = 0 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] umount2("./0/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] newfstatat(AT_FDCWD, "./0/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] newfstatat(AT_FDCWD, "./0/bus", [pid 5069] umount2("./0/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./0/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] newfstatat(4, "", [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] umount2("./0/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5177] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5070] openat(AT_FDCWD, "./0/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5181] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5070] <... openat resumed>) = 4 [pid 5069] getdents64(4, [pid 5070] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 5070] getdents64(4, [pid 5069] rmdir("./0/bus" [pid 5070] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5069] <... rmdir resumed>) = 0 [pid 5069] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5070] close(4 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] <... close resumed>) = 0 [pid 5070] rmdir("./0/bus" [pid 5069] newfstatat(AT_FDCWD, "./0/binderfs", [pid 5070] <... rmdir resumed>) = 0 [pid 5069] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] unlink("./0/binderfs") = 0 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] newfstatat(AT_FDCWD, "./0/binderfs", [pid 5069] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5070] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./0" [pid 5070] unlink("./0/binderfs" [pid 5069] <... rmdir resumed>) = 0 [pid 5070] <... unlink resumed>) = 0 [pid 5070] getdents64(3, [pid 5069] mkdir("./1", 0777 [pid 5070] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5069] <... mkdir resumed>) = 0 [pid 5070] close(3) = 0 [pid 5070] rmdir("./0" [pid 5069] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5070] <... rmdir resumed>) = 0 [pid 5069] <... openat resumed>) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5070] mkdir("./1", 0777 [pid 5069] close(3) = 0 [pid 5175] <... write resumed>) = 16777216 [pid 5070] <... mkdir resumed>) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5070] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5069] <... clone resumed>, child_tidptr=0x555556d0c650) = 5183 [pid 5070] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5070] close(3./strace-static-x86_64: Process 5183 attached ) = 0 [pid 5183] set_robust_list(0x555556d0c660, 24 [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5183] <... set_robust_list resumed>) = 0 [pid 5183] chdir("./1") = 0 [pid 5183] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5175] munmap(0x7f716ab16000, 138412032 [pid 5183] setpgid(0, 0./strace-static-x86_64: Process 5184 attached ) = 0 [pid 5175] <... munmap resumed>) = 0 [pid 5070] <... clone resumed>, child_tidptr=0x555556d0c650) = 5184 [pid 5183] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5175] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5184] set_robust_list(0x555556d0c660, 24 [pid 5183] <... openat resumed>) = 3 [pid 5175] <... openat resumed>) = 4 [pid 5183] write(3, "1000", 4 [pid 5175] ioctl(4, LOOP_SET_FD, 3 [pid 5184] <... set_robust_list resumed>) = 0 [pid 5184] chdir("./1") = 0 [pid 5184] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5184] setpgid(0, 0) = 0 [pid 5184] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5184] write(3, "1000", 4) = 4 [pid 5184] close(3) = 0 [pid 5184] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5184] memfd_create("syzkaller", 0) = 3 [pid 5183] <... write resumed>) = 4 [pid 5184] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5183] close(3 [pid 5184] <... mmap resumed>) = 0x7f716ab16000 [pid 5183] <... close resumed>) = 0 [pid 5183] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5175] <... ioctl resumed>) = 0 [pid 5183] memfd_create("syzkaller", 0 [pid 5175] close(3 [pid 5183] <... memfd_create resumed>) = 3 [pid 5175] <... close resumed>) = 0 [ 71.339919][ T5175] loop0: detected capacity change from 0 to 32768 [pid 5183] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5175] mkdir("./bus", 0777) = 0 [pid 5175] mount("/dev/loop0", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5183] <... mmap resumed>) = 0x7f716ab16000 [ 71.405534][ T5175] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz-executor383 (5175) [pid 5174] <... write resumed>) = 16777216 [pid 5174] munmap(0x7f716ab16000, 138412032) = 0 [pid 5174] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 71.479653][ T5175] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm [ 71.490975][ T5175] BTRFS info (device loop0): enabling auto defrag [ 71.510603][ T5175] BTRFS info (device loop0): enabling disk space caching [pid 5174] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5174] close(3) = 0 [pid 5174] mkdir("./bus", 0777) = 0 [ 71.540662][ T5175] BTRFS info (device loop0): max_inline at 0 [ 71.546694][ T5175] BTRFS info (device loop0): force clearing of disk cache [ 71.555079][ T5174] loop2: detected capacity change from 0 to 32768 [ 71.573493][ T5175] BTRFS info (device loop0): turning on sync discard [ 71.580371][ T5175] BTRFS info (device loop0): disk space caching is enabled [ 71.602243][ T5174] BTRFS: device /dev/loop2 using temp-fsid 4142c36e-cb4c-4673-9207-244b004feefb [pid 5174] mount("/dev/loop2", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5181] <... write resumed>) = 16777216 [pid 5181] munmap(0x7f716ab16000, 138412032 [pid 5177] <... write resumed>) = 16777216 [pid 5177] munmap(0x7f716ab16000, 138412032 [pid 5183] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5181] <... munmap resumed>) = 0 [pid 5181] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5181] ioctl(4, LOOP_SET_FD, 3 [pid 5177] <... munmap resumed>) = 0 [pid 5177] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5177] ioctl(4, LOOP_SET_FD, 3 [pid 5184] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5181] <... ioctl resumed>) = 0 [pid 5177] <... ioctl resumed>) = 0 [pid 5181] close(3 [pid 5177] close(3 [pid 5181] <... close resumed>) = 0 [pid 5177] <... close resumed>) = 0 [pid 5181] mkdir("./bus", 0777 [ 71.654931][ T5174] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz-executor383 (5174) [ 71.686711][ T5181] loop3: detected capacity change from 0 to 32768 [ 71.697387][ T5177] loop1: detected capacity change from 0 to 32768 [pid 5177] mkdir("./bus", 0777 [pid 5181] <... mkdir resumed>) = 0 [pid 5177] <... mkdir resumed>) = 0 [pid 5181] mount("/dev/loop3", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [ 71.733966][ T5181] BTRFS: device /dev/loop3 using temp-fsid 23c6448d-8686-425f-b327-3fe4a18e1673 [ 71.745663][ T5175] BTRFS info (device loop0): enabling ssd optimizations [ 71.754513][ T5174] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm [ 71.772108][ T5181] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz-executor383 (5181) [ 71.785006][ T5174] BTRFS info (device loop2): enabling auto defrag [ 71.785606][ T5175] BTRFS info (device loop0): rebuilding free space tree [ 71.804468][ T5174] BTRFS info (device loop2): enabling disk space caching [ 71.809809][ T5175] BTRFS info (device loop0): disabling free space tree [ 71.820106][ T5175] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 71.830344][ T5174] BTRFS info (device loop2): max_inline at 0 [ 71.842928][ T5177] BTRFS: device /dev/loop1 using temp-fsid fe26a8e8-ab11-4840-9eef-fcf3b8e53584 [ 71.850572][ T5174] BTRFS info (device loop2): force clearing of disk cache [ 71.860681][ T5175] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 71.871604][ T5181] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm [pid 5177] mount("/dev/loop1", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5175] <... mount resumed>) = 0 [pid 5175] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5175] chdir("./bus") = 0 [pid 5175] ioctl(4, LOOP_CLR_FD) = 0 [ 71.880039][ T5181] BTRFS info (device loop3): enabling auto defrag [ 71.880589][ T5174] BTRFS info (device loop2): turning on sync discard [ 71.887664][ T5181] BTRFS info (device loop3): enabling disk space caching [ 71.901146][ T5177] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz-executor383 (5177) [ 71.916401][ T5181] BTRFS info (device loop3): max_inline at 0 [pid 5175] close(4 [pid 5183] <... write resumed>) = 16777216 [pid 5175] <... close resumed>) = 0 [pid 5183] munmap(0x7f716ab16000, 138412032 [pid 5175] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5183] <... munmap resumed>) = 0 [pid 5175] <... open resumed>) = 4 [pid 5175] pwrite64(4, "2", 1, 55022 [ 71.928499][ T5174] BTRFS info (device loop2): disk space caching is enabled [ 71.946287][ T5181] BTRFS info (device loop3): force clearing of disk cache [ 71.954142][ T5177] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm [ 71.972534][ T5181] BTRFS info (device loop3): turning on sync discard [pid 5183] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5183] ioctl(4, LOOP_SET_FD, 3 [pid 5175] <... pwrite64 resumed>) = 1 [pid 5183] <... ioctl resumed>) = 0 [pid 5175] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5183] close(3) = 0 [pid 5175] <... openat resumed>) = 5 [pid 5183] mkdir("./bus", 0777 [pid 5175] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5183] <... mkdir resumed>) = 0 [pid 5175] <... write resumed>) = 65191 [pid 5183] mount("/dev/loop4", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5175] ftruncate(5, 43006) = 0 [pid 5175] exit_group(0) = ? [ 71.980384][ T5181] BTRFS info (device loop3): disk space caching is enabled [ 71.988756][ T5183] loop4: detected capacity change from 0 to 32768 [ 71.998633][ T5177] BTRFS info (device loop1): enabling auto defrag [ 72.023835][ T5183] BTRFS: device /dev/loop4 using temp-fsid 4fe649e2-12ff-4017-8bbe-ec6210408981 [pid 5175] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5175, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=31 /* 0.31 s */} --- [pid 5184] <... write resumed>) = 16777216 [pid 5065] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5065] umount2("./1/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5184] munmap(0x7f716ab16000, 138412032) = 0 [pid 5184] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [ 72.053547][ T5183] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz-executor383 (5183) [pid 5184] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5184] close(3) = 0 [pid 5184] mkdir("./bus", 0777) = 0 [ 72.096280][ T5184] loop5: detected capacity change from 0 to 32768 [ 72.128720][ T5184] BTRFS: device /dev/loop5 using temp-fsid 7337d8f4-2693-4004-bbd9-becd2ffe1c09 [pid 5184] mount("/dev/loop5", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5065] <... umount2 resumed>) = 0 [pid 5065] umount2("./1/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 72.162171][ T5184] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 scanned by syz-executor383 (5184) [pid 5065] newfstatat(AT_FDCWD, "./1/bus", [pid 5174] <... mount resumed>) = 0 [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5174] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5065] umount2("./1/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./1/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5174] <... openat resumed>) = 3 [pid 5065] <... openat resumed>) = 4 [pid 5174] chdir("./bus" [pid 5065] newfstatat(4, "", [pid 5174] <... chdir resumed>) = 0 [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5174] ioctl(4, LOOP_CLR_FD [pid 5065] getdents64(4, [pid 5177] <... mount resumed>) = 0 [pid 5174] <... ioctl resumed>) = 0 [pid 5065] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5177] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5174] close(4 [pid 5065] getdents64(4, [pid 5177] <... openat resumed>) = 3 [pid 5065] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5177] chdir("./bus" [pid 5065] close(4 [pid 5174] <... close resumed>) = 0 [pid 5065] <... close resumed>) = 0 [pid 5177] <... chdir resumed>) = 0 [pid 5174] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5065] rmdir("./1/bus" [pid 5177] ioctl(4, LOOP_CLR_FD [pid 5065] <... rmdir resumed>) = 0 [pid 5177] <... ioctl resumed>) = 0 [pid 5065] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5177] close(4 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5177] <... close resumed>) = 0 [pid 5174] <... open resumed>) = 4 [pid 5065] newfstatat(AT_FDCWD, "./1/binderfs", [pid 5177] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5065] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5177] <... open resumed>) = 4 [pid 5065] unlink("./1/binderfs") = 0 [pid 5065] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5181] <... mount resumed>) = 0 [pid 5177] pwrite64(4, "2", 1, 55022 [pid 5065] close(3 [pid 5174] pwrite64(4, "2", 1, 55022 [pid 5065] <... close resumed>) = 0 [pid 5181] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5065] rmdir("./1" [pid 5181] <... openat resumed>) = 3 [pid 5065] <... rmdir resumed>) = 0 [pid 5181] chdir("./bus") = 0 [pid 5065] mkdir("./2", 0777 [pid 5181] ioctl(4, LOOP_CLR_FD) = 0 [pid 5181] close(4) = 0 [pid 5181] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5065] <... mkdir resumed>) = 0 [pid 5177] <... pwrite64 resumed>) = 1 [pid 5065] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5177] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5065] <... openat resumed>) = 3 [pid 5181] <... open resumed>) = 4 [pid 5177] <... openat resumed>) = 5 [pid 5174] <... pwrite64 resumed>) = 1 [pid 5065] ioctl(3, LOOP_CLR_FD [pid 5174] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5181] pwrite64(4, "2", 1, 55022 [pid 5177] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5174] <... openat resumed>) = 5 [pid 5065] <... ioctl resumed>) = 0 [pid 5177] <... write resumed>) = 65191 [pid 5174] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 5065] close(3 [pid 5177] ftruncate(5, 43006 [pid 5174] ftruncate(5, 43006 [pid 5065] <... close resumed>) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5181] <... pwrite64 resumed>) = 1 [pid 5177] <... ftruncate resumed>) = 0 [pid 5174] <... ftruncate resumed>) = 0 [pid 5183] <... mount resumed>) = 0 ./strace-static-x86_64: Process 5274 attached [pid 5183] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5177] exit_group(0 [pid 5174] exit_group(0 [pid 5181] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5065] <... clone resumed>, child_tidptr=0x555556d0c650) = 5274 [pid 5183] <... openat resumed>) = 3 [pid 5177] <... exit_group resumed>) = ? [pid 5174] <... exit_group resumed>) = ? [pid 5181] <... openat resumed>) = 5 [pid 5177] +++ exited with 0 +++ [pid 5183] chdir("./bus" [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5177, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=25 /* 0.25 s */} --- [pid 5183] <... chdir resumed>) = 0 [pid 5183] ioctl(4, LOOP_CLR_FD [pid 5066] restart_syscall(<... resuming interrupted clone ...> [pid 5183] <... ioctl resumed>) = 0 [pid 5183] close(4 [pid 5274] set_robust_list(0x555556d0c660, 24 [pid 5183] <... close resumed>) = 0 [pid 5174] +++ exited with 0 +++ [pid 5066] <... restart_syscall resumed>) = 0 [pid 5274] <... set_robust_list resumed>) = 0 [pid 5183] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5181] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5174, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=32 /* 0.32 s */} --- [pid 5274] chdir("./2" [pid 5181] <... write resumed>) = 65191 [pid 5274] <... chdir resumed>) = 0 [pid 5183] <... open resumed>) = 4 [pid 5181] ftruncate(5, 43006 [pid 5274] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5183] pwrite64(4, "2", 1, 55022 [pid 5274] <... prctl resumed>) = 0 [pid 5067] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5274] setpgid(0, 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5274] <... setpgid resumed>) = 0 [pid 5067] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5274] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5067] <... openat resumed>) = 3 [pid 5274] <... openat resumed>) = 3 [pid 5067] newfstatat(3, "", [pid 5066] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5274] write(3, "1000", 4 [pid 5067] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5274] <... write resumed>) = 4 [pid 5067] getdents64(3, [pid 5274] close(3 [pid 5067] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5274] <... close resumed>) = 0 [pid 5067] umount2("./1/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5274] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5066] <... openat resumed>) = 3 [pid 5274] memfd_create("syzkaller", 0 [pid 5066] newfstatat(3, "", [pid 5274] <... memfd_create resumed>) = 3 [pid 5181] <... ftruncate resumed>) = 0 [pid 5066] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5274] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5181] exit_group(0 [pid 5274] <... mmap resumed>) = 0x7f716ab16000 [pid 5066] getdents64(3, [pid 5181] <... exit_group resumed>) = ? [pid 5066] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5066] umount2("./1/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5181] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5181, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=33 /* 0.33 s */} --- [pid 5068] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5068] umount2("./1/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5183] <... pwrite64 resumed>) = 1 [pid 5183] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 5183] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 5183] ftruncate(5, 43006) = 0 [pid 5183] exit_group(0) = ? [pid 5183] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5183, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=27 /* 0.27 s */} --- [pid 5069] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5069] umount2("./1/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5184] <... mount resumed>) = 0 [pid 5184] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5184] chdir("./bus") = 0 [pid 5184] ioctl(4, LOOP_CLR_FD) = 0 [pid 5184] close(4) = 0 [pid 5184] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5184] pwrite64(4, "2", 1, 55022 [pid 5067] <... umount2 resumed>) = 0 [pid 5067] umount2("./1/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] newfstatat(AT_FDCWD, "./1/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5184] <... pwrite64 resumed>) = 1 [pid 5067] umount2("./1/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5184] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./1/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] newfstatat(4, "", [pid 5184] <... openat resumed>) = 5 [pid 5067] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5067] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5184] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5067] close(4 [pid 5184] <... write resumed>) = 65191 [pid 5067] <... close resumed>) = 0 [pid 5067] rmdir("./1/bus") = 0 [pid 5067] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5184] ftruncate(5, 43006 [pid 5067] newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5067] unlink("./1/binderfs") = 0 [pid 5067] getdents64(3, [pid 5066] <... umount2 resumed>) = 0 [pid 5067] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5184] <... ftruncate resumed>) = 0 [pid 5067] close(3) = 0 [pid 5184] exit_group(0 [pid 5067] rmdir("./1" [pid 5066] umount2("./1/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5184] <... exit_group resumed>) = ? [pid 5067] <... rmdir resumed>) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5184] +++ exited with 0 +++ [pid 5067] mkdir("./2", 0777 [pid 5066] newfstatat(AT_FDCWD, "./1/bus", [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5184, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=21 /* 0.21 s */} --- [pid 5067] <... mkdir resumed>) = 0 [pid 5066] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] umount2("./1/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] <... openat resumed>) = 3 [pid 5066] openat(AT_FDCWD, "./1/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5067] ioctl(3, LOOP_CLR_FD) = 0 [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5070] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] <... openat resumed>) = 4 [pid 5070] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5281 attached [pid 5070] newfstatat(3, "", [pid 5281] set_robust_list(0x555556d0c660, 24 [pid 5274] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5066] getdents64(4, [pid 5067] <... clone resumed>, child_tidptr=0x555556d0c650) = 5281 [pid 5281] <... set_robust_list resumed>) = 0 [pid 5070] getdents64(3, [pid 5066] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5281] chdir("./2" [pid 5070] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5066] getdents64(4, [pid 5281] <... chdir resumed>) = 0 [pid 5070] umount2("./1/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 5066] rmdir("./1/bus") = 0 [pid 5066] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] unlink("./1/binderfs") = 0 [pid 5066] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5066] close(3 [pid 5281] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5066] <... close resumed>) = 0 [pid 5066] rmdir("./1") = 0 [pid 5066] mkdir("./2", 0777) = 0 [pid 5281] <... prctl resumed>) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5069] <... umount2 resumed>) = 0 [pid 5066] <... openat resumed>) = 3 [pid 5281] setpgid(0, 0) = 0 [pid 5069] umount2("./1/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] ioctl(3, LOOP_CLR_FD) = 0 [pid 5281] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5281] <... openat resumed>) = 3 [pid 5069] newfstatat(AT_FDCWD, "./1/bus", [pid 5068] <... umount2 resumed>) = 0 [pid 5066] close(3 [pid 5281] write(3, "1000", 4) = 4 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] umount2("./1/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... close resumed>) = 0 [pid 5281] close(3 [pid 5069] umount2("./1/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5281] <... close resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] newfstatat(AT_FDCWD, "./1/bus", [pid 5281] symlink("/dev/binderfs", "./binderfs" [pid 5069] openat(AT_FDCWD, "./1/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] umount2("./1/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5281] <... symlink resumed>) = 0 [pid 5069] <... openat resumed>) = 4 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5282 attached [pid 5069] newfstatat(4, "", [pid 5066] <... clone resumed>, child_tidptr=0x555556d0c650) = 5282 [pid 5282] set_robust_list(0x555556d0c660, 24 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] openat(AT_FDCWD, "./1/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5282] <... set_robust_list resumed>) = 0 [pid 5281] memfd_create("syzkaller", 0 [pid 5069] getdents64(4, [pid 5068] <... openat resumed>) = 4 [pid 5282] chdir("./2" [pid 5069] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5068] newfstatat(4, "", [pid 5282] <... chdir resumed>) = 0 [pid 5281] <... memfd_create resumed>) = 3 [pid 5069] getdents64(4, [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5282] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5068] getdents64(4, [pid 5282] <... prctl resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5282] setpgid(0, 0 [pid 5281] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5068] getdents64(4, [pid 5282] <... setpgid resumed>) = 0 [pid 5281] <... mmap resumed>) = 0x7f716ab16000 [pid 5068] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5282] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5068] close(4 [pid 5282] <... openat resumed>) = 3 [pid 5068] <... close resumed>) = 0 [pid 5282] write(3, "1000", 4 [pid 5068] rmdir("./1/bus") = 0 [pid 5068] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5282] <... write resumed>) = 4 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5282] close(3 [pid 5068] newfstatat(AT_FDCWD, "./1/binderfs", [pid 5282] <... close resumed>) = 0 [pid 5068] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5282] symlink("/dev/binderfs", "./binderfs" [pid 5068] unlink("./1/binderfs" [pid 5282] <... symlink resumed>) = 0 [pid 5068] <... unlink resumed>) = 0 [pid 5282] memfd_create("syzkaller", 0 [pid 5069] close(4 [pid 5068] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5282] <... memfd_create resumed>) = 3 [pid 5068] rmdir("./1" [pid 5282] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5068] <... rmdir resumed>) = 0 [pid 5282] <... mmap resumed>) = 0x7f716ab16000 [pid 5068] mkdir("./2", 0777 [pid 5069] <... close resumed>) = 0 [pid 5068] <... mkdir resumed>) = 0 [pid 5069] rmdir("./1/bus" [pid 5068] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5069] <... rmdir resumed>) = 0 [pid 5068] <... openat resumed>) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD) = 0 [pid 5068] close(3) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5069] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... clone resumed>, child_tidptr=0x555556d0c650) = 5283 ./strace-static-x86_64: Process 5283 attached [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] newfstatat(AT_FDCWD, "./1/binderfs", [pid 5283] set_robust_list(0x555556d0c660, 24 [pid 5069] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] unlink("./1/binderfs") = 0 [pid 5069] getdents64(3, [pid 5283] <... set_robust_list resumed>) = 0 [pid 5069] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5283] chdir("./2" [pid 5069] close(3 [pid 5283] <... chdir resumed>) = 0 [pid 5283] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5069] <... close resumed>) = 0 [pid 5283] <... prctl resumed>) = 0 [pid 5283] setpgid(0, 0) = 0 [pid 5283] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5283] write(3, "1000", 4) = 4 [pid 5283] close(3) = 0 [pid 5283] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5069] rmdir("./1" [pid 5283] memfd_create("syzkaller", 0) = 3 [pid 5069] <... rmdir resumed>) = 0 [pid 5283] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 5069] mkdir("./2", 0777) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = 0 [pid 5069] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d0c650) = 5285 ./strace-static-x86_64: Process 5285 attached [pid 5285] set_robust_list(0x555556d0c660, 24) = 0 [pid 5285] chdir("./2") = 0 [pid 5285] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5285] setpgid(0, 0) = 0 [pid 5285] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5285] write(3, "1000", 4) = 4 [pid 5285] close(3) = 0 [pid 5285] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5285] memfd_create("syzkaller", 0) = 3 [pid 5285] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 5282] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5281] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5283] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5274] <... write resumed>) = 16777216 [pid 5274] munmap(0x7f716ab16000, 138412032) = 0 [pid 5274] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5285] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5274] <... openat resumed>) = 4 [ 73.531721][ T5274] loop0: detected capacity change from 0 to 32768 [pid 5274] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5274] close(3) = 0 [pid 5274] mkdir("./bus", 0777) = 0 [ 73.597386][ T5274] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz-executor383 (5274) [pid 5274] mount("/dev/loop0", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5070] <... umount2 resumed>) = 0 [pid 5070] umount2("./1/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] newfstatat(AT_FDCWD, "./1/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] umount2("./1/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] openat(AT_FDCWD, "./1/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5070] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5070] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5070] close(4) = 0 [pid 5070] rmdir("./1/bus" [pid 5282] <... write resumed>) = 16777216 [pid 5281] <... write resumed>) = 16777216 [pid 5070] <... rmdir resumed>) = 0 [pid 5070] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5282] munmap(0x7f716ab16000, 138412032 [pid 5070] newfstatat(AT_FDCWD, "./1/binderfs", [pid 5282] <... munmap resumed>) = 0 [pid 5070] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] unlink("./1/binderfs") = 0 [pid 5070] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5070] close(3) = 0 [pid 5070] rmdir("./1") = 0 [pid 5070] mkdir("./2", 0777) = 0 [pid 5281] munmap(0x7f716ab16000, 138412032) = 0 [pid 5283] <... write resumed>) = 16777216 [pid 5282] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5281] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5070] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5282] <... openat resumed>) = 4 [pid 5070] <... openat resumed>) = 3 [pid 5282] ioctl(4, LOOP_SET_FD, 3 [pid 5070] ioctl(3, LOOP_CLR_FD [pid 5282] <... ioctl resumed>) = 0 [pid 5070] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5281] <... openat resumed>) = 4 [pid 5070] close(3 [pid 5283] munmap(0x7f716ab16000, 138412032 [pid 5281] ioctl(4, LOOP_SET_FD, 3 [pid 5070] <... close resumed>) = 0 [pid 5281] <... ioctl resumed>) = 0 [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5285] <... write resumed>) = 16777216 [pid 5070] <... clone resumed>, child_tidptr=0x555556d0c650) = 5299 ./strace-static-x86_64: Process 5299 attached [pid 5285] munmap(0x7f716ab16000, 138412032 [pid 5283] <... munmap resumed>) = 0 [pid 5299] set_robust_list(0x555556d0c660, 24) = 0 [pid 5299] chdir("./2") = 0 [pid 5299] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5299] setpgid(0, 0) = 0 [pid 5299] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5299] write(3, "1000", 4 [pid 5283] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5299] <... write resumed>) = 4 [pid 5283] <... openat resumed>) = 4 [ 73.850819][ T5282] loop1: detected capacity change from 0 to 32768 [ 73.874069][ T5281] loop2: detected capacity change from 0 to 32768 [pid 5282] close(3 [pid 5299] close(3 [pid 5285] <... munmap resumed>) = 0 [pid 5299] <... close resumed>) = 0 [pid 5299] symlink("/dev/binderfs", "./binderfs" [pid 5283] ioctl(4, LOOP_SET_FD, 3 [pid 5281] close(3 [pid 5299] <... symlink resumed>) = 0 [pid 5285] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5281] <... close resumed>) = 0 [pid 5299] memfd_create("syzkaller", 0 [pid 5281] mkdir("./bus", 0777 [pid 5299] <... memfd_create resumed>) = 3 [pid 5281] <... mkdir resumed>) = 0 [pid 5299] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 5282] <... close resumed>) = 0 [pid 5282] mkdir("./bus", 0777 [pid 5281] mount("/dev/loop2", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5282] <... mkdir resumed>) = 0 [pid 5282] mount("/dev/loop1", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5285] <... openat resumed>) = 4 [pid 5283] <... ioctl resumed>) = 0 [pid 5285] ioctl(4, LOOP_SET_FD, 3 [pid 5283] close(3) = 0 [pid 5274] <... mount resumed>) = 0 [pid 5274] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5283] mkdir("./bus", 0777 [pid 5274] <... openat resumed>) = 3 [pid 5283] <... mkdir resumed>) = 0 [pid 5274] chdir("./bus" [pid 5283] mount("/dev/loop3", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5274] <... chdir resumed>) = 0 [pid 5274] ioctl(4, LOOP_CLR_FD) = 0 [pid 5274] close(4) = 0 [ 73.932117][ T5283] loop3: detected capacity change from 0 to 32768 [ 73.964534][ T5281] BTRFS: device /dev/loop2 using temp-fsid a55b34ac-9bf2-49ab-9e29-a70c806c4ea0 [ 73.975540][ T5285] loop4: detected capacity change from 0 to 32768 [pid 5274] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5274] pwrite64(4, "2", 1, 55022 [pid 5285] <... ioctl resumed>) = 0 [pid 5285] close(3) = 0 [pid 5274] <... pwrite64 resumed>) = 1 [pid 5274] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 5274] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5285] mkdir("./bus", 0777) = 0 [pid 5274] <... write resumed>) = 65191 [pid 5274] ftruncate(5, 43006 [pid 5285] mount("/dev/loop4", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5274] <... ftruncate resumed>) = 0 [ 74.024250][ T5281] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz-executor383 (5281) [pid 5274] exit_group(0) = ? [pid 5274] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5274, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=22 /* 0.22 s */} --- [pid 5065] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] newfstatat(3, "", [pid 5299] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [ 74.111775][ T5282] BTRFS: device /dev/loop1 using temp-fsid 960143a9-3e5e-4a24-9673-f26404b1e380 [ 74.135859][ T5282] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz-executor383 (5282) [ 74.226370][ T5283] BTRFS: device /dev/loop3 using temp-fsid 0278e436-7ab8-4808-b357-c8dbbcf55c8c [ 74.258523][ T5283] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz-executor383 (5283) [ 74.260881][ T5282] _btrfs_printk: 63 callbacks suppressed [ 74.260892][ T5282] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm [ 74.304512][ T5285] BTRFS: device /dev/loop4 using temp-fsid e6cdf846-fdab-469e-821c-14346d9ea01f [ 74.314626][ T5283] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm [ 74.323477][ T5283] BTRFS info (device loop3): enabling auto defrag [ 74.335123][ T5282] BTRFS info (device loop1): enabling auto defrag [ 74.342208][ T5285] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz-executor383 (5285) [ 74.356764][ T5283] BTRFS info (device loop3): enabling disk space caching [ 74.364687][ T5282] BTRFS info (device loop1): enabling disk space caching [ 74.378256][ T5283] BTRFS info (device loop3): max_inline at 0 [ 74.387015][ T5282] BTRFS info (device loop1): max_inline at 0 [ 74.393579][ T5283] BTRFS info (device loop3): force clearing of disk cache [ 74.403149][ T5282] BTRFS info (device loop1): force clearing of disk cache [ 74.410406][ T5282] BTRFS info (device loop1): turning on sync discard [ 74.419067][ T5283] BTRFS info (device loop3): turning on sync discard [ 74.428504][ T5282] BTRFS info (device loop1): disk space caching is enabled [ 74.435902][ T5285] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm [ 74.444836][ T5283] BTRFS info (device loop3): disk space caching is enabled [pid 5065] umount2("./2/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5065] umount2("./2/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] newfstatat(AT_FDCWD, "./2/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] umount2("./2/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./2/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [ 74.470919][ T5285] BTRFS info (device loop4): enabling auto defrag [ 74.480480][ T5281] BTRFS info (device loop2): enabling ssd optimizations [pid 5065] close(4) = 0 [pid 5065] rmdir("./2/bus") = 0 [pid 5065] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] unlink("./2/binderfs") = 0 [pid 5065] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 5065] rmdir("./2") = 0 [pid 5065] mkdir("./3", 0777) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = 0 [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5341 attached , child_tidptr=0x555556d0c650) = 5341 [ 74.514532][ T5285] BTRFS info (device loop4): enabling disk space caching [ 74.550781][ T5281] BTRFS info (device loop2): rebuilding free space tree [pid 5341] set_robust_list(0x555556d0c660, 24) = 0 [pid 5341] chdir("./3") = 0 [pid 5341] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5341] setpgid(0, 0) = 0 [pid 5341] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 74.579528][ T5285] BTRFS info (device loop4): max_inline at 0 [ 74.607805][ T5283] BTRFS info (device loop3): enabling ssd optimizations [pid 5341] write(3, "1000", 4) = 4 [pid 5341] close(3 [pid 5299] <... write resumed>) = 16777216 [pid 5341] <... close resumed>) = 0 [pid 5341] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5341] memfd_create("syzkaller", 0) = 3 [pid 5341] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [ 74.633475][ T5285] BTRFS info (device loop4): force clearing of disk cache [pid 5299] munmap(0x7f716ab16000, 138412032) = 0 [ 74.679493][ T5281] BTRFS info (device loop2): disabling free space tree [ 74.700666][ T5283] BTRFS info (device loop3): rebuilding free space tree [ 74.720639][ T5285] BTRFS info (device loop4): turning on sync discard [pid 5299] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [ 74.727376][ T5285] BTRFS info (device loop4): disk space caching is enabled [ 74.739051][ T5281] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 74.762134][ T5282] BTRFS info (device loop1): enabling ssd optimizations [ 74.773770][ T5299] loop5: detected capacity change from 0 to 32768 [pid 5299] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5299] close(3) = 0 [pid 5341] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5299] mkdir("./bus", 0777) = 0 [ 74.803805][ T5282] BTRFS info (device loop1): rebuilding free space tree [ 74.821625][ T5281] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 74.855342][ T5283] BTRFS info (device loop3): disabling free space tree [ 74.871381][ T5299] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 scanned by syz-executor383 (5299) [ 74.889238][ T5282] BTRFS info (device loop1): disabling free space tree [ 74.900642][ T5283] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 74.910314][ T5283] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [pid 5299] mount("/dev/loop5", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5281] <... mount resumed>) = 0 [pid 5281] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5281] chdir("./bus") = 0 [pid 5281] ioctl(4, LOOP_CLR_FD) = 0 [pid 5281] close(4) = 0 [pid 5281] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5281] pwrite64(4, "2", 1, 55022) = 1 [pid 5281] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 5281] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [ 74.968002][ T5282] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [pid 5281] ftruncate(5, 43006) = 0 [pid 5281] exit_group(0) = ? [pid 5281] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5281, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=24 /* 0.24 s */} --- [pid 5067] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5067] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [ 75.011535][ T5299] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm [ 75.020024][ T5299] BTRFS info (device loop5): enabling auto defrag [ 75.041994][ T5282] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [pid 5067] umount2("./2/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5341] <... write resumed>) = 16777216 [pid 5283] <... mount resumed>) = 0 [pid 5283] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5283] chdir("./bus") = 0 [pid 5283] ioctl(4, LOOP_CLR_FD) = 0 [pid 5283] close(4) = 0 [pid 5283] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5283] pwrite64(4, "2", 1, 55022 [ 75.084045][ T5285] BTRFS info (device loop4): enabling ssd optimizations [ 75.110969][ T5299] BTRFS info (device loop5): enabling disk space caching [ 75.118088][ T5299] BTRFS info (device loop5): max_inline at 0 [pid 5341] munmap(0x7f716ab16000, 138412032) = 0 [pid 5283] <... pwrite64 resumed>) = 1 [pid 5283] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 5283] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 5283] ftruncate(5, 43006 [pid 5341] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 75.146839][ T5285] BTRFS info (device loop4): rebuilding free space tree [ 75.183404][ T5341] loop0: detected capacity change from 0 to 32768 [pid 5341] ioctl(4, LOOP_SET_FD, 3 [pid 5282] <... mount resumed>) = 0 [pid 5283] <... ftruncate resumed>) = 0 [pid 5282] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5282] chdir("./bus") = 0 [pid 5282] ioctl(4, LOOP_CLR_FD) = 0 [pid 5282] close(4) = 0 [pid 5282] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5283] exit_group(0) = ? [pid 5283] +++ exited with 0 +++ [pid 5282] pwrite64(4, "2", 1, 55022 [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5283, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=40 /* 0.40 s */} --- [pid 5341] <... ioctl resumed>) = 0 [pid 5341] close(3) = 0 [pid 5341] mkdir("./bus", 0777) = 0 [pid 5341] mount("/dev/loop0", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5068] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5282] <... pwrite64 resumed>) = 1 [pid 5068] umount2("./2/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5282] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 5282] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [ 75.200657][ T5299] BTRFS info (device loop5): force clearing of disk cache [ 75.212431][ T5341] BTRFS: device /dev/loop0 using temp-fsid f082b423-7720-4b76-acdb-ea5f253d6941 [ 75.238500][ T5299] BTRFS info (device loop5): turning on sync discard [pid 5282] ftruncate(5, 43006) = 0 [pid 5282] exit_group(0) = ? [pid 5282] +++ exited with 0 +++ [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5282, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=38 /* 0.38 s */} --- [pid 5066] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5066] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5066] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5066] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [ 75.239400][ T5341] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz-executor383 (5341) [ 75.258323][ T5285] BTRFS info (device loop4): disabling free space tree [ 75.304220][ T5299] BTRFS info (device loop5): disk space caching is enabled [ 75.320626][ T5285] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 75.330280][ T5285] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [pid 5066] umount2("./2/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... umount2 resumed>) = 0 [pid 5067] umount2("./2/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] newfstatat(AT_FDCWD, "./2/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5067] umount2("./2/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./2/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5067] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [ 75.367287][ T5341] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm [pid 5067] rmdir("./2/bus") = 0 [pid 5067] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5067] unlink("./2/binderfs" [pid 5285] <... mount resumed>) = 0 [pid 5067] <... unlink resumed>) = 0 [pid 5285] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5067] getdents64(3, [pid 5285] <... openat resumed>) = 3 [pid 5067] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5285] chdir("./bus") = 0 [pid 5067] rmdir("./2" [pid 5285] ioctl(4, LOOP_CLR_FD) = 0 [pid 5067] <... rmdir resumed>) = 0 [pid 5285] close(4) = 0 [pid 5285] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5067] mkdir("./3", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = 0 [pid 5067] close(3 [pid 5285] pwrite64(4, "2", 1, 55022 [pid 5067] <... close resumed>) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d0c650) = 5378 ./strace-static-x86_64: Process 5378 attached [pid 5378] set_robust_list(0x555556d0c660, 24) = 0 [pid 5378] chdir("./3") = 0 [ 75.445810][ T5341] BTRFS info (device loop0): enabling auto defrag [pid 5378] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5378] setpgid(0, 0) = 0 [pid 5378] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5378] write(3, "1000", 4) = 4 [pid 5378] close(3) = 0 [pid 5378] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5378] memfd_create("syzkaller", 0) = 3 [pid 5378] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 5285] <... pwrite64 resumed>) = 1 [pid 5285] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 5285] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 5285] ftruncate(5, 43006) = 0 [pid 5285] exit_group(0) = ? [pid 5285] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5285, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=35 /* 0.35 s */} --- [pid 5069] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 75.511161][ T5341] BTRFS info (device loop0): enabling disk space caching [ 75.524019][ T5341] BTRFS info (device loop0): max_inline at 0 [ 75.540961][ T5341] BTRFS info (device loop0): force clearing of disk cache [ 75.548434][ T5341] BTRFS info (device loop0): turning on sync discard [pid 5069] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [ 75.594138][ T5341] BTRFS info (device loop0): disk space caching is enabled [ 75.614879][ T5299] BTRFS info (device loop5): enabling ssd optimizations [pid 5069] umount2("./2/bus", MNT_DETACH|UMOUNT_NOFOLLOW [ 75.713010][ T5299] BTRFS info (device loop5): rebuilding free space tree [ 75.795640][ T5299] BTRFS info (device loop5): disabling free space tree [ 75.836922][ T5299] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 75.841012][ T5341] BTRFS info (device loop0): enabling ssd optimizations [pid 5378] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5068] <... umount2 resumed>) = 0 [pid 5068] umount2("./2/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] newfstatat(AT_FDCWD, "./2/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] umount2("./2/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./2/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5068] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5068] rmdir("./2/bus") = 0 [pid 5068] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 75.880756][ T5299] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 75.906460][ T5341] BTRFS info (device loop0): rebuilding free space tree [pid 5068] unlink("./2/binderfs") = 0 [pid 5068] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5068] rmdir("./2") = 0 [ 75.975734][ T5341] BTRFS info (device loop0): disabling free space tree [pid 5068] mkdir("./3", 0777 [pid 5299] <... mount resumed>) = 0 [pid 5068] <... mkdir resumed>) = 0 [pid 5299] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5068] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5299] <... openat resumed>) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5299] chdir("./bus" [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5299] <... chdir resumed>) = 0 [pid 5068] close(3) = 0 [ 76.021194][ T5341] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [pid 5299] ioctl(4, LOOP_CLR_FD [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5299] <... ioctl resumed>) = 0 [pid 5068] <... clone resumed>, child_tidptr=0x555556d0c650) = 5403 ./strace-static-x86_64: Process 5403 attached [pid 5299] close(4 [pid 5403] set_robust_list(0x555556d0c660, 24 [pid 5299] <... close resumed>) = 0 [pid 5403] <... set_robust_list resumed>) = 0 [pid 5299] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5403] chdir("./3") = 0 [pid 5299] <... open resumed>) = 4 [pid 5403] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 76.077218][ T9] cfg80211: failed to load regulatory.db [ 76.080923][ T5341] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [pid 5403] setpgid(0, 0 [pid 5299] pwrite64(4, "2", 1, 55022 [pid 5403] <... setpgid resumed>) = 0 [pid 5299] <... pwrite64 resumed>) = 1 [pid 5299] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 5299] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 5299] ftruncate(5, 43006) = 0 [pid 5403] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5378] <... write resumed>) = 16777216 [pid 5299] exit_group(0 [pid 5403] <... openat resumed>) = 3 [pid 5299] <... exit_group resumed>) = ? [pid 5299] +++ exited with 0 +++ [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5299, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=31 /* 0.31 s */} --- [pid 5403] write(3, "1000", 4) = 4 [pid 5403] close(3 [pid 5341] <... mount resumed>) = 0 [pid 5341] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5403] <... close resumed>) = 0 [pid 5341] <... openat resumed>) = 3 [pid 5070] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5403] symlink("/dev/binderfs", "./binderfs" [pid 5341] chdir("./bus" [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5403] <... symlink resumed>) = 0 [pid 5378] munmap(0x7f716ab16000, 138412032 [pid 5341] <... chdir resumed>) = 0 [pid 5070] <... openat resumed>) = 3 [pid 5341] ioctl(4, LOOP_CLR_FD) = 0 [pid 5341] close(4 [pid 5403] memfd_create("syzkaller", 0 [pid 5341] <... close resumed>) = 0 [pid 5070] newfstatat(3, "", [pid 5341] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5341] <... open resumed>) = 4 [pid 5070] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5070] umount2("./2/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5341] pwrite64(4, "2", 1, 55022 [pid 5378] <... munmap resumed>) = 0 [pid 5341] <... pwrite64 resumed>) = 1 [pid 5341] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 5341] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5403] <... memfd_create resumed>) = 3 [pid 5378] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5341] <... write resumed>) = 65191 [pid 5341] ftruncate(5, 43006 [pid 5378] <... openat resumed>) = 4 [pid 5341] <... ftruncate resumed>) = 0 [pid 5066] <... umount2 resumed>) = 0 [pid 5341] exit_group(0) = ? [pid 5403] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5378] ioctl(4, LOOP_SET_FD, 3 [pid 5341] +++ exited with 0 +++ [pid 5403] <... mmap resumed>) = 0x7f716ab16000 [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5341, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=33 /* 0.33 s */} --- [pid 5065] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5378] <... ioctl resumed>) = 0 [pid 5066] umount2("./2/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5378] close(3 [pid 5065] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] newfstatat(AT_FDCWD, "./2/bus", [pid 5065] <... openat resumed>) = 3 [pid 5066] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 76.254637][ T5378] loop2: detected capacity change from 0 to 32768 [pid 5065] newfstatat(3, "", [pid 5378] <... close resumed>) = 0 [pid 5066] umount2("./2/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5378] mkdir("./bus", 0777 [pid 5069] <... umount2 resumed>) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] getdents64(3, [pid 5066] openat(AT_FDCWD, "./2/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5066] <... openat resumed>) = 4 [pid 5065] umount2("./3/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5378] <... mkdir resumed>) = 0 [pid 5378] mount("/dev/loop2", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5069] umount2("./2/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] newfstatat(4, "", [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] newfstatat(AT_FDCWD, "./2/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] getdents64(4, [pid 5069] umount2("./2/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5069] openat(AT_FDCWD, "./2/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] close(4) = 0 [pid 5069] <... openat resumed>) = 4 [pid 5066] rmdir("./2/bus") = 0 [pid 5066] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] unlink("./2/binderfs") = 0 [pid 5066] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./2") = 0 [pid 5066] mkdir("./3", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5066] close(3) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d0c650) = 5406 [pid 5069] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 76.335465][ T5378] BTRFS: device /dev/loop2 using temp-fsid 55f8a1e1-0c7c-4777-b3c0-b6df7d21fd06 ./strace-static-x86_64: Process 5406 attached [pid 5069] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5069] close(4 [pid 5406] set_robust_list(0x555556d0c660, 24) = 0 [pid 5069] <... close resumed>) = 0 [pid 5069] rmdir("./2/bus") = 0 [pid 5406] chdir("./3") = 0 [pid 5069] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5406] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5069] newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] unlink("./2/binderfs") = 0 [pid 5069] getdents64(3, [pid 5406] <... prctl resumed>) = 0 [pid 5069] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5406] setpgid(0, 0 [pid 5069] close(3) = 0 [pid 5406] <... setpgid resumed>) = 0 [pid 5069] rmdir("./2" [pid 5406] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5069] <... rmdir resumed>) = 0 [pid 5069] mkdir("./3", 0777) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5069] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5407 attached [pid 5406] <... openat resumed>) = 3 [pid 5407] set_robust_list(0x555556d0c660, 24 [pid 5406] write(3, "1000", 4) = 4 [ 76.411199][ T5378] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz-executor383 (5378) [pid 5407] <... set_robust_list resumed>) = 0 [pid 5406] close(3 [pid 5069] <... clone resumed>, child_tidptr=0x555556d0c650) = 5407 [pid 5406] <... close resumed>) = 0 [pid 5407] chdir("./3" [pid 5406] symlink("/dev/binderfs", "./binderfs" [pid 5407] <... chdir resumed>) = 0 [pid 5406] <... symlink resumed>) = 0 [pid 5407] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5406] memfd_create("syzkaller", 0 [pid 5407] <... prctl resumed>) = 0 [pid 5406] <... memfd_create resumed>) = 3 [pid 5407] setpgid(0, 0 [pid 5406] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5407] <... setpgid resumed>) = 0 [pid 5406] <... mmap resumed>) = 0x7f716ab16000 [pid 5407] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5407] write(3, "1000", 4) = 4 [pid 5407] close(3) = 0 [pid 5407] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5407] memfd_create("syzkaller", 0) = 3 [pid 5407] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 5070] <... umount2 resumed>) = 0 [pid 5065] <... umount2 resumed>) = 0 [pid 5070] umount2("./2/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] newfstatat(AT_FDCWD, "./2/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 76.522205][ T5378] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm [ 76.552382][ T5378] BTRFS info (device loop2): enabling auto defrag [ 76.558830][ T5378] BTRFS info (device loop2): enabling disk space caching [pid 5070] umount2("./2/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] umount2("./3/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] openat(AT_FDCWD, "./2/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] newfstatat(AT_FDCWD, "./3/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] umount2("./3/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] <... openat resumed>) = 4 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] newfstatat(4, "", [pid 5065] openat(AT_FDCWD, "./3/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] newfstatat(4, "", [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] getdents64(4, [ 76.611353][ T5378] BTRFS info (device loop2): max_inline at 0 [ 76.617381][ T5378] BTRFS info (device loop2): force clearing of disk cache [pid 5065] getdents64(4, [pid 5070] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5065] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5403] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5070] getdents64(4, [pid 5065] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [pid 5070] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5065] rmdir("./3/bus" [pid 5070] close(4) = 0 [pid 5065] <... rmdir resumed>) = 0 [pid 5070] rmdir("./2/bus" [ 76.654448][ T5378] BTRFS info (device loop2): turning on sync discard [ 76.682973][ T5378] BTRFS info (device loop2): disk space caching is enabled [pid 5065] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] <... rmdir resumed>) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] unlink("./3/binderfs" [pid 5070] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... unlink resumed>) = 0 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5065] close(3 [pid 5070] newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] <... close resumed>) = 0 [pid 5065] rmdir("./3" [pid 5070] unlink("./2/binderfs") = 0 [pid 5065] <... rmdir resumed>) = 0 [pid 5065] mkdir("./4", 0777 [pid 5070] getdents64(3, [pid 5065] <... mkdir resumed>) = 0 [pid 5070] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5070] close(3 [pid 5065] <... openat resumed>) = 3 [pid 5070] <... close resumed>) = 0 [pid 5065] ioctl(3, LOOP_CLR_FD [pid 5070] rmdir("./2" [pid 5065] <... ioctl resumed>) = 0 [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5414 attached [pid 5070] <... rmdir resumed>) = 0 [pid 5070] mkdir("./3", 0777 [pid 5065] <... clone resumed>, child_tidptr=0x555556d0c650) = 5414 [pid 5070] <... mkdir resumed>) = 0 [pid 5070] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5070] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5414] set_robust_list(0x555556d0c660, 24 [pid 5070] close(3 [pid 5414] <... set_robust_list resumed>) = 0 [pid 5070] <... close resumed>) = 0 [pid 5414] chdir("./4" [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5414] <... chdir resumed>) = 0 ./strace-static-x86_64: Process 5416 attached [pid 5414] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5414] setpgid(0, 0) = 0 [pid 5414] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5414] write(3, "1000", 4) = 4 [pid 5414] close(3) = 0 [pid 5414] symlink("/dev/binderfs", "./binderfs" [pid 5416] set_robust_list(0x555556d0c660, 24 [pid 5414] <... symlink resumed>) = 0 [pid 5070] <... clone resumed>, child_tidptr=0x555556d0c650) = 5416 [pid 5416] <... set_robust_list resumed>) = 0 [pid 5414] memfd_create("syzkaller", 0 [pid 5416] chdir("./3") = 0 [pid 5416] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5414] <... memfd_create resumed>) = 3 [pid 5416] setpgid(0, 0 [pid 5414] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5416] <... setpgid resumed>) = 0 [pid 5416] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5414] <... mmap resumed>) = 0x7f716ab16000 [pid 5416] <... openat resumed>) = 3 [pid 5416] write(3, "1000", 4) = 4 [pid 5416] close(3) = 0 [pid 5416] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5416] memfd_create("syzkaller", 0) = 3 [pid 5416] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 5406] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [ 77.000706][ T5378] BTRFS info (device loop2): enabling ssd optimizations [ 77.041441][ T5378] BTRFS info (device loop2): rebuilding free space tree [pid 5407] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [ 77.121911][ T5378] BTRFS info (device loop2): disabling free space tree [ 77.128878][ T5378] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 77.212509][ T5378] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [pid 5416] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5414] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5378] <... mount resumed>) = 0 [pid 5378] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5378] chdir("./bus") = 0 [pid 5378] ioctl(4, LOOP_CLR_FD) = 0 [pid 5378] close(4) = 0 [pid 5378] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5378] pwrite64(4, "2", 1, 55022 [pid 5403] <... write resumed>) = 16777216 [pid 5378] <... pwrite64 resumed>) = 1 [pid 5378] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 5378] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 5378] ftruncate(5, 43006) = 0 [pid 5378] exit_group(0) = ? [pid 5378] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5378, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=29 /* 0.29 s */} --- [pid 5403] munmap(0x7f716ab16000, 138412032) = 0 [pid 5067] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5403] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5403] <... openat resumed>) = 4 [pid 5067] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] newfstatat(3, "", [pid 5403] ioctl(4, LOOP_SET_FD, 3 [pid 5067] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5067] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5067] umount2("./3/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5403] <... ioctl resumed>) = 0 [pid 5403] close(3) = 0 [pid 5403] mkdir("./bus", 0777) = 0 [ 77.433272][ T5403] loop3: detected capacity change from 0 to 32768 [ 77.477454][ T5403] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz-executor383 (5403) [ 77.570973][ T5403] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm [ 77.579454][ T5403] BTRFS info (device loop3): enabling auto defrag [ 77.606818][ T5403] BTRFS info (device loop3): enabling disk space caching [pid 5403] mount("/dev/loop3", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5406] <... write resumed>) = 16777216 [pid 5406] munmap(0x7f716ab16000, 138412032 [pid 5407] <... write resumed>) = 16777216 [pid 5407] munmap(0x7f716ab16000, 138412032) = 0 [ 77.661118][ T5403] BTRFS info (device loop3): max_inline at 0 [ 77.688243][ T5403] BTRFS info (device loop3): force clearing of disk cache [pid 5416] <... write resumed>) = 16777216 [pid 5407] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5406] <... munmap resumed>) = 0 [pid 5407] <... openat resumed>) = 4 [pid 5406] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5416] munmap(0x7f716ab16000, 138412032 [pid 5407] ioctl(4, LOOP_SET_FD, 3 [pid 5406] <... openat resumed>) = 4 [pid 5406] ioctl(4, LOOP_SET_FD, 3 [pid 5416] <... munmap resumed>) = 0 [pid 5416] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5407] <... ioctl resumed>) = 0 [pid 5416] <... openat resumed>) = 4 [ 77.722962][ T5403] BTRFS info (device loop3): turning on sync discard [ 77.736082][ T5407] loop4: detected capacity change from 0 to 32768 [ 77.736275][ T5406] loop1: detected capacity change from 0 to 32768 [ 77.750626][ T5403] BTRFS info (device loop3): disk space caching is enabled [pid 5407] close(3 [pid 5416] ioctl(4, LOOP_SET_FD, 3 [pid 5407] <... close resumed>) = 0 [pid 5407] mkdir("./bus", 0777 [pid 5406] <... ioctl resumed>) = 0 [pid 5407] <... mkdir resumed>) = 0 [pid 5406] close(3 [pid 5407] mount("/dev/loop4", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5406] <... close resumed>) = 0 [pid 5406] mkdir("./bus", 0777) = 0 [pid 5406] mount("/dev/loop1", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5416] <... ioctl resumed>) = 0 [pid 5416] close(3) = 0 [pid 5416] mkdir("./bus", 0777) = 0 [ 77.767818][ T5416] loop5: detected capacity change from 0 to 32768 [ 77.777102][ T5407] BTRFS: device /dev/loop4 using temp-fsid f37d0c56-5a59-43e2-a36c-dde3d2de4316 [ 77.808378][ T5407] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz-executor383 (5407) [pid 5416] mount("/dev/loop5", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5414] <... write resumed>) = 16777216 [pid 5414] munmap(0x7f716ab16000, 138412032) = 0 [ 77.845448][ T5416] BTRFS: device /dev/loop5 using temp-fsid a8f6dd2c-b7ff-481c-b4f3-823eea00bf29 [ 77.860935][ T5416] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 scanned by syz-executor383 (5416) [ 77.862097][ T5407] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm [ 77.884173][ T5407] BTRFS info (device loop4): enabling auto defrag [pid 5414] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5414] ioctl(4, LOOP_SET_FD, 3 [pid 5067] <... umount2 resumed>) = 0 [pid 5414] <... ioctl resumed>) = 0 [pid 5067] umount2("./3/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5414] close(3 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5414] <... close resumed>) = 0 [pid 5067] newfstatat(AT_FDCWD, "./3/bus", [pid 5414] mkdir("./bus", 0777 [pid 5067] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5414] <... mkdir resumed>) = 0 [pid 5067] umount2("./3/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./3/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5414] mount("/dev/loop0", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5067] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./3/bus") = 0 [pid 5067] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 77.890657][ T5407] BTRFS info (device loop4): enabling disk space caching [ 77.892879][ T5414] loop0: detected capacity change from 0 to 32768 [ 77.898596][ T5407] BTRFS info (device loop4): max_inline at 0 [ 77.910282][ T5407] BTRFS info (device loop4): force clearing of disk cache [ 77.917487][ T5407] BTRFS info (device loop4): turning on sync discard [ 77.924285][ T5407] BTRFS info (device loop4): disk space caching is enabled [ 77.929253][ T5416] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm [pid 5067] newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5067] unlink("./3/binderfs") = 0 [pid 5067] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./3") = 0 [pid 5067] mkdir("./4", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d0c650) = 5444 ./strace-static-x86_64: Process 5444 attached [pid 5444] set_robust_list(0x555556d0c660, 24) = 0 [ 77.942279][ T5406] BTRFS: device /dev/loop1 using temp-fsid 2768079c-d615-433a-b073-072131b3aa00 [ 77.946580][ T5416] BTRFS info (device loop5): enabling auto defrag [ 77.952093][ T5406] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz-executor383 (5406) [ 77.967928][ T5416] BTRFS info (device loop5): enabling disk space caching [ 77.979051][ T5416] BTRFS info (device loop5): max_inline at 0 [ 77.986808][ T5416] BTRFS info (device loop5): force clearing of disk cache [pid 5444] chdir("./4") = 0 [pid 5444] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5444] setpgid(0, 0) = 0 [pid 5444] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5444] write(3, "1000", 4) = 4 [pid 5444] close(3) = 0 [pid 5444] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5444] memfd_create("syzkaller", 0) = 3 [pid 5444] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [ 77.994115][ T5416] BTRFS info (device loop5): turning on sync discard [ 78.000745][ T5414] BTRFS: device /dev/loop0 using temp-fsid 022838d9-66d6-46e3-8cdb-30a93263d625 [ 78.001720][ T5416] BTRFS info (device loop5): disk space caching is enabled [ 78.022704][ T5414] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz-executor383 (5414) [ 78.035931][ T5406] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm [ 78.046254][ T5403] BTRFS info (device loop3): enabling ssd optimizations [pid 5444] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5403] <... mount resumed>) = 0 [pid 5403] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5403] chdir("./bus") = 0 [pid 5403] ioctl(4, LOOP_CLR_FD) = 0 [pid 5403] close(4) = 0 [pid 5403] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5403] pwrite64(4, "2", 1, 55022 [pid 5407] <... mount resumed>) = 0 [pid 5403] <... pwrite64 resumed>) = 1 [pid 5403] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 5403] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 5403] ftruncate(5, 43006) = 0 [pid 5403] exit_group(0) = ? [pid 5403] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5403, si_uid=0, si_status=0, si_utime=0, si_stime=30 /* 0.30 s */} --- [pid 5407] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5068] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5407] <... openat resumed>) = 3 [pid 5407] chdir("./bus") = 0 [pid 5407] ioctl(4, LOOP_CLR_FD [pid 5068] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5407] <... ioctl resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5407] close(4 [pid 5068] <... openat resumed>) = 3 [pid 5407] <... close resumed>) = 0 [pid 5068] newfstatat(3, "", [pid 5407] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5068] umount2("./3/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5407] <... open resumed>) = 4 [pid 5407] pwrite64(4, "2", 1, 55022) = 1 [pid 5407] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 5407] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5416] <... mount resumed>) = 0 [pid 5407] <... write resumed>) = 65191 [pid 5407] ftruncate(5, 43006 [pid 5416] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5414] <... mount resumed>) = 0 [pid 5407] <... ftruncate resumed>) = 0 [pid 5414] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5416] <... openat resumed>) = 3 [pid 5414] <... openat resumed>) = 3 [pid 5416] chdir("./bus" [pid 5414] chdir("./bus") = 0 [pid 5414] ioctl(4, LOOP_CLR_FD [pid 5416] <... chdir resumed>) = 0 [pid 5414] <... ioctl resumed>) = 0 [pid 5407] exit_group(0 [pid 5416] ioctl(4, LOOP_CLR_FD [pid 5414] close(4 [pid 5407] <... exit_group resumed>) = ? [pid 5414] <... close resumed>) = 0 [pid 5414] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5416] <... ioctl resumed>) = 0 [pid 5414] <... open resumed>) = 4 [pid 5407] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5407, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=32 /* 0.32 s */} --- [pid 5416] close(4 [pid 5414] pwrite64(4, "2", 1, 55022 [pid 5069] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5416] <... close resumed>) = 0 [pid 5069] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5406] <... mount resumed>) = 0 [pid 5406] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5416] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5406] chdir("./bus" [pid 5069] <... openat resumed>) = 3 [pid 5406] <... chdir resumed>) = 0 [pid 5069] newfstatat(3, "", [pid 5406] ioctl(4, LOOP_CLR_FD [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5406] <... ioctl resumed>) = 0 [pid 5406] close(4) = 0 [pid 5406] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5406] pwrite64(4, "2", 1, 55022 [pid 5069] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5069] umount2("./3/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5416] <... open resumed>) = 4 [pid 5414] <... pwrite64 resumed>) = 1 [pid 5416] pwrite64(4, "2", 1, 55022 [pid 5414] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 5416] <... pwrite64 resumed>) = 1 [pid 5414] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5416] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5414] <... write resumed>) = 65191 [pid 5444] <... write resumed>) = 16777216 [pid 5416] <... openat resumed>) = 5 [pid 5414] ftruncate(5, 43006 [pid 5406] <... pwrite64 resumed>) = 1 [pid 5068] <... umount2 resumed>) = 0 [pid 5406] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 5406] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 5406] ftruncate(5, 43006 [pid 5444] munmap(0x7f716ab16000, 138412032 [pid 5416] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5068] umount2("./3/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] newfstatat(AT_FDCWD, "./3/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5406] <... ftruncate resumed>) = 0 [pid 5068] umount2("./3/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5416] <... write resumed>) = 65191 [pid 5414] <... ftruncate resumed>) = 0 [pid 5406] exit_group(0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./3/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5406] <... exit_group resumed>) = ? [pid 5068] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5444] <... munmap resumed>) = 0 [pid 5416] ftruncate(5, 43006 [pid 5414] exit_group(0 [pid 5068] getdents64(4, [pid 5414] <... exit_group resumed>) = ? [pid 5068] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5406] +++ exited with 0 +++ [pid 5068] close(4) = 0 [pid 5068] rmdir("./3/bus") = 0 [pid 5068] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] newfstatat(AT_FDCWD, "./3/binderfs", [pid 5414] +++ exited with 0 +++ [pid 5068] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5414, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5406, si_uid=0, si_status=0, si_utime=0, si_stime=33 /* 0.33 s */} --- [pid 5068] unlink("./3/binderfs") = 0 [pid 5068] getdents64(3, [pid 5066] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5444] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5068] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5444] <... openat resumed>) = 4 [pid 5068] close(3 [pid 5066] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5444] ioctl(4, LOOP_SET_FD, 3 [pid 5068] <... close resumed>) = 0 [pid 5066] <... openat resumed>) = 3 [pid 5065] <... openat resumed>) = 3 [pid 5416] <... ftruncate resumed>) = 0 [pid 5068] rmdir("./3" [pid 5416] exit_group(0 [pid 5068] <... rmdir resumed>) = 0 [pid 5066] newfstatat(3, "", [pid 5065] newfstatat(3, "", [pid 5068] mkdir("./4", 0777) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5416] <... exit_group resumed>) = ? [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5066] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] <... ioctl resumed>) = 0 [pid 5068] close(3) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5507 attached [pid 5416] +++ exited with 0 +++ [pid 5066] getdents64(3, [pid 5065] getdents64(3, [pid 5507] set_robust_list(0x555556d0c660, 24 [pid 5066] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5065] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5507] <... set_robust_list resumed>) = 0 [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5416, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=33 /* 0.33 s */} --- [pid 5066] umount2("./3/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] umount2("./4/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5507] chdir("./4" [pid 5070] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... clone resumed>, child_tidptr=0x555556d0c650) = 5507 [pid 5507] <... chdir resumed>) = 0 [pid 5507] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5507] setpgid(0, 0) = 0 [pid 5507] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5507] write(3, "1000", 4) = 4 [pid 5507] close(3 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5507] <... close resumed>) = 0 [pid 5507] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5507] memfd_create("syzkaller", 0 [pid 5070] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5507] <... memfd_create resumed>) = 3 [pid 5507] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 5070] <... openat resumed>) = 3 [pid 5444] <... ioctl resumed>) = 0 [pid 5444] close(3) = 0 [pid 5444] mkdir("./bus", 0777) = 0 [pid 5444] mount("/dev/loop2", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5070] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [ 78.490773][ T5444] loop2: detected capacity change from 0 to 32768 [ 78.525682][ T5444] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz-executor383 (5444) [pid 5070] umount2("./3/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... umount2 resumed>) = 0 [pid 5069] umount2("./3/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] newfstatat(AT_FDCWD, "./3/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] umount2("./3/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./3/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 5069] rmdir("./3/bus") = 0 [pid 5069] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] unlink("./3/binderfs") = 0 [pid 5069] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./3") = 0 [pid 5069] mkdir("./4", 0777 [pid 5066] <... umount2 resumed>) = 0 [pid 5069] <... mkdir resumed>) = 0 [pid 5066] umount2("./3/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... openat resumed>) = 3 [pid 5066] newfstatat(AT_FDCWD, "./3/bus", [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5066] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] <... ioctl resumed>) = 0 [pid 5066] umount2("./3/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] close(3 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... close resumed>) = 0 [pid 5066] openat(AT_FDCWD, "./3/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5066] <... openat resumed>) = 4 [pid 5066] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5066] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 5066] rmdir("./3/bus") = 0 [pid 5066] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] unlink("./3/binderfs") = 0 [pid 5066] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./3") = 0 [pid 5069] <... clone resumed>, child_tidptr=0x555556d0c650) = 5523 [pid 5066] mkdir("./4", 0777./strace-static-x86_64: Process 5523 attached ) = 0 [pid 5523] set_robust_list(0x555556d0c660, 24) = 0 [pid 5523] chdir("./4") = 0 [pid 5523] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5523] setpgid(0, 0) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5523] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5065] <... umount2 resumed>) = 0 [pid 5066] <... openat resumed>) = 3 [pid 5523] <... openat resumed>) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD [pid 5523] write(3, "1000", 4 [pid 5066] <... ioctl resumed>) = 0 [pid 5065] umount2("./4/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5523] <... write resumed>) = 4 [pid 5066] close(3 [pid 5523] close(3 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5523] <... close resumed>) = 0 [pid 5066] <... close resumed>) = 0 [pid 5065] newfstatat(AT_FDCWD, "./4/bus", [pid 5523] symlink("/dev/binderfs", "./binderfs" [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5523] <... symlink resumed>) = 0 [pid 5065] umount2("./4/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./4/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] newfstatat(4, "", [pid 5523] memfd_create("syzkaller", 0./strace-static-x86_64: Process 5524 attached [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5524] set_robust_list(0x555556d0c660, 24 [pid 5523] <... memfd_create resumed>) = 3 [pid 5070] <... umount2 resumed>) = 0 [pid 5066] <... clone resumed>, child_tidptr=0x555556d0c650) = 5524 [pid 5065] getdents64(4, [pid 5523] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 5070] umount2("./3/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5524] <... set_robust_list resumed>) = 0 [pid 5065] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5524] chdir("./4" [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] getdents64(4, [pid 5070] newfstatat(AT_FDCWD, "./3/bus", [pid 5065] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] close(4 [pid 5524] <... chdir resumed>) = 0 [pid 5070] umount2("./3/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... close resumed>) = 0 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] rmdir("./4/bus" [pid 5070] openat(AT_FDCWD, "./3/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] <... rmdir resumed>) = 0 [pid 5070] newfstatat(4, "", [pid 5065] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5524] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5524] <... prctl resumed>) = 0 [pid 5065] newfstatat(AT_FDCWD, "./4/binderfs", [pid 5524] setpgid(0, 0) = 0 [pid 5070] getdents64(4, [pid 5065] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5524] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5065] unlink("./4/binderfs" [pid 5070] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5065] <... unlink resumed>) = 0 [pid 5070] getdents64(4, [pid 5065] getdents64(3, [pid 5070] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5065] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5070] close(4 [pid 5065] close(3 [pid 5524] <... openat resumed>) = 3 [pid 5065] <... close resumed>) = 0 [pid 5524] write(3, "1000", 4 [pid 5065] rmdir("./4" [pid 5524] <... write resumed>) = 4 [pid 5070] <... close resumed>) = 0 [pid 5065] <... rmdir resumed>) = 0 [pid 5524] close(3 [pid 5065] mkdir("./5", 0777 [pid 5524] <... close resumed>) = 0 [pid 5524] symlink("/dev/binderfs", "./binderfs" [pid 5070] rmdir("./3/bus" [pid 5065] <... mkdir resumed>) = 0 [pid 5524] <... symlink resumed>) = 0 [pid 5070] <... rmdir resumed>) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5507] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5524] memfd_create("syzkaller", 0 [pid 5070] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... openat resumed>) = 3 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] ioctl(3, LOOP_CLR_FD [pid 5070] newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] <... ioctl resumed>) = 0 [pid 5524] <... memfd_create resumed>) = 3 [pid 5070] unlink("./3/binderfs" [pid 5065] close(3 [pid 5524] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5070] <... unlink resumed>) = 0 [pid 5065] <... close resumed>) = 0 [pid 5524] <... mmap resumed>) = 0x7f716ab16000 [pid 5070] getdents64(3, [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5526 attached [pid 5070] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5526] set_robust_list(0x555556d0c660, 24 [pid 5070] close(3 [pid 5065] <... clone resumed>, child_tidptr=0x555556d0c650) = 5526 [pid 5526] <... set_robust_list resumed>) = 0 [pid 5070] <... close resumed>) = 0 [pid 5070] rmdir("./3") = 0 [pid 5070] mkdir("./4", 0777 [pid 5526] chdir("./5") = 0 [pid 5526] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5070] <... mkdir resumed>) = 0 [pid 5526] <... prctl resumed>) = 0 [pid 5526] setpgid(0, 0 [pid 5070] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5070] ioctl(3, LOOP_CLR_FD) = 0 [pid 5526] <... setpgid resumed>) = 0 [pid 5070] close(3) = 0 [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5526] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5070] <... clone resumed>, child_tidptr=0x555556d0c650) = 5528 ./strace-static-x86_64: Process 5528 attached [pid 5526] <... openat resumed>) = 3 [pid 5528] set_robust_list(0x555556d0c660, 24 [pid 5526] write(3, "1000", 4) = 4 [pid 5526] close(3 [pid 5528] <... set_robust_list resumed>) = 0 [pid 5526] <... close resumed>) = 0 [pid 5526] symlink("/dev/binderfs", "./binderfs" [pid 5528] chdir("./4" [pid 5526] <... symlink resumed>) = 0 [pid 5526] memfd_create("syzkaller", 0 [pid 5528] <... chdir resumed>) = 0 [pid 5528] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5526] <... memfd_create resumed>) = 3 [pid 5528] <... prctl resumed>) = 0 [pid 5526] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 5528] setpgid(0, 0) = 0 [pid 5528] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5444] <... mount resumed>) = 0 [pid 5528] <... openat resumed>) = 3 [pid 5444] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5444] chdir("./bus") = 0 [pid 5444] ioctl(4, LOOP_CLR_FD [pid 5528] write(3, "1000", 4 [pid 5444] <... ioctl resumed>) = 0 [pid 5444] close(4 [pid 5528] <... write resumed>) = 4 [pid 5528] close(3 [pid 5523] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5444] <... close resumed>) = 0 [pid 5528] <... close resumed>) = 0 [pid 5444] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5528] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5444] <... open resumed>) = 4 [pid 5528] memfd_create("syzkaller", 0) = 3 [pid 5444] pwrite64(4, "2", 1, 55022 [pid 5528] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 5444] <... pwrite64 resumed>) = 1 [pid 5444] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 5444] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 5524] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5444] ftruncate(5, 43006) = 0 [pid 5444] exit_group(0) = ? [pid 5444] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5444, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=21 /* 0.21 s */} --- [pid 5067] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5067] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5067] umount2("./4/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5526] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5507] <... write resumed>) = 16777216 [pid 5067] <... umount2 resumed>) = 0 [pid 5067] umount2("./4/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] newfstatat(AT_FDCWD, "./4/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5067] umount2("./4/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./4/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5067] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./4/bus") = 0 [pid 5067] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5067] unlink("./4/binderfs") = 0 [pid 5067] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./4") = 0 [pid 5067] mkdir("./5", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = 0 [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5530 attached , child_tidptr=0x555556d0c650) = 5530 [pid 5530] set_robust_list(0x555556d0c660, 24) = 0 [pid 5530] chdir("./5") = 0 [pid 5530] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5530] setpgid(0, 0 [pid 5507] munmap(0x7f716ab16000, 138412032 [pid 5530] <... setpgid resumed>) = 0 [pid 5524] <... write resumed>) = 16777216 [pid 5507] <... munmap resumed>) = 0 [pid 5530] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5528] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5524] munmap(0x7f716ab16000, 138412032 [pid 5530] write(3, "1000", 4) = 4 [pid 5530] close(3) = 0 [pid 5530] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5530] memfd_create("syzkaller", 0) = 3 [pid 5530] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 5507] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5524] <... munmap resumed>) = 0 [pid 5507] <... openat resumed>) = 4 [pid 5507] ioctl(4, LOOP_SET_FD, 3 [pid 5524] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5524] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5524] close(3 [pid 5507] <... ioctl resumed>) = 0 [pid 5524] <... close resumed>) = 0 [pid 5524] mkdir("./bus", 0777) = 0 [ 79.852602][ T5507] loop3: detected capacity change from 0 to 32768 [ 79.872276][ T5524] loop1: detected capacity change from 0 to 32768 [pid 5524] mount("/dev/loop1", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5507] close(3) = 0 [pid 5507] mkdir("./bus", 0777) = 0 [ 79.911849][ T5524] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz-executor383 (5524) [pid 5507] mount("/dev/loop3", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5523] <... write resumed>) = 16777216 [pid 5523] munmap(0x7f716ab16000, 138412032) = 0 [pid 5523] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 79.979984][ T5507] BTRFS: device /dev/loop3 using temp-fsid cbc3b877-18b7-4c3f-8b59-345e58ccf215 [ 79.993739][ T5524] _btrfs_printk: 49 callbacks suppressed [ 79.993751][ T5524] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm [ 80.011351][ T5507] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz-executor383 (5507) [pid 5523] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5523] close(3) = 0 [ 80.044149][ T5523] loop4: detected capacity change from 0 to 32768 [ 80.062551][ T5524] BTRFS info (device loop1): enabling auto defrag [ 80.069039][ T5524] BTRFS info (device loop1): enabling disk space caching [pid 5523] mkdir("./bus", 0777) = 0 [ 80.086507][ T5507] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm [ 80.107616][ T5523] BTRFS: device /dev/loop4 using temp-fsid bb53eec9-9383-41ee-97ff-7377a48c21d9 [ 80.110836][ T5524] BTRFS info (device loop1): max_inline at 0 [ 80.140679][ T5507] BTRFS info (device loop3): enabling auto defrag [ 80.152417][ T5524] BTRFS info (device loop1): force clearing of disk cache [ 80.159586][ T5524] BTRFS info (device loop1): turning on sync discard [ 80.161379][ T5523] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz-executor383 (5523) [ 80.166741][ T5507] BTRFS info (device loop3): enabling disk space caching [pid 5523] mount("/dev/loop4", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5526] <... write resumed>) = 16777216 [pid 5526] munmap(0x7f716ab16000, 138412032) = 0 [pid 5530] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5526] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 80.210614][ T5524] BTRFS info (device loop1): disk space caching is enabled [ 80.231686][ T5507] BTRFS info (device loop3): max_inline at 0 [ 80.250987][ T5507] BTRFS info (device loop3): force clearing of disk cache [pid 5526] ioctl(4, LOOP_SET_FD, 3) = 0 [ 80.261651][ T5523] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm [ 80.270341][ T5526] loop0: detected capacity change from 0 to 32768 [ 80.277638][ T5523] BTRFS info (device loop4): enabling auto defrag [ 80.301784][ T5507] BTRFS info (device loop3): turning on sync discard [pid 5526] close(3) = 0 [pid 5526] mkdir("./bus", 0777) = 0 [ 80.309177][ T5523] BTRFS info (device loop4): enabling disk space caching [ 80.320181][ T5526] BTRFS: device /dev/loop0 using temp-fsid bc1b9630-279a-4c30-bfdd-146a3d5a4ee5 [ 80.351023][ T5507] BTRFS info (device loop3): disk space caching is enabled [pid 5526] mount("/dev/loop0", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5528] <... write resumed>) = 16777216 [ 80.360304][ T5523] BTRFS info (device loop4): max_inline at 0 [ 80.367763][ T5526] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz-executor383 (5526) [ 80.394361][ T5523] BTRFS info (device loop4): force clearing of disk cache [pid 5528] munmap(0x7f716ab16000, 138412032) = 0 [pid 5530] <... write resumed>) = 16777216 [pid 5528] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5530] munmap(0x7f716ab16000, 138412032 [pid 5528] <... openat resumed>) = 4 [pid 5528] ioctl(4, LOOP_SET_FD, 3 [pid 5530] <... munmap resumed>) = 0 [ 80.414644][ T5523] BTRFS info (device loop4): turning on sync discard [ 80.427821][ T5526] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm [ 80.444076][ T5528] loop5: detected capacity change from 0 to 32768 [ 80.457333][ T5523] BTRFS info (device loop4): disk space caching is enabled [pid 5528] <... ioctl resumed>) = 0 [pid 5528] close(3) = 0 [pid 5528] mkdir("./bus", 0777) = 0 [pid 5528] mount("/dev/loop5", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5530] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 80.468333][ T5524] BTRFS info (device loop1): enabling ssd optimizations [ 80.475535][ T5526] BTRFS info (device loop0): enabling auto defrag [ 80.489525][ T5528] BTRFS: device /dev/loop5 using temp-fsid d4cdc4bc-d6b7-4b6a-a5c2-e2af11d45cfb [ 80.490835][ T5526] BTRFS info (device loop0): enabling disk space caching [ 80.507654][ T5530] loop2: detected capacity change from 0 to 32768 [pid 5530] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5530] close(3) = 0 [pid 5530] mkdir("./bus", 0777) = 0 [ 80.514732][ T5524] BTRFS info (device loop1): rebuilding free space tree [ 80.524733][ T5528] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 scanned by syz-executor383 (5528) [ 80.527394][ T5526] BTRFS info (device loop0): max_inline at 0 [ 80.553762][ T5524] BTRFS info (device loop1): disabling free space tree [ 80.555661][ T5526] BTRFS info (device loop0): force clearing of disk cache [ 80.568017][ T5524] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 80.569421][ T5526] BTRFS info (device loop0): turning on sync discard [ 80.591460][ T5526] BTRFS info (device loop0): disk space caching is enabled [ 80.606189][ T5524] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [pid 5530] mount("/dev/loop2", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5524] <... mount resumed>) = 0 [ 80.619723][ T5530] BTRFS: device /dev/loop2 using temp-fsid 75bc3ee8-0c86-4420-b8f4-a34c90e7720b [ 80.635977][ T5530] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz-executor383 (5530) [ 80.652705][ T5507] BTRFS info (device loop3): enabling ssd optimizations [ 80.661134][ T5528] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm [pid 5524] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5524] chdir("./bus") = 0 [pid 5524] ioctl(4, LOOP_CLR_FD) = 0 [ 80.669977][ T5530] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm [ 80.678897][ T5507] BTRFS info (device loop3): rebuilding free space tree [ 80.686082][ T5530] BTRFS info (device loop2): enabling auto defrag [ 80.697802][ T5530] BTRFS info (device loop2): enabling disk space caching [ 80.706226][ T5530] BTRFS info (device loop2): max_inline at 0 [ 80.712817][ T5507] BTRFS info (device loop3): disabling free space tree [pid 5524] close(4) = 0 [pid 5524] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [ 80.712948][ T5530] BTRFS info (device loop2): force clearing of disk cache [ 80.719731][ T5507] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 80.727103][ T5530] BTRFS info (device loop2): turning on sync discard [ 80.743403][ T5530] BTRFS info (device loop2): disk space caching is enabled [ 80.749843][ T5528] BTRFS info (device loop5): enabling auto defrag [ 80.762798][ T5523] BTRFS info (device loop4): enabling ssd optimizations [pid 5524] pwrite64(4, "2", 1, 55022) = 1 [pid 5524] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 5524] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [ 80.780620][ T5528] BTRFS info (device loop5): enabling disk space caching [ 80.787708][ T5528] BTRFS info (device loop5): max_inline at 0 [ 80.810584][ T5523] BTRFS info (device loop4): rebuilding free space tree [pid 5524] ftruncate(5, 43006) = 0 [pid 5524] exit_group(0) = ? [pid 5524] +++ exited with 0 +++ [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5524, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=34 /* 0.34 s */} --- [pid 5066] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5066] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5066] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5066] umount2("./4/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5507] <... mount resumed>) = 0 [pid 5507] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5507] chdir("./bus") = 0 [pid 5507] ioctl(4, LOOP_CLR_FD) = 0 [ 80.823119][ T5507] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 80.839266][ T5528] BTRFS info (device loop5): force clearing of disk cache [ 80.864087][ T5523] BTRFS info (device loop4): disabling free space tree [pid 5507] close(4) = 0 [pid 5507] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [ 80.901529][ T5528] BTRFS info (device loop5): turning on sync discard [ 80.909103][ T5526] BTRFS info (device loop0): enabling ssd optimizations [ 80.911767][ T5528] BTRFS info (device loop5): disk space caching is enabled [ 80.920584][ T5523] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 80.934164][ T5530] BTRFS info (device loop2): enabling ssd optimizations [pid 5507] pwrite64(4, "2", 1, 55022) = 1 [pid 5507] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 5507] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [ 80.952328][ T5530] BTRFS info (device loop2): rebuilding free space tree [ 80.982388][ T5530] BTRFS info (device loop2): disabling free space tree [ 80.991716][ T5530] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [pid 5507] ftruncate(5, 43006) = 0 [pid 5507] exit_group(0) = ? [pid 5507] +++ exited with 0 +++ [pid 5066] <... umount2 resumed>) = 0 [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5507, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=34 /* 0.34 s */} --- [pid 5068] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5066] umount2("./4/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] umount2("./4/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] newfstatat(AT_FDCWD, "./4/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 81.002250][ T5526] BTRFS info (device loop0): rebuilding free space tree [ 81.016351][ T5523] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 81.026395][ T5526] BTRFS info (device loop0): disabling free space tree [ 81.026783][ T5530] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [pid 5066] umount2("./4/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./4/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5066] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 5066] rmdir("./4/bus") = 0 [pid 5066] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] unlink("./4/binderfs") = 0 [pid 5066] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./4") = 0 [pid 5066] mkdir("./5", 0777 [pid 5530] <... mount resumed>) = 0 [pid 5526] <... mount resumed>) = 0 [pid 5066] <... mkdir resumed>) = 0 [pid 5530] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5526] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5530] <... openat resumed>) = 3 [pid 5526] <... openat resumed>) = 3 [pid 5530] chdir("./bus" [pid 5526] chdir("./bus" [pid 5530] <... chdir resumed>) = 0 [pid 5526] <... chdir resumed>) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5526] ioctl(4, LOOP_CLR_FD [pid 5066] <... openat resumed>) = 3 [pid 5526] <... ioctl resumed>) = 0 [ 81.046845][ T5526] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 81.057015][ T5526] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [pid 5066] ioctl(3, LOOP_CLR_FD [pid 5526] close(4 [pid 5066] <... ioctl resumed>) = 0 [pid 5526] <... close resumed>) = 0 [pid 5066] close(3 [pid 5526] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5066] <... close resumed>) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5526] pwrite64(4, "2", 1, 55022 [pid 5066] <... clone resumed>, child_tidptr=0x555556d0c650) = 5622 [pid 5530] ioctl(4, LOOP_CLR_FD./strace-static-x86_64: Process 5622 attached [pid 5622] set_robust_list(0x555556d0c660, 24 [pid 5530] <... ioctl resumed>) = 0 [pid 5530] close(4) = 0 [pid 5530] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5622] <... set_robust_list resumed>) = 0 [pid 5622] chdir("./5") = 0 [pid 5622] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5526] <... pwrite64 resumed>) = 1 [pid 5622] setpgid(0, 0) = 0 [pid 5622] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5622] write(3, "1000", 4) = 4 [pid 5622] close(3) = 0 [pid 5526] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 5526] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5622] symlink("/dev/binderfs", "./binderfs" [pid 5526] <... write resumed>) = 65191 [pid 5622] <... symlink resumed>) = 0 [pid 5530] <... open resumed>) = 4 [pid 5622] memfd_create("syzkaller", 0 [pid 5530] pwrite64(4, "2", 1, 55022 [pid 5622] <... memfd_create resumed>) = 3 [pid 5622] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5526] ftruncate(5, 43006 [pid 5622] <... mmap resumed>) = 0x7f716ab16000 [pid 5526] <... ftruncate resumed>) = 0 [pid 5526] exit_group(0 [pid 5530] <... pwrite64 resumed>) = 1 [pid 5526] <... exit_group resumed>) = ? [pid 5526] +++ exited with 0 +++ [pid 5530] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5526, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=39 /* 0.39 s */} --- [pid 5530] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5065] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5530] <... write resumed>) = 65191 [pid 5530] ftruncate(5, 43006 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5530] <... ftruncate resumed>) = 0 [pid 5523] <... mount resumed>) = 0 [pid 5065] getdents64(3, [pid 5530] exit_group(0 [pid 5065] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5530] <... exit_group resumed>) = ? [pid 5523] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5065] umount2("./5/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5530] +++ exited with 0 +++ [pid 5523] <... openat resumed>) = 3 [pid 5523] chdir("./bus") = 0 [pid 5068] <... umount2 resumed>) = 0 [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5530, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=39 /* 0.39 s */} --- [pid 5523] ioctl(4, LOOP_CLR_FD [pid 5067] restart_syscall(<... resuming interrupted clone ...> [pid 5523] <... ioctl resumed>) = 0 [pid 5067] <... restart_syscall resumed>) = 0 [pid 5523] close(4 [pid 5068] umount2("./4/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5523] <... close resumed>) = 0 [ 81.247644][ T5528] BTRFS info (device loop5): enabling ssd optimizations [pid 5523] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] newfstatat(AT_FDCWD, "./4/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] umount2("./4/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./4/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5523] <... open resumed>) = 4 [pid 5068] <... openat resumed>) = 4 [pid 5068] newfstatat(4, "", [pid 5067] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5067] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5523] pwrite64(4, "2", 1, 55022 [pid 5068] close(4 [pid 5067] <... openat resumed>) = 3 [pid 5068] <... close resumed>) = 0 [pid 5067] newfstatat(3, "", [pid 5523] <... pwrite64 resumed>) = 1 [pid 5068] rmdir("./4/bus" [pid 5067] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] <... rmdir resumed>) = 0 [pid 5067] getdents64(3, [pid 5523] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5068] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] unlink("./4/binderfs" [pid 5523] <... openat resumed>) = 5 [pid 5523] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5068] <... unlink resumed>) = 0 [pid 5067] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5622] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5523] <... write resumed>) = 65191 [pid 5068] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5068] rmdir("./4") = 0 [pid 5068] mkdir("./5", 0777) = 0 [pid 5523] ftruncate(5, 43006 [pid 5068] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5067] umount2("./5/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... openat resumed>) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD) = 0 [pid 5068] close(3) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5523] <... ftruncate resumed>) = 0 ./strace-static-x86_64: Process 5627 attached [pid 5523] exit_group(0 [pid 5627] set_robust_list(0x555556d0c660, 24 [pid 5068] <... clone resumed>, child_tidptr=0x555556d0c650) = 5627 [pid 5627] <... set_robust_list resumed>) = 0 [pid 5627] chdir("./5") = 0 [pid 5627] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5523] <... exit_group resumed>) = ? [pid 5627] <... prctl resumed>) = 0 [pid 5627] setpgid(0, 0) = 0 [pid 5627] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5523] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5523, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=37 /* 0.37 s */} --- [pid 5627] <... openat resumed>) = 3 [pid 5069] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 81.340756][ T5528] BTRFS info (device loop5): rebuilding free space tree [pid 5069] getdents64(3, [pid 5627] write(3, "1000", 4 [pid 5069] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5065] <... umount2 resumed>) = 0 [pid 5627] <... write resumed>) = 4 [pid 5069] umount2("./4/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5627] close(3) = 0 [pid 5627] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5627] memfd_create("syzkaller", 0) = 3 [pid 5065] umount2("./5/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5627] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] newfstatat(AT_FDCWD, "./5/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] umount2("./5/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./5/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [pid 5065] rmdir("./5/bus") = 0 [pid 5065] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] unlink("./5/binderfs") = 0 [pid 5065] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 5065] rmdir("./5") = 0 [pid 5065] mkdir("./6", 0777) = 0 [ 81.458677][ T5528] BTRFS info (device loop5): disabling free space tree [pid 5065] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = 0 [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d0c650) = 5630 ./strace-static-x86_64: Process 5630 attached [pid 5630] set_robust_list(0x555556d0c660, 24) = 0 [pid 5630] chdir("./6") = 0 [pid 5630] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5630] setpgid(0, 0) = 0 [pid 5630] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 81.514705][ T5528] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [pid 5630] write(3, "1000", 4) = 4 [pid 5630] close(3) = 0 [pid 5630] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5630] memfd_create("syzkaller", 0) = 3 [pid 5067] <... umount2 resumed>) = 0 [pid 5067] umount2("./5/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5630] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5630] <... mmap resumed>) = 0x7f716ab16000 [pid 5067] newfstatat(AT_FDCWD, "./5/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5067] umount2("./5/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./5/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5067] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [ 81.590569][ T5528] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [pid 5067] rmdir("./5/bus") = 0 [pid 5067] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5067] unlink("./5/binderfs") = 0 [pid 5067] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./5") = 0 [pid 5067] mkdir("./6", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = 0 [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5631 attached [pid 5631] set_robust_list(0x555556d0c660, 24 [pid 5067] <... clone resumed>, child_tidptr=0x555556d0c650) = 5631 [pid 5631] <... set_robust_list resumed>) = 0 [pid 5631] chdir("./6") = 0 [pid 5631] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5069] <... umount2 resumed>) = 0 [pid 5631] setpgid(0, 0) = 0 [pid 5631] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5069] umount2("./4/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5631] write(3, "1000", 4 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5631] <... write resumed>) = 4 [pid 5069] newfstatat(AT_FDCWD, "./4/bus", [pid 5631] close(3 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5631] <... close resumed>) = 0 [pid 5069] umount2("./4/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5631] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5631] memfd_create("syzkaller", 0 [pid 5069] openat(AT_FDCWD, "./4/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5631] <... memfd_create resumed>) = 3 [pid 5069] <... openat resumed>) = 4 [pid 5631] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5069] newfstatat(4, "", [pid 5631] <... mmap resumed>) = 0x7f716ab16000 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 5069] rmdir("./4/bus") = 0 [pid 5069] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5528] <... mount resumed>) = 0 [pid 5069] newfstatat(AT_FDCWD, "./4/binderfs", [pid 5528] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5069] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] unlink("./4/binderfs" [pid 5528] <... openat resumed>) = 3 [pid 5069] <... unlink resumed>) = 0 [pid 5069] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./4") = 0 [pid 5069] mkdir("./5", 0777) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5528] chdir("./bus" [pid 5069] <... openat resumed>) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = 0 [pid 5528] <... chdir resumed>) = 0 [pid 5069] close(3) = 0 [pid 5528] ioctl(4, LOOP_CLR_FD [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5632 attached [pid 5528] <... ioctl resumed>) = 0 [pid 5632] set_robust_list(0x555556d0c660, 24 [pid 5528] close(4 [pid 5069] <... clone resumed>, child_tidptr=0x555556d0c650) = 5632 [pid 5632] <... set_robust_list resumed>) = 0 [pid 5528] <... close resumed>) = 0 [pid 5632] chdir("./5") = 0 [pid 5632] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5632] setpgid(0, 0) = 0 [pid 5632] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5528] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5528] pwrite64(4, "2", 1, 55022 [pid 5632] write(3, "1000", 4) = 4 [pid 5632] close(3) = 0 [pid 5632] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5632] memfd_create("syzkaller", 0) = 3 [pid 5632] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 5528] <... pwrite64 resumed>) = 1 [pid 5528] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5622] <... write resumed>) = 16777216 [pid 5528] <... openat resumed>) = 5 [pid 5528] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 5622] munmap(0x7f716ab16000, 138412032) = 0 [pid 5627] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5528] ftruncate(5, 43006) = 0 [pid 5528] exit_group(0) = ? [pid 5622] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5528] +++ exited with 0 +++ [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5528, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=39 /* 0.39 s */} --- [pid 5622] <... openat resumed>) = 4 [pid 5070] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5622] ioctl(4, LOOP_SET_FD, 3 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5070] newfstatat(3, "", [pid 5622] <... ioctl resumed>) = 0 [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5070] umount2("./4/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5622] close(3) = 0 [pid 5622] mkdir("./bus", 0777) = 0 [ 81.991661][ T5622] loop1: detected capacity change from 0 to 32768 [ 82.051695][ T5622] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz-executor383 (5622) [pid 5622] mount("/dev/loop1", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [ 82.172386][ T5622] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm [pid 5630] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5631] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5070] <... umount2 resumed>) = 0 [pid 5070] umount2("./4/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] newfstatat(AT_FDCWD, "./4/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] umount2("./4/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] openat(AT_FDCWD, "./4/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 82.250730][ T5622] BTRFS info (device loop1): enabling auto defrag [ 82.257290][ T5622] BTRFS info (device loop1): enabling disk space caching [pid 5070] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 82.303072][ T5622] BTRFS info (device loop1): max_inline at 0 [pid 5070] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5070] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5070] close(4) = 0 [pid 5070] rmdir("./4/bus") = 0 [pid 5070] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] unlink("./4/binderfs") = 0 [pid 5070] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5070] close(3) = 0 [pid 5070] rmdir("./4") = 0 [pid 5070] mkdir("./5", 0777) = 0 [pid 5070] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5070] ioctl(3, LOOP_CLR_FD) = 0 [pid 5070] close(3) = 0 [ 82.344535][ T5622] BTRFS info (device loop1): force clearing of disk cache [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d0c650) = 5635 ./strace-static-x86_64: Process 5635 attached [pid 5635] set_robust_list(0x555556d0c660, 24) = 0 [pid 5635] chdir("./5" [pid 5632] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5635] <... chdir resumed>) = 0 [pid 5635] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5635] setpgid(0, 0) = 0 [pid 5635] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5635] write(3, "1000", 4) = 4 [pid 5635] close(3) = 0 [pid 5635] symlink("/dev/binderfs", "./binderfs") = 0 [ 82.393754][ T5622] BTRFS info (device loop1): turning on sync discard [ 82.421477][ T5622] BTRFS info (device loop1): disk space caching is enabled [pid 5635] memfd_create("syzkaller", 0) = 3 [pid 5635] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 5627] <... write resumed>) = 16777216 [pid 5627] munmap(0x7f716ab16000, 138412032) = 0 [pid 5627] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5627] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5627] close(3) = 0 [pid 5627] mkdir("./bus", 0777) = 0 [ 82.597596][ T5627] loop3: detected capacity change from 0 to 32768 [ 82.621434][ T5627] BTRFS: device /dev/loop3 using temp-fsid 69441d31-43b6-4bbd-9ce7-82ae3dcb7725 [ 82.631085][ T5627] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz-executor383 (5627) [ 82.741778][ T5627] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm [ 82.750269][ T5627] BTRFS info (device loop3): enabling auto defrag [ 82.811584][ T5622] BTRFS info (device loop1): enabling ssd optimizations [ 82.849858][ T5622] BTRFS info (device loop1): rebuilding free space tree [ 82.857310][ T5627] BTRFS info (device loop3): enabling disk space caching [pid 5627] mount("/dev/loop3", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5630] <... write resumed>) = 16777216 [ 82.908048][ T5622] BTRFS info (device loop1): disabling free space tree [ 82.908389][ T5627] BTRFS info (device loop3): max_inline at 0 [pid 5630] munmap(0x7f716ab16000, 138412032) = 0 [pid 5632] <... write resumed>) = 16777216 [pid 5630] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5632] munmap(0x7f716ab16000, 138412032) = 0 [pid 5630] <... openat resumed>) = 4 [pid 5635] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5630] ioctl(4, LOOP_SET_FD, 3 [ 82.948382][ T5622] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 82.965021][ T5627] BTRFS info (device loop3): force clearing of disk cache [ 82.981552][ T5622] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [pid 5632] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5632] ioctl(4, LOOP_SET_FD, 3 [pid 5630] <... ioctl resumed>) = 0 [pid 5630] close(3) = 0 [pid 5630] mkdir("./bus", 0777 [pid 5632] <... ioctl resumed>) = 0 [pid 5630] <... mkdir resumed>) = 0 [pid 5632] close(3) = 0 [pid 5630] mount("/dev/loop0", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5632] mkdir("./bus", 0777) = 0 [pid 5622] <... mount resumed>) = 0 [pid 5622] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5632] mount("/dev/loop4", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5622] <... openat resumed>) = 3 [pid 5622] chdir("./bus") = 0 [pid 5622] ioctl(4, LOOP_CLR_FD) = 0 [pid 5622] close(4) = 0 [ 82.996160][ T5630] loop0: detected capacity change from 0 to 32768 [ 83.001939][ T5632] loop4: detected capacity change from 0 to 32768 [ 83.006580][ T5627] BTRFS info (device loop3): turning on sync discard [ 83.034247][ T5630] BTRFS: device /dev/loop0 using temp-fsid 0532c767-0156-45d4-ab59-a06a2b6a3f24 [pid 5622] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5622] pwrite64(4, "2", 1, 55022 [pid 5631] <... write resumed>) = 16777216 [ 83.060626][ T5627] BTRFS info (device loop3): disk space caching is enabled [ 83.066523][ T5630] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz-executor383 (5630) [ 83.098581][ T5630] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm [pid 5631] munmap(0x7f716ab16000, 138412032) = 0 [pid 5622] <... pwrite64 resumed>) = 1 [pid 5622] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 5622] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 5631] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5622] ftruncate(5, 43006 [pid 5631] ioctl(4, LOOP_SET_FD, 3 [pid 5622] <... ftruncate resumed>) = 0 [pid 5622] exit_group(0) = ? [pid 5622] +++ exited with 0 +++ [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5622, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=34 /* 0.34 s */} --- [ 83.108533][ T5632] BTRFS: device /dev/loop4 using temp-fsid 9c10b619-413d-4179-a9f5-5b452b0b068a [ 83.131392][ T5630] BTRFS info (device loop0): enabling auto defrag [ 83.138446][ T5630] BTRFS info (device loop0): enabling disk space caching [ 83.144336][ T5631] loop2: detected capacity change from 0 to 32768 [ 83.145961][ T5630] BTRFS info (device loop0): max_inline at 0 [pid 5066] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5066] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5066] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5631] <... ioctl resumed>) = 0 [pid 5066] umount2("./5/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5631] close(3) = 0 [pid 5631] mkdir("./bus", 0777) = 0 [ 83.159009][ T5630] BTRFS info (device loop0): force clearing of disk cache [ 83.166773][ T5630] BTRFS info (device loop0): turning on sync discard [ 83.172001][ T5632] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz-executor383 (5632) [ 83.173580][ T5630] BTRFS info (device loop0): disk space caching is enabled [pid 5631] mount("/dev/loop2", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5066] <... umount2 resumed>) = 0 [ 83.233990][ T5632] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm [ 83.243713][ T5631] BTRFS: device /dev/loop2 using temp-fsid ad9c8af1-d95a-492d-9335-67156a22812b [ 83.249445][ T5632] BTRFS info (device loop4): enabling auto defrag [ 83.270113][ T5631] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz-executor383 (5631) [pid 5066] umount2("./5/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] newfstatat(AT_FDCWD, "./5/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] umount2("./5/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./5/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5066] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5627] <... mount resumed>) = 0 [pid 5066] close(4) = 0 [pid 5627] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5627] chdir("./bus" [pid 5066] rmdir("./5/bus" [pid 5627] <... chdir resumed>) = 0 [pid 5627] ioctl(4, LOOP_CLR_FD) = 0 [pid 5627] close(4) = 0 [pid 5627] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5630] <... mount resumed>) = 0 [pid 5627] pwrite64(4, "2", 1, 55022 [pid 5630] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5630] chdir("./bus") = 0 [pid 5066] <... rmdir resumed>) = 0 [pid 5630] ioctl(4, LOOP_CLR_FD [pid 5627] <... pwrite64 resumed>) = 1 [pid 5066] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5630] <... ioctl resumed>) = 0 [pid 5627] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5630] close(4 [pid 5627] <... openat resumed>) = 5 [pid 5066] newfstatat(AT_FDCWD, "./5/binderfs", [pid 5630] <... close resumed>) = 0 [pid 5627] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5066] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5630] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5627] <... write resumed>) = 65191 [pid 5066] unlink("./5/binderfs" [pid 5630] <... open resumed>) = 4 [pid 5066] <... unlink resumed>) = 0 [pid 5627] ftruncate(5, 43006 [pid 5066] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5630] pwrite64(4, "2", 1, 55022 [pid 5066] close(3 [pid 5627] <... ftruncate resumed>) = 0 [pid 5066] <... close resumed>) = 0 [pid 5627] exit_group(0 [pid 5066] rmdir("./5" [pid 5627] <... exit_group resumed>) = ? [pid 5066] <... rmdir resumed>) = 0 [pid 5627] +++ exited with 0 +++ [pid 5066] mkdir("./6", 0777 [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5627, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=38 /* 0.38 s */} --- [pid 5630] <... pwrite64 resumed>) = 1 [pid 5066] <... mkdir resumed>) = 0 [pid 5068] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5630] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5066] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5630] <... openat resumed>) = 5 [pid 5066] <... openat resumed>) = 3 [pid 5068] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5630] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5068] <... openat resumed>) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD [pid 5068] newfstatat(3, "", [pid 5630] <... write resumed>) = 65191 [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5066] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5630] ftruncate(5, 43006 [pid 5066] close(3 [pid 5632] <... mount resumed>) = 0 [pid 5630] <... ftruncate resumed>) = 0 [pid 5066] <... close resumed>) = 0 [pid 5632] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5632] <... openat resumed>) = 3 [pid 5632] chdir("./bus" [pid 5635] <... write resumed>) = 16777216 [pid 5632] <... chdir resumed>) = 0 [pid 5068] getdents64(3, [pid 5066] <... clone resumed>, child_tidptr=0x555556d0c650) = 5713 ./strace-static-x86_64: Process 5713 attached [pid 5632] ioctl(4, LOOP_CLR_FD [pid 5630] exit_group(0 [pid 5068] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5632] <... ioctl resumed>) = 0 [pid 5068] umount2("./5/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5632] close(4) = 0 [pid 5632] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5630] <... exit_group resumed>) = ? [pid 5635] munmap(0x7f716ab16000, 138412032 [pid 5630] +++ exited with 0 +++ [pid 5631] <... mount resumed>) = 0 [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5630, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=29 /* 0.29 s */} --- [pid 5065] umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5713] set_robust_list(0x555556d0c660, 24 [pid 5631] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5065] <... openat resumed>) = 3 [pid 5713] <... set_robust_list resumed>) = 0 [pid 5632] pwrite64(4, "2", 1, 55022 [pid 5631] <... openat resumed>) = 3 [pid 5065] newfstatat(3, "", [pid 5713] chdir("./6" [pid 5631] chdir("./bus" [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5713] <... chdir resumed>) = 0 [pid 5631] <... chdir resumed>) = 0 [pid 5065] getdents64(3, [pid 5635] <... munmap resumed>) = 0 [pid 5713] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5632] <... pwrite64 resumed>) = 1 [pid 5631] ioctl(4, LOOP_CLR_FD [pid 5065] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5065] umount2("./6/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5632] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5635] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5632] <... openat resumed>) = 5 [pid 5631] <... ioctl resumed>) = 0 [pid 5631] close(4 [pid 5713] <... prctl resumed>) = 0 [pid 5635] <... openat resumed>) = 4 [pid 5632] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5631] <... close resumed>) = 0 [pid 5713] setpgid(0, 0 [pid 5632] <... write resumed>) = 65191 [pid 5631] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5713] <... setpgid resumed>) = 0 [pid 5635] ioctl(4, LOOP_SET_FD, 3 [pid 5632] ftruncate(5, 43006 [pid 5631] <... open resumed>) = 4 [pid 5713] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5632] <... ftruncate resumed>) = 0 [pid 5631] pwrite64(4, "2", 1, 55022 [pid 5713] <... openat resumed>) = 3 [pid 5632] exit_group(0 [pid 5713] write(3, "1000", 4 [pid 5632] <... exit_group resumed>) = ? [pid 5713] <... write resumed>) = 4 [pid 5635] <... ioctl resumed>) = 0 [pid 5632] +++ exited with 0 +++ [pid 5713] close(3 [pid 5635] close(3 [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5632, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=27 /* 0.27 s */} --- [pid 5713] <... close resumed>) = 0 [pid 5713] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5713] memfd_create("syzkaller", 0) = 3 [pid 5713] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 5069] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5635] <... close resumed>) = 0 [pid 5635] mkdir("./bus", 0777 [pid 5069] <... openat resumed>) = 3 [pid 5635] <... mkdir resumed>) = 0 [pid 5631] <... pwrite64 resumed>) = 1 [pid 5069] newfstatat(3, "", [ 83.640618][ T5635] loop5: detected capacity change from 0 to 32768 [pid 5631] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5635] mount("/dev/loop5", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5631] <... openat resumed>) = 5 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5631] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5069] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5631] <... write resumed>) = 65191 [pid 5069] umount2("./5/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5631] ftruncate(5, 43006) = 0 [pid 5631] exit_group(0) = ? [pid 5631] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5631, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=31 /* 0.31 s */} --- [pid 5067] umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 83.702739][ T5635] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 scanned by syz-executor383 (5635) [pid 5067] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5067] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5067] umount2("./6/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... umount2 resumed>) = 0 [pid 5068] umount2("./5/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] newfstatat(AT_FDCWD, "./5/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] umount2("./5/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./5/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] <... umount2 resumed>) = 0 [pid 5068] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] getdents64(4, [pid 5065] umount2("./6/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5068] close(4 [pid 5065] newfstatat(AT_FDCWD, "./6/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] <... close resumed>) = 0 [pid 5068] rmdir("./5/bus" [pid 5065] umount2("./6/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./6/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5068] <... rmdir resumed>) = 0 [pid 5068] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] newfstatat(4, "", [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] newfstatat(AT_FDCWD, "./5/binderfs", [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] getdents64(4, [pid 5068] unlink("./5/binderfs") = 0 [pid 5065] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5065] getdents64(4, [pid 5068] close(3) = 0 [pid 5065] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5068] rmdir("./5" [pid 5065] close(4 [pid 5068] <... rmdir resumed>) = 0 [pid 5065] <... close resumed>) = 0 [pid 5068] mkdir("./6", 0777 [pid 5065] rmdir("./6/bus" [pid 5068] <... mkdir resumed>) = 0 [pid 5065] <... rmdir resumed>) = 0 [pid 5065] umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] newfstatat(AT_FDCWD, "./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] unlink("./6/binderfs" [pid 5068] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5065] <... unlink resumed>) = 0 [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5065] getdents64(3, [pid 5068] <... ioctl resumed>) = 0 [pid 5065] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5065] close(3 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5065] <... close resumed>) = 0 [pid 5065] rmdir("./6" [pid 5068] <... clone resumed>, child_tidptr=0x555556d0c650) = 5730 [pid 5065] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 5730 attached [pid 5065] mkdir("./7", 0777 [pid 5730] set_robust_list(0x555556d0c660, 24 [pid 5065] <... mkdir resumed>) = 0 [pid 5730] <... set_robust_list resumed>) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5730] chdir("./6" [pid 5065] <... openat resumed>) = 3 [pid 5730] <... chdir resumed>) = 0 [pid 5065] ioctl(3, LOOP_CLR_FD [pid 5730] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5065] <... ioctl resumed>) = 0 [pid 5730] <... prctl resumed>) = 0 [pid 5065] close(3 [pid 5730] setpgid(0, 0 [pid 5065] <... close resumed>) = 0 [pid 5730] <... setpgid resumed>) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5730] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 5731 attached ) = 3 [pid 5730] write(3, "1000", 4 [pid 5731] set_robust_list(0x555556d0c660, 24 [pid 5065] <... clone resumed>, child_tidptr=0x555556d0c650) = 5731 [pid 5731] <... set_robust_list resumed>) = 0 [pid 5731] chdir("./7" [pid 5730] <... write resumed>) = 4 [pid 5731] <... chdir resumed>) = 0 [pid 5730] close(3 [pid 5731] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5731] setpgid(0, 0 [pid 5730] <... close resumed>) = 0 [pid 5731] <... setpgid resumed>) = 0 [pid 5731] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5067] <... umount2 resumed>) = 0 [pid 5730] symlink("/dev/binderfs", "./binderfs" [pid 5731] <... openat resumed>) = 3 [pid 5730] <... symlink resumed>) = 0 [pid 5731] write(3, "1000", 4) = 4 [pid 5730] memfd_create("syzkaller", 0 [pid 5731] close(3 [pid 5067] umount2("./6/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5731] <... close resumed>) = 0 [pid 5730] <... memfd_create resumed>) = 3 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5731] symlink("/dev/binderfs", "./binderfs" [pid 5730] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5067] newfstatat(AT_FDCWD, "./6/bus", [pid 5731] <... symlink resumed>) = 0 [pid 5730] <... mmap resumed>) = 0x7f716ab16000 [pid 5067] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5731] memfd_create("syzkaller", 0 [pid 5067] umount2("./6/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5731] <... memfd_create resumed>) = 3 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5731] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 5067] openat(AT_FDCWD, "./6/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5067] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./6/bus") = 0 [pid 5067] umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] newfstatat(AT_FDCWD, "./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5067] unlink("./6/binderfs") = 0 [pid 5067] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./6") = 0 [pid 5067] mkdir("./7", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d0c650) = 5734 [pid 5713] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216./strace-static-x86_64: Process 5734 attached [pid 5734] set_robust_list(0x555556d0c660, 24) = 0 [pid 5734] chdir("./7") = 0 [pid 5734] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5734] setpgid(0, 0) = 0 [pid 5734] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5635] <... mount resumed>) = 0 [pid 5635] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5635] chdir("./bus") = 0 [pid 5635] ioctl(4, LOOP_CLR_FD) = 0 [pid 5635] close(4) = 0 [pid 5635] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5635] pwrite64(4, "2", 1, 55022 [pid 5734] <... openat resumed>) = 3 [pid 5734] write(3, "1000", 4) = 4 [pid 5734] close(3) = 0 [pid 5734] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5734] memfd_create("syzkaller", 0) = 3 [pid 5635] <... pwrite64 resumed>) = 1 [pid 5635] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 5635] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 5734] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5635] ftruncate(5, 43006 [pid 5734] <... mmap resumed>) = 0x7f716ab16000 [pid 5635] <... ftruncate resumed>) = 0 [pid 5635] exit_group(0) = ? [pid 5635] +++ exited with 0 +++ [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5635, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=20 /* 0.20 s */} --- [pid 5070] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5070] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5070] umount2("./5/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5731] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5730] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5070] <... umount2 resumed>) = 0 [pid 5070] umount2("./5/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] newfstatat(AT_FDCWD, "./5/bus", [pid 5069] <... umount2 resumed>) = 0 [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] umount2("./5/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] umount2("./5/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] newfstatat(AT_FDCWD, "./5/bus", [pid 5070] openat(AT_FDCWD, "./5/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] <... openat resumed>) = 4 [pid 5069] umount2("./5/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./5/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5070] getdents64(4, [pid 5069] <... openat resumed>) = 4 [pid 5070] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5069] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5070] getdents64(4, [pid 5069] close(4 [pid 5070] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5070] close(4) = 0 [pid 5069] <... close resumed>) = 0 [pid 5070] rmdir("./5/bus" [pid 5069] rmdir("./5/bus" [pid 5070] <... rmdir resumed>) = 0 [pid 5069] <... rmdir resumed>) = 0 [pid 5070] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] newfstatat(AT_FDCWD, "./5/binderfs", [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] unlink("./5/binderfs" [pid 5069] unlink("./5/binderfs") = 0 [pid 5069] getdents64(3, [pid 5070] <... unlink resumed>) = 0 [pid 5069] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5734] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5069] close(3 [pid 5070] getdents64(3, [pid 5069] <... close resumed>) = 0 [pid 5069] rmdir("./5") = 0 [pid 5069] mkdir("./6", 0777) = 0 [pid 5070] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5070] close(3 [pid 5069] <... openat resumed>) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5069] close(3) = 0 [pid 5070] <... close resumed>) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5070] rmdir("./5") = 0 [pid 5070] mkdir("./6", 0777 [pid 5069] <... clone resumed>, child_tidptr=0x555556d0c650) = 5736 ./strace-static-x86_64: Process 5736 attached [pid 5736] set_robust_list(0x555556d0c660, 24) = 0 [pid 5736] chdir("./6") = 0 [pid 5736] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5736] setpgid(0, 0 [pid 5070] <... mkdir resumed>) = 0 [pid 5736] <... setpgid resumed>) = 0 [pid 5713] <... write resumed>) = 16777216 [pid 5070] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5713] munmap(0x7f716ab16000, 138412032 [pid 5070] ioctl(3, LOOP_CLR_FD [pid 5736] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5070] <... ioctl resumed>) = 0 [pid 5736] <... openat resumed>) = 3 [pid 5070] close(3) = 0 [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5736] write(3, "1000", 4) = 4 [pid 5736] close(3 [pid 5070] <... clone resumed>, child_tidptr=0x555556d0c650) = 5737 [pid 5736] <... close resumed>) = 0 ./strace-static-x86_64: Process 5737 attached [pid 5736] symlink("/dev/binderfs", "./binderfs" [pid 5737] set_robust_list(0x555556d0c660, 24 [pid 5736] <... symlink resumed>) = 0 [pid 5713] <... munmap resumed>) = 0 [pid 5737] <... set_robust_list resumed>) = 0 [pid 5737] chdir("./6") = 0 [pid 5713] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5737] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5736] memfd_create("syzkaller", 0 [pid 5713] <... openat resumed>) = 4 [pid 5737] <... prctl resumed>) = 0 [pid 5713] ioctl(4, LOOP_SET_FD, 3 [pid 5736] <... memfd_create resumed>) = 3 [pid 5736] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 5737] setpgid(0, 0) = 0 [pid 5737] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5737] write(3, "1000", 4) = 4 [pid 5737] close(3) = 0 [pid 5737] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5737] memfd_create("syzkaller", 0) = 3 [pid 5737] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 5713] <... ioctl resumed>) = 0 [pid 5713] close(3) = 0 [ 84.793988][ T5713] loop1: detected capacity change from 0 to 32768 [pid 5713] mkdir("./bus", 0777) = 0 [ 84.871089][ T5713] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz-executor383 (5713) [pid 5713] mount("/dev/loop1", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5731] <... write resumed>) = 16777216 [pid 5731] munmap(0x7f716ab16000, 138412032) = 0 [pid 5731] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5731] ioctl(4, LOOP_SET_FD, 3 [pid 5730] <... write resumed>) = 16777216 [pid 5734] <... write resumed>) = 16777216 [pid 5730] munmap(0x7f716ab16000, 138412032 [pid 5734] munmap(0x7f716ab16000, 138412032 [pid 5730] <... munmap resumed>) = 0 [pid 5734] <... munmap resumed>) = 0 [pid 5731] <... ioctl resumed>) = 0 [pid 5731] close(3) = 0 [ 85.104057][ T5731] loop0: detected capacity change from 0 to 32768 [pid 5731] mkdir("./bus", 0777 [pid 5737] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5731] <... mkdir resumed>) = 0 [pid 5730] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5731] mount("/dev/loop0", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5730] <... openat resumed>) = 4 [pid 5730] ioctl(4, LOOP_SET_FD, 3 [pid 5734] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5734] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5734] close(3) = 0 [pid 5734] mkdir("./bus", 0777) = 0 [pid 5730] <... ioctl resumed>) = 0 [pid 5730] close(3) = 0 [ 85.176672][ T5731] BTRFS: device /dev/loop0 using temp-fsid 97521b27-0ff5-4d52-9cea-10e49aab6e54 [ 85.186527][ T5730] loop3: detected capacity change from 0 to 32768 [ 85.190732][ T5734] loop2: detected capacity change from 0 to 32768 [ 85.203590][ T5713] _btrfs_printk: 51 callbacks suppressed [ 85.203600][ T5713] BTRFS info (device loop1): enabling ssd optimizations [pid 5730] mkdir("./bus", 0777 [pid 5736] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5734] mount("/dev/loop2", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5730] <... mkdir resumed>) = 0 [ 85.219172][ T5731] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz-executor383 (5731) [ 85.254472][ T5713] BTRFS info (device loop1): rebuilding free space tree [ 85.278629][ T5730] BTRFS: device /dev/loop3 using temp-fsid bfa92725-8cc1-4a13-9672-9c944dbb43f1 [ 85.293735][ T5731] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm [ 85.305020][ T5731] BTRFS info (device loop0): enabling auto defrag [ 85.311595][ T5730] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz-executor383 (5730) [ 85.320586][ T5713] BTRFS info (device loop1): disabling free space tree [ 85.340462][ T5731] BTRFS info (device loop0): enabling disk space caching [ 85.348669][ T5731] BTRFS info (device loop0): max_inline at 0 [ 85.356072][ T5731] BTRFS info (device loop0): force clearing of disk cache [ 85.363962][ T5734] BTRFS: device /dev/loop2 using temp-fsid b2509379-616d-4621-8246-986a92544446 [ 85.367287][ T5731] BTRFS info (device loop0): turning on sync discard [ 85.380333][ T5731] BTRFS info (device loop0): disk space caching is enabled [ 85.388681][ T5730] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm [ 85.388725][ T5713] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 85.397721][ T5730] BTRFS info (device loop3): enabling auto defrag [ 85.413942][ T5734] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz-executor383 (5734) [ 85.431672][ T5730] BTRFS info (device loop3): enabling disk space caching [ 85.440271][ T5730] BTRFS info (device loop3): max_inline at 0 [ 85.448692][ T5713] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 85.453534][ T5730] BTRFS info (device loop3): force clearing of disk cache [ 85.459510][ T5734] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm [ 85.466921][ T5730] BTRFS info (device loop3): turning on sync discard [ 85.485440][ T5730] BTRFS info (device loop3): disk space caching is enabled [pid 5730] mount("/dev/loop3", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5713] <... mount resumed>) = 0 [pid 5713] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5713] chdir("./bus") = 0 [pid 5713] ioctl(4, LOOP_CLR_FD) = 0 [pid 5713] close(4) = 0 [pid 5713] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [ 85.502918][ T5734] BTRFS info (device loop2): enabling auto defrag [ 85.509357][ T5734] BTRFS info (device loop2): enabling disk space caching [pid 5713] pwrite64(4, "2", 1, 55022) = 1 [pid 5713] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 5713] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 5713] ftruncate(5, 43006) = 0 [pid 5713] exit_group(0) = ? [ 85.547416][ T5734] BTRFS info (device loop2): max_inline at 0 [ 85.554477][ T5734] BTRFS info (device loop2): force clearing of disk cache [ 85.562967][ T5734] BTRFS info (device loop2): turning on sync discard [ 85.571968][ T5734] BTRFS info (device loop2): disk space caching is enabled [ 85.572059][ T5731] BTRFS info (device loop0): enabling ssd optimizations [pid 5737] <... write resumed>) = 16777216 [pid 5713] +++ exited with 0 +++ [pid 5737] munmap(0x7f716ab16000, 138412032 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5713, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=33 /* 0.33 s */} --- [pid 5737] <... munmap resumed>) = 0 [pid 5066] umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5737] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5737] ioctl(4, LOOP_SET_FD, 3 [pid 5066] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 85.600295][ T5730] BTRFS info (device loop3): enabling ssd optimizations [ 85.629904][ T5730] BTRFS info (device loop3): rebuilding free space tree [ 85.631473][ T5737] loop5: detected capacity change from 0 to 32768 [pid 5736] <... write resumed>) = 16777216 [pid 5066] newfstatat(3, "", [pid 5736] munmap(0x7f716ab16000, 138412032 [pid 5066] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5066] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5066] umount2("./6/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5736] <... munmap resumed>) = 0 [pid 5736] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5736] ioctl(4, LOOP_SET_FD, 3) = 0 [ 85.649257][ T5731] BTRFS info (device loop0): rebuilding free space tree [ 85.665943][ T5730] BTRFS info (device loop3): disabling free space tree [ 85.681731][ T5736] loop4: detected capacity change from 0 to 32768 [pid 5736] close(3) = 0 [pid 5736] mkdir("./bus", 0777 [pid 5737] <... ioctl resumed>) = 0 [pid 5737] close(3) = 0 [pid 5737] mkdir("./bus", 0777) = 0 [pid 5736] <... mkdir resumed>) = 0 [pid 5736] mount("/dev/loop4", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [ 85.706138][ T5734] BTRFS info (device loop2): enabling ssd optimizations [ 85.721670][ T5730] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 85.732029][ T5736] BTRFS: device /dev/loop4 using temp-fsid 9baf4c75-63e7-4e1d-bdbb-8d7e6629a69c [ 85.745711][ T5731] BTRFS info (device loop0): disabling free space tree [pid 5737] mount("/dev/loop5", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5731] <... mount resumed>) = 0 [pid 5731] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5731] chdir("./bus") = 0 [pid 5731] ioctl(4, LOOP_CLR_FD) = 0 [pid 5731] close(4) = 0 [pid 5731] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5731] pwrite64(4, "2", 1, 55022) = 1 [pid 5731] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 5731] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 5731] ftruncate(5, 43006) = 0 [pid 5731] exit_group(0) = ? [pid 5731] +++ exited with 0 +++ [ 85.746124][ T5734] BTRFS info (device loop2): rebuilding free space tree [ 85.759955][ T5731] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 85.759977][ T5731] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 85.762166][ T5730] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 85.780911][ T5736] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz-executor383 (5736) [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5731, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=38 /* 0.38 s */} --- [pid 5065] umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5730] <... mount resumed>) = 0 [pid 5730] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5730] chdir("./bus") = 0 [pid 5730] ioctl(4, LOOP_CLR_FD) = 0 [pid 5730] close(4) = 0 [pid 5730] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5730] pwrite64(4, "2", 1, 55022 [ 85.864245][ T5737] BTRFS: device /dev/loop5 using temp-fsid c15f9471-ef66-4e88-b517-d2e9ff56b21c [ 85.875092][ T5736] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm [ 85.877601][ T5737] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 scanned by syz-executor383 (5737) [ 85.896597][ T5736] BTRFS info (device loop4): enabling auto defrag [ 85.907785][ T5734] BTRFS info (device loop2): disabling free space tree [pid 5065] umount2("./7/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5730] <... pwrite64 resumed>) = 1 [pid 5730] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 5730] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 5730] ftruncate(5, 43006) = 0 [pid 5730] exit_group(0) = ? [ 85.915591][ T5734] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 85.923771][ T5736] BTRFS info (device loop4): enabling disk space caching [ 85.938868][ T5736] BTRFS info (device loop4): max_inline at 0 [ 85.953162][ T5737] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm [pid 5730] +++ exited with 0 +++ [pid 5066] <... umount2 resumed>) = 0 [pid 5066] umount2("./6/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5730, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=40 /* 0.40 s */} --- [pid 5068] umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] newfstatat(AT_FDCWD, "./6/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] umount2("./6/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./6/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] newfstatat(4, "", [pid 5068] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5066] getdents64(4, [pid 5068] <... openat resumed>) = 3 [pid 5066] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5068] newfstatat(3, "", [pid 5066] getdents64(4, [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5066] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5066] close(4 [pid 5068] getdents64(3, [pid 5066] <... close resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5068] umount2("./6/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] rmdir("./6/bus") = 0 [ 85.953955][ T5736] BTRFS info (device loop4): force clearing of disk cache [ 85.969489][ T5736] BTRFS info (device loop4): turning on sync discard [ 85.984757][ T5736] BTRFS info (device loop4): disk space caching is enabled [ 85.994009][ T5737] BTRFS info (device loop5): enabling auto defrag [ 86.001429][ T5734] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [pid 5066] umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] newfstatat(AT_FDCWD, "./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] unlink("./6/binderfs") = 0 [pid 5066] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./6") = 0 [pid 5066] mkdir("./7", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5066] close(3) = 0 [ 86.017531][ T5737] BTRFS info (device loop5): enabling disk space caching [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5806 attached , child_tidptr=0x555556d0c650) = 5806 [pid 5806] set_robust_list(0x555556d0c660, 24) = 0 [pid 5065] <... umount2 resumed>) = 0 [pid 5806] chdir("./7") = 0 [pid 5065] umount2("./7/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5806] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5806] <... prctl resumed>) = 0 [pid 5065] newfstatat(AT_FDCWD, "./7/bus", [pid 5806] setpgid(0, 0 [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] umount2("./7/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./7/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5806] <... setpgid resumed>) = 0 [pid 5065] <... openat resumed>) = 4 [pid 5806] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5065] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [ 86.070784][ T5737] BTRFS info (device loop5): max_inline at 0 [pid 5065] rmdir("./7/bus") = 0 [pid 5065] umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5806] <... openat resumed>) = 3 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] newfstatat(AT_FDCWD, "./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] unlink("./7/binderfs") = 0 [pid 5806] write(3, "1000", 4) = 4 [pid 5065] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 5806] close(3 [pid 5065] rmdir("./7" [pid 5806] <... close resumed>) = 0 [pid 5065] <... rmdir resumed>) = 0 [pid 5806] symlink("/dev/binderfs", "./binderfs" [pid 5734] <... mount resumed>) = 0 [pid 5065] mkdir("./8", 0777) = 0 [pid 5734] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5065] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5806] <... symlink resumed>) = 0 [pid 5734] <... openat resumed>) = 3 [pid 5065] <... openat resumed>) = 3 [pid 5806] memfd_create("syzkaller", 0 [pid 5734] chdir("./bus" [pid 5065] ioctl(3, LOOP_CLR_FD [pid 5734] <... chdir resumed>) = 0 [pid 5065] <... ioctl resumed>) = 0 [pid 5734] ioctl(4, LOOP_CLR_FD [pid 5065] close(3 [pid 5806] <... memfd_create resumed>) = 3 [pid 5734] <... ioctl resumed>) = 0 [pid 5065] <... close resumed>) = 0 [pid 5806] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5734] close(4 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5806] <... mmap resumed>) = 0x7f716ab16000 [pid 5734] <... close resumed>) = 0 ./strace-static-x86_64: Process 5817 attached [pid 5734] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5065] <... clone resumed>, child_tidptr=0x555556d0c650) = 5817 [pid 5817] set_robust_list(0x555556d0c660, 24) = 0 [pid 5734] <... open resumed>) = 4 [pid 5817] chdir("./8" [pid 5734] pwrite64(4, "2", 1, 55022 [pid 5817] <... chdir resumed>) = 0 [pid 5817] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5817] setpgid(0, 0) = 0 [pid 5817] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 86.116891][ T5737] BTRFS info (device loop5): force clearing of disk cache [ 86.145769][ T5736] BTRFS info (device loop4): enabling ssd optimizations [pid 5817] write(3, "1000", 4 [pid 5734] <... pwrite64 resumed>) = 1 [pid 5817] <... write resumed>) = 4 [pid 5734] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5817] close(3 [pid 5734] <... openat resumed>) = 5 [pid 5817] <... close resumed>) = 0 [pid 5734] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5817] symlink("/dev/binderfs", "./binderfs" [pid 5734] <... write resumed>) = 65191 [pid 5817] <... symlink resumed>) = 0 [pid 5734] ftruncate(5, 43006 [pid 5068] <... umount2 resumed>) = 0 [pid 5817] memfd_create("syzkaller", 0 [pid 5068] umount2("./6/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 86.180719][ T5737] BTRFS info (device loop5): turning on sync discard [ 86.187594][ T5737] BTRFS info (device loop5): disk space caching is enabled [ 86.191369][ T5736] BTRFS info (device loop4): rebuilding free space tree [pid 5068] newfstatat(AT_FDCWD, "./6/bus", [pid 5817] <... memfd_create resumed>) = 3 [pid 5734] <... ftruncate resumed>) = 0 [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5734] exit_group(0 [pid 5068] umount2("./6/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5817] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5817] <... mmap resumed>) = 0x7f716ab16000 [pid 5734] <... exit_group resumed>) = ? [pid 5068] openat(AT_FDCWD, "./6/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5734] +++ exited with 0 +++ [pid 5068] <... openat resumed>) = 4 [pid 5068] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5734, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=36 /* 0.36 s */} --- [pid 5068] getdents64(4, [pid 5067] restart_syscall(<... resuming interrupted clone ...> [pid 5068] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5067] <... restart_syscall resumed>) = 0 [pid 5068] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5068] close(4 [pid 5067] umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... close resumed>) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] rmdir("./6/bus" [pid 5067] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] <... rmdir resumed>) = 0 [pid 5067] <... openat resumed>) = 3 [pid 5068] umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] newfstatat(3, "", [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] newfstatat(AT_FDCWD, "./6/binderfs", [pid 5067] getdents64(3, [pid 5068] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5067] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5068] unlink("./6/binderfs") = 0 [pid 5067] umount2("./7/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5068] rmdir("./6") = 0 [pid 5068] mkdir("./7", 0777) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD) = 0 [pid 5068] close(3) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d0c650) = 5832 [ 86.340768][ T5736] BTRFS info (device loop4): disabling free space tree [ 86.347798][ T5736] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [pid 5806] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216./strace-static-x86_64: Process 5832 attached [pid 5832] set_robust_list(0x555556d0c660, 24) = 0 [pid 5832] chdir("./7") = 0 [pid 5832] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5832] setpgid(0, 0) = 0 [pid 5832] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5832] write(3, "1000", 4) = 4 [pid 5832] close(3) = 0 [pid 5832] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5832] memfd_create("syzkaller", 0) = 3 [pid 5832] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [ 86.453505][ T5736] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 86.464251][ T5737] BTRFS info (device loop5): enabling ssd optimizations [ 86.551853][ T5737] BTRFS info (device loop5): rebuilding free space tree [pid 5736] <... mount resumed>) = 0 [pid 5736] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5736] chdir("./bus") = 0 [pid 5736] ioctl(4, LOOP_CLR_FD) = 0 [pid 5736] close(4) = 0 [pid 5736] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [ 86.630880][ T5737] BTRFS info (device loop5): disabling free space tree [ 86.637924][ T5737] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [pid 5736] pwrite64(4, "2", 1, 55022) = 1 [pid 5736] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 5067] <... umount2 resumed>) = 0 [pid 5067] umount2("./7/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5736] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] newfstatat(AT_FDCWD, "./7/bus", [pid 5736] <... write resumed>) = 65191 [pid 5067] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5067] umount2("./7/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./7/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] newfstatat(4, "", [pid 5736] ftruncate(5, 43006 [pid 5832] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5736] <... ftruncate resumed>) = 0 [pid 5067] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5067] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, [pid 5736] exit_group(0 [pid 5067] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./7/bus" [pid 5736] <... exit_group resumed>) = ? [pid 5736] +++ exited with 0 +++ [pid 5067] <... rmdir resumed>) = 0 [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5736, si_uid=0, si_status=0, si_utime=0, si_stime=34 /* 0.34 s */} --- [ 86.693438][ T5737] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [pid 5067] umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] newfstatat(AT_FDCWD, "./7/binderfs", [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5817] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5069] <... openat resumed>) = 3 [pid 5067] unlink("./7/binderfs" [pid 5069] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5067] <... unlink resumed>) = 0 [pid 5067] getdents64(3, [pid 5069] getdents64(3, [pid 5067] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5069] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5067] close(3) = 0 [pid 5067] rmdir("./7" [pid 5069] umount2("./6/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... rmdir resumed>) = 0 [pid 5067] mkdir("./8", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = 0 [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5836 attached , child_tidptr=0x555556d0c650) = 5836 [pid 5836] set_robust_list(0x555556d0c660, 24) = 0 [pid 5836] chdir("./8" [pid 5737] <... mount resumed>) = 0 [pid 5836] <... chdir resumed>) = 0 [pid 5836] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5737] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5836] <... prctl resumed>) = 0 [pid 5836] setpgid(0, 0) = 0 [pid 5836] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5836] write(3, "1000", 4) = 4 [pid 5737] chdir("./bus") = 0 [pid 5737] ioctl(4, LOOP_CLR_FD [pid 5836] close(3 [pid 5737] <... ioctl resumed>) = 0 [pid 5836] <... close resumed>) = 0 [pid 5737] close(4) = 0 [pid 5737] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5836] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5836] memfd_create("syzkaller", 0 [pid 5737] pwrite64(4, "2", 1, 55022 [pid 5836] <... memfd_create resumed>) = 3 [pid 5836] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5737] <... pwrite64 resumed>) = 1 [pid 5737] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5836] <... mmap resumed>) = 0x7f716ab16000 [pid 5737] <... openat resumed>) = 5 [pid 5737] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5806] <... write resumed>) = 16777216 [pid 5737] <... write resumed>) = 65191 [pid 5806] munmap(0x7f716ab16000, 138412032) = 0 [pid 5069] <... umount2 resumed>) = 0 [pid 5806] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5806] ioctl(4, LOOP_SET_FD, 3 [pid 5737] ftruncate(5, 43006 [pid 5069] umount2("./6/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5737] <... ftruncate resumed>) = 0 [pid 5069] newfstatat(AT_FDCWD, "./6/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5806] <... ioctl resumed>) = 0 [pid 5806] close(3) = 0 [pid 5806] mkdir("./bus", 0777) = 0 [pid 5737] exit_group(0 [pid 5069] umount2("./6/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5806] mount("/dev/loop1", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5069] openat(AT_FDCWD, "./6/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 87.022139][ T5806] loop1: detected capacity change from 0 to 32768 [pid 5069] getdents64(4, [pid 5737] <... exit_group resumed>) = ? [pid 5069] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5737] +++ exited with 0 +++ [pid 5069] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5737, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=28 /* 0.28 s */} --- [pid 5069] close(4 [pid 5070] umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... close resumed>) = 0 [pid 5069] rmdir("./6/bus" [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] <... rmdir resumed>) = 0 [pid 5070] <... openat resumed>) = 3 [pid 5070] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] getdents64(3, [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] newfstatat(AT_FDCWD, "./6/binderfs", [pid 5070] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5069] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 87.063588][ T5806] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz-executor383 (5806) [pid 5070] umount2("./6/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] unlink("./6/binderfs") = 0 [pid 5069] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [ 87.122684][ T5806] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm [pid 5069] rmdir("./6") = 0 [pid 5069] mkdir("./7", 0777) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [ 87.170572][ T5806] BTRFS info (device loop1): enabling auto defrag [ 87.178622][ T5806] BTRFS info (device loop1): enabling disk space caching [pid 5069] ioctl(3, LOOP_CLR_FD) = 0 [pid 5069] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d0c650) = 5838 [ 87.221104][ T5806] BTRFS info (device loop1): max_inline at 0 [ 87.227110][ T5806] BTRFS info (device loop1): force clearing of disk cache ./strace-static-x86_64: Process 5838 attached [pid 5838] set_robust_list(0x555556d0c660, 24) = 0 [pid 5838] chdir("./7") = 0 [pid 5838] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5838] setpgid(0, 0) = 0 [pid 5838] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5838] write(3, "1000", 4) = 4 [pid 5838] close(3) = 0 [pid 5838] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5838] memfd_create("syzkaller", 0) = 3 [pid 5838] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [ 87.301252][ T5806] BTRFS info (device loop1): turning on sync discard [ 87.308067][ T5806] BTRFS info (device loop1): disk space caching is enabled [pid 5836] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5817] <... write resumed>) = 16777216 [pid 5070] <... umount2 resumed>) = 0 [pid 5817] munmap(0x7f716ab16000, 138412032 [pid 5070] umount2("./6/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] newfstatat(AT_FDCWD, "./6/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] umount2("./6/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] openat(AT_FDCWD, "./6/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5070] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5070] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5070] close(4) = 0 [pid 5070] rmdir("./6/bus") = 0 [pid 5070] umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5817] <... munmap resumed>) = 0 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5832] <... write resumed>) = 16777216 [pid 5817] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5070] newfstatat(AT_FDCWD, "./6/binderfs", [pid 5817] <... openat resumed>) = 4 [pid 5070] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5817] ioctl(4, LOOP_SET_FD, 3 [pid 5070] unlink("./6/binderfs") = 0 [pid 5070] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5070] close(3) = 0 [pid 5070] rmdir("./6") = 0 [pid 5070] mkdir("./7", 0777 [pid 5832] munmap(0x7f716ab16000, 138412032 [pid 5070] <... mkdir resumed>) = 0 [pid 5070] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5070] ioctl(3, LOOP_CLR_FD) = 0 [pid 5070] close(3) = 0 [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5832] <... munmap resumed>) = 0 [pid 5070] <... clone resumed>, child_tidptr=0x555556d0c650) = 5850 ./strace-static-x86_64: Process 5850 attached [pid 5850] set_robust_list(0x555556d0c660, 24) = 0 [ 87.449944][ T5817] loop0: detected capacity change from 0 to 32768 [pid 5850] chdir("./7" [pid 5832] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5850] <... chdir resumed>) = 0 [pid 5832] <... openat resumed>) = 4 [pid 5850] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5832] ioctl(4, LOOP_SET_FD, 3 [pid 5850] <... prctl resumed>) = 0 [pid 5850] setpgid(0, 0) = 0 [pid 5850] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5850] write(3, "1000", 4) = 4 [pid 5850] close(3) = 0 [pid 5850] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5850] memfd_create("syzkaller", 0) = 3 [pid 5817] <... ioctl resumed>) = 0 [pid 5850] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5817] close(3 [pid 5850] <... mmap resumed>) = 0x7f716ab16000 [pid 5817] <... close resumed>) = 0 [pid 5838] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5817] mkdir("./bus", 0777) = 0 [pid 5832] <... ioctl resumed>) = 0 [pid 5832] close(3) = 0 [ 87.498852][ T5832] loop3: detected capacity change from 0 to 32768 [pid 5832] mkdir("./bus", 0777 [pid 5817] mount("/dev/loop0", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5832] <... mkdir resumed>) = 0 [ 87.555896][ T5817] BTRFS: device /dev/loop0 using temp-fsid 66a8ca42-bcf9-4474-a3a1-c936df8d7ef6 [ 87.572828][ T5806] BTRFS info (device loop1): enabling ssd optimizations [ 87.611533][ T5817] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz-executor383 (5817) [ 87.641648][ T5806] BTRFS info (device loop1): rebuilding free space tree [ 87.693836][ T5832] BTRFS: device /dev/loop3 using temp-fsid 09668e4a-97b0-4143-8af6-366119ceda8d [ 87.711417][ T5817] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm [ 87.723233][ T5832] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz-executor383 (5832) [ 87.741680][ T5806] BTRFS info (device loop1): disabling free space tree [ 87.742943][ T5817] BTRFS info (device loop0): enabling auto defrag [ 87.776395][ T5832] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm [ 87.785301][ T5806] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 87.795670][ T5817] BTRFS info (device loop0): enabling disk space caching [ 87.811001][ T5832] BTRFS info (device loop3): enabling auto defrag [ 87.817547][ T5832] BTRFS info (device loop3): enabling disk space caching [ 87.824839][ T5806] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 87.837018][ T5817] BTRFS info (device loop0): max_inline at 0 [pid 5832] mount("/dev/loop3", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5806] <... mount resumed>) = 0 [pid 5806] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [ 87.843267][ T5832] BTRFS info (device loop3): max_inline at 0 [ 87.849403][ T5817] BTRFS info (device loop0): force clearing of disk cache [ 87.856774][ T5832] BTRFS info (device loop3): force clearing of disk cache [ 87.869857][ T5817] BTRFS info (device loop0): turning on sync discard [ 87.877322][ T5832] BTRFS info (device loop3): turning on sync discard [ 87.884542][ T5817] BTRFS info (device loop0): disk space caching is enabled [pid 5806] chdir("./bus") = 0 [pid 5806] ioctl(4, LOOP_CLR_FD) = 0 [pid 5806] close(4) = 0 [pid 5806] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5806] pwrite64(4, "2", 1, 55022) = 1 [ 87.892542][ T5832] BTRFS info (device loop3): disk space caching is enabled [pid 5806] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 5806] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 5850] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5806] ftruncate(5, 43006) = 0 [pid 5806] exit_group(0) = ? [pid 5806] +++ exited with 0 +++ [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5806, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=33 /* 0.33 s */} --- [pid 5066] umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5066] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5066] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [ 88.041821][ T5832] BTRFS info (device loop3): enabling ssd optimizations [ 88.050703][ T5817] BTRFS info (device loop0): enabling ssd optimizations [ 88.086252][ T5817] BTRFS info (device loop0): rebuilding free space tree [ 88.097277][ T5832] BTRFS info (device loop3): rebuilding free space tree [pid 5066] umount2("./7/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5836] <... write resumed>) = 16777216 [pid 5836] munmap(0x7f716ab16000, 138412032) = 0 [pid 5838] <... write resumed>) = 16777216 [pid 5836] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5838] munmap(0x7f716ab16000, 138412032 [pid 5836] <... openat resumed>) = 4 [pid 5066] <... umount2 resumed>) = 0 [ 88.174020][ T5832] BTRFS info (device loop3): disabling free space tree [ 88.187652][ T5817] BTRFS info (device loop0): disabling free space tree [ 88.197299][ T5832] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [pid 5838] <... munmap resumed>) = 0 [pid 5836] ioctl(4, LOOP_SET_FD, 3 [pid 5066] umount2("./7/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] newfstatat(AT_FDCWD, "./7/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] umount2("./7/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5838] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5836] <... ioctl resumed>) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./7/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5838] <... openat resumed>) = 4 [pid 5836] close(3 [pid 5066] <... openat resumed>) = 4 [pid 5838] ioctl(4, LOOP_SET_FD, 3 [pid 5836] <... close resumed>) = 0 [pid 5066] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5836] mkdir("./bus", 0777 [pid 5066] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5066] close(4 [pid 5836] <... mkdir resumed>) = 0 [pid 5066] <... close resumed>) = 0 [pid 5066] rmdir("./7/bus" [pid 5836] mount("/dev/loop2", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5066] <... rmdir resumed>) = 0 [pid 5066] umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 88.218223][ T5817] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 88.229438][ T5836] loop2: detected capacity change from 0 to 32768 [ 88.244599][ T5832] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 88.258683][ T5838] loop4: detected capacity change from 0 to 32768 [pid 5066] newfstatat(AT_FDCWD, "./7/binderfs", [pid 5838] <... ioctl resumed>) = 0 [pid 5838] close(3 [pid 5832] <... mount resumed>) = 0 [pid 5066] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] unlink("./7/binderfs" [pid 5838] <... close resumed>) = 0 [pid 5832] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5817] <... mount resumed>) = 0 [pid 5832] <... openat resumed>) = 3 [pid 5817] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5838] mkdir("./bus", 0777 [pid 5832] chdir("./bus" [pid 5817] <... openat resumed>) = 3 [pid 5066] <... unlink resumed>) = 0 [pid 5832] <... chdir resumed>) = 0 [pid 5817] chdir("./bus" [pid 5832] ioctl(4, LOOP_CLR_FD [pid 5817] <... chdir resumed>) = 0 [pid 5832] <... ioctl resumed>) = 0 [pid 5817] ioctl(4, LOOP_CLR_FD [pid 5832] close(4 [pid 5817] <... ioctl resumed>) = 0 [pid 5850] <... write resumed>) = 16777216 [pid 5838] <... mkdir resumed>) = 0 [pid 5832] <... close resumed>) = 0 [pid 5817] close(4 [pid 5066] getdents64(3, [pid 5850] munmap(0x7f716ab16000, 138412032 [pid 5838] mount("/dev/loop4", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5066] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5832] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5817] <... close resumed>) = 0 [pid 5832] <... open resumed>) = 4 [pid 5817] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5066] close(3 [pid 5832] pwrite64(4, "2", 1, 55022 [pid 5817] <... open resumed>) = 4 [pid 5817] pwrite64(4, "2", 1, 55022 [pid 5066] <... close resumed>) = 0 [pid 5066] rmdir("./7" [pid 5850] <... munmap resumed>) = 0 [pid 5832] <... pwrite64 resumed>) = 1 [pid 5066] <... rmdir resumed>) = 0 [ 88.280454][ T5836] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz-executor383 (5836) [ 88.316823][ T5838] BTRFS: device /dev/loop4 using temp-fsid 40c18acb-560e-45f5-b727-ea968831a9e0 [pid 5832] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 5832] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 5832] ftruncate(5, 43006) = 0 [pid 5832] exit_group(0) = ? [pid 5817] <... pwrite64 resumed>) = 1 [pid 5850] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5817] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5066] mkdir("./8", 0777 [pid 5850] <... openat resumed>) = 4 [pid 5817] <... openat resumed>) = 5 [pid 5066] <... mkdir resumed>) = 0 [pid 5850] ioctl(4, LOOP_SET_FD, 3 [pid 5066] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5850] <... ioctl resumed>) = 0 [pid 5832] +++ exited with 0 +++ [pid 5817] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5066] <... openat resumed>) = 3 [pid 5817] <... write resumed>) = 65191 [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5832, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=31 /* 0.31 s */} --- [pid 5066] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5066] close(3) = 0 [ 88.334986][ T5838] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz-executor383 (5838) [ 88.350797][ T5850] loop5: detected capacity change from 0 to 32768 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5850] close(3./strace-static-x86_64: Process 5894 attached [pid 5817] ftruncate(5, 43006 [pid 5894] set_robust_list(0x555556d0c660, 24 [pid 5068] umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5894] <... set_robust_list resumed>) = 0 [pid 5066] <... clone resumed>, child_tidptr=0x555556d0c650) = 5894 [pid 5894] chdir("./8" [pid 5850] <... close resumed>) = 0 [pid 5894] <... chdir resumed>) = 0 [pid 5894] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5894] setpgid(0, 0 [pid 5850] mkdir("./bus", 0777 [pid 5817] <... ftruncate resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5894] <... setpgid resumed>) = 0 [pid 5068] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5894] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5850] <... mkdir resumed>) = 0 [pid 5817] exit_group(0 [pid 5068] <... openat resumed>) = 3 [pid 5894] <... openat resumed>) = 3 [pid 5850] mount("/dev/loop5", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5817] <... exit_group resumed>) = ? [pid 5068] newfstatat(3, "", [pid 5894] write(3, "1000", 4) = 4 [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5894] close(3) = 0 [pid 5894] symlink("/dev/binderfs", "./binderfs" [pid 5817] +++ exited with 0 +++ [pid 5068] getdents64(3, [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5817, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=36 /* 0.36 s */} --- [pid 5894] <... symlink resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5894] memfd_create("syzkaller", 0 [pid 5068] umount2("./7/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5894] <... memfd_create resumed>) = 3 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5894] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5065] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5894] <... mmap resumed>) = 0x7f716ab16000 [pid 5065] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [ 88.460648][ T5850] BTRFS: device /dev/loop5 using temp-fsid d74c1300-3caf-4113-bc1a-476852d9b218 [pid 5065] umount2("./8/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5836] <... mount resumed>) = 0 [pid 5836] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5836] chdir("./bus") = 0 [pid 5836] ioctl(4, LOOP_CLR_FD) = 0 [pid 5836] close(4) = 0 [pid 5836] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [ 88.541442][ T5850] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 scanned by syz-executor383 (5850) [pid 5836] pwrite64(4, "2", 1, 55022 [pid 5838] <... mount resumed>) = 0 [pid 5838] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5836] <... pwrite64 resumed>) = 1 [pid 5838] chdir("./bus" [pid 5836] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5838] <... chdir resumed>) = 0 [pid 5836] <... openat resumed>) = 5 [pid 5838] ioctl(4, LOOP_CLR_FD [pid 5836] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5838] <... ioctl resumed>) = 0 [pid 5836] <... write resumed>) = 65191 [pid 5838] close(4 [pid 5894] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5838] <... close resumed>) = 0 [pid 5836] ftruncate(5, 43006 [pid 5838] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5838] pwrite64(4, "2", 1, 55022 [pid 5836] <... ftruncate resumed>) = 0 [pid 5836] exit_group(0) = ? [pid 5836] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5836, si_uid=0, si_status=0, si_utime=0, si_stime=29 /* 0.29 s */} --- [pid 5067] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5067] umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5067] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5067] umount2("./8/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5838] <... pwrite64 resumed>) = 1 [pid 5838] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 5068] <... umount2 resumed>) = 0 [pid 5068] umount2("./7/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5838] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] newfstatat(AT_FDCWD, "./7/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] umount2("./7/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./7/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5068] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] getdents64(4, [pid 5838] <... write resumed>) = 65191 [pid 5068] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, [pid 5838] ftruncate(5, 43006 [pid 5068] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5838] <... ftruncate resumed>) = 0 [pid 5068] rmdir("./7/bus" [pid 5838] exit_group(0 [pid 5068] <... rmdir resumed>) = 0 [pid 5068] umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5838] <... exit_group resumed>) = ? [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5838] +++ exited with 0 +++ [pid 5068] newfstatat(AT_FDCWD, "./7/binderfs", [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5838, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=28 /* 0.28 s */} --- [pid 5068] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] unlink("./7/binderfs") = 0 [pid 5069] umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] getdents64(3, [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5069] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] close(3 [pid 5069] <... openat resumed>) = 3 [pid 5068] <... close resumed>) = 0 [pid 5069] newfstatat(3, "", [pid 5068] rmdir("./7" [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] <... rmdir resumed>) = 0 [pid 5069] getdents64(3, [pid 5068] mkdir("./8", 0777 [pid 5069] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5068] <... mkdir resumed>) = 0 [pid 5069] umount2("./7/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5068] close(3) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5933 attached [pid 5933] set_robust_list(0x555556d0c660, 24 [pid 5068] <... clone resumed>, child_tidptr=0x555556d0c650) = 5933 [pid 5933] <... set_robust_list resumed>) = 0 [pid 5933] chdir("./8" [pid 5065] <... umount2 resumed>) = 0 [pid 5933] <... chdir resumed>) = 0 [pid 5933] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5065] umount2("./8/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5933] <... prctl resumed>) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5933] setpgid(0, 0 [pid 5065] newfstatat(AT_FDCWD, "./8/bus", [pid 5933] <... setpgid resumed>) = 0 [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5933] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5065] umount2("./8/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5933] <... openat resumed>) = 3 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5933] write(3, "1000", 4 [pid 5065] openat(AT_FDCWD, "./8/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5933] <... write resumed>) = 4 [pid 5065] <... openat resumed>) = 4 [pid 5933] close(3 [pid 5065] newfstatat(4, "", [pid 5933] <... close resumed>) = 0 [pid 5933] symlink("/dev/binderfs", "./binderfs" [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5933] <... symlink resumed>) = 0 [pid 5933] memfd_create("syzkaller", 0 [pid 5065] getdents64(4, [pid 5933] <... memfd_create resumed>) = 3 [pid 5933] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5065] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5933] <... mmap resumed>) = 0x7f716ab16000 [pid 5065] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [pid 5065] rmdir("./8/bus") = 0 [pid 5065] umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] newfstatat(AT_FDCWD, "./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] unlink("./8/binderfs") = 0 [pid 5065] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 5065] rmdir("./8") = 0 [pid 5065] mkdir("./9", 0777) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = 0 [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d0c650) = 5935 ./strace-static-x86_64: Process 5935 attached [pid 5935] set_robust_list(0x555556d0c660, 24) = 0 [pid 5935] chdir("./9") = 0 [pid 5935] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5935] setpgid(0, 0) = 0 [pid 5935] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5935] write(3, "1000", 4) = 4 [pid 5935] close(3) = 0 [pid 5935] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5935] memfd_create("syzkaller", 0 [pid 5067] <... umount2 resumed>) = 0 [pid 5850] <... mount resumed>) = 0 [pid 5935] <... memfd_create resumed>) = 3 [pid 5850] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5935] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5850] <... openat resumed>) = 3 [pid 5850] chdir("./bus" [pid 5935] <... mmap resumed>) = 0x7f716ab16000 [pid 5850] <... chdir resumed>) = 0 [pid 5850] ioctl(4, LOOP_CLR_FD) = 0 [pid 5067] umount2("./8/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] newfstatat(AT_FDCWD, "./8/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5067] umount2("./8/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./8/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5850] close(4) = 0 [pid 5850] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5067] <... openat resumed>) = 4 [pid 5067] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5850] pwrite64(4, "2", 1, 55022 [pid 5067] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5850] <... pwrite64 resumed>) = 1 [pid 5850] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 5850] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 5067] rmdir("./8/bus" [pid 5850] ftruncate(5, 43006 [pid 5067] <... rmdir resumed>) = 0 [pid 5069] <... umount2 resumed>) = 0 [pid 5067] umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5850] <... ftruncate resumed>) = 0 [pid 5069] umount2("./7/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] newfstatat(AT_FDCWD, "./8/binderfs", [pid 5850] exit_group(0) = ? [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5850] +++ exited with 0 +++ [pid 5069] newfstatat(AT_FDCWD, "./7/bus", [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5850, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=27 /* 0.27 s */} --- [pid 5070] umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5070] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5070] umount2("./7/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5067] unlink("./8/binderfs" [pid 5069] umount2("./7/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] <... unlink resumed>) = 0 [pid 5069] openat(AT_FDCWD, "./7/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5067] getdents64(3, [pid 5069] <... openat resumed>) = 4 [pid 5067] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5069] newfstatat(4, "", [pid 5067] close(3 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5067] <... close resumed>) = 0 [pid 5069] getdents64(4, [pid 5067] rmdir("./8" [pid 5069] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5067] <... rmdir resumed>) = 0 [pid 5069] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5067] mkdir("./9", 0777 [pid 5069] close(4 [pid 5067] <... mkdir resumed>) = 0 [pid 5069] <... close resumed>) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5069] rmdir("./7/bus" [pid 5067] <... openat resumed>) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD [pid 5069] <... rmdir resumed>) = 0 [pid 5067] <... ioctl resumed>) = 0 [pid 5069] umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] close(3 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] <... close resumed>) = 0 [pid 5069] newfstatat(AT_FDCWD, "./7/binderfs", [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5938 attached [pid 5069] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] unlink("./7/binderfs" [pid 5067] <... clone resumed>, child_tidptr=0x555556d0c650) = 5938 [pid 5938] set_robust_list(0x555556d0c660, 24 [pid 5069] <... unlink resumed>) = 0 [pid 5938] <... set_robust_list resumed>) = 0 [pid 5069] getdents64(3, [pid 5938] chdir("./9" [pid 5069] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5938] <... chdir resumed>) = 0 [pid 5069] close(3) = 0 [pid 5938] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5069] rmdir("./7" [pid 5938] setpgid(0, 0 [pid 5069] <... rmdir resumed>) = 0 [pid 5938] <... setpgid resumed>) = 0 [pid 5069] mkdir("./8", 0777 [pid 5938] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5069] <... mkdir resumed>) = 0 [pid 5938] <... openat resumed>) = 3 [pid 5069] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5938] write(3, "1000", 4) = 4 [pid 5069] <... openat resumed>) = 3 [pid 5938] close(3 [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5938] <... close resumed>) = 0 [pid 5938] symlink("/dev/binderfs", "./binderfs" [pid 5069] <... ioctl resumed>) = 0 [pid 5938] <... symlink resumed>) = 0 [pid 5069] close(3 [pid 5938] memfd_create("syzkaller", 0 [pid 5069] <... close resumed>) = 0 [pid 5938] <... memfd_create resumed>) = 3 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5938] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 ./strace-static-x86_64: Process 5940 attached [pid 5940] set_robust_list(0x555556d0c660, 24) = 0 [pid 5940] chdir("./8") = 0 [pid 5940] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5940] setpgid(0, 0) = 0 [pid 5940] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5894] <... write resumed>) = 16777216 [pid 5069] <... clone resumed>, child_tidptr=0x555556d0c650) = 5940 [pid 5940] <... openat resumed>) = 3 [pid 5940] write(3, "1000", 4) = 4 [pid 5894] munmap(0x7f716ab16000, 138412032 [pid 5940] close(3 [pid 5894] <... munmap resumed>) = 0 [pid 5940] <... close resumed>) = 0 [pid 5940] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5940] memfd_create("syzkaller", 0) = 3 [pid 5940] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 5933] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5894] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5894] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5894] close(3) = 0 [pid 5894] mkdir("./bus", 0777 [pid 5070] <... umount2 resumed>) = 0 [pid 5894] <... mkdir resumed>) = 0 [pid 5070] umount2("./7/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5935] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [ 89.363909][ T5894] loop1: detected capacity change from 0 to 32768 [pid 5070] newfstatat(AT_FDCWD, "./7/bus", [pid 5894] mount("/dev/loop1", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] umount2("./7/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] openat(AT_FDCWD, "./7/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5070] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5070] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5070] close(4) = 0 [pid 5070] rmdir("./7/bus") = 0 [pid 5070] umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] newfstatat(AT_FDCWD, "./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] unlink("./7/binderfs") = 0 [pid 5070] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5070] close(3) = 0 [ 89.423000][ T5894] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz-executor383 (5894) [pid 5070] rmdir("./7") = 0 [pid 5070] mkdir("./8", 0777) = 0 [pid 5070] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5070] ioctl(3, LOOP_CLR_FD) = 0 [pid 5070] close(3) = 0 [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5941 attached [pid 5941] set_robust_list(0x555556d0c660, 24 [pid 5070] <... clone resumed>, child_tidptr=0x555556d0c650) = 5941 [pid 5941] <... set_robust_list resumed>) = 0 [pid 5941] chdir("./8") = 0 [pid 5941] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5941] setpgid(0, 0) = 0 [pid 5941] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5941] write(3, "1000", 4) = 4 [pid 5941] close(3) = 0 [pid 5941] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5941] memfd_create("syzkaller", 0) = 3 [pid 5941] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 5938] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5940] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5894] <... mount resumed>) = 0 [pid 5894] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5894] chdir("./bus") = 0 [pid 5894] ioctl(4, LOOP_CLR_FD) = 0 [pid 5894] close(4 [pid 5941] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5894] <... close resumed>) = 0 [pid 5894] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5894] pwrite64(4, "2", 1, 55022 [pid 5933] <... write resumed>) = 16777216 [pid 5933] munmap(0x7f716ab16000, 138412032 [pid 5894] <... pwrite64 resumed>) = 1 [pid 5894] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 5894] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 5933] <... munmap resumed>) = 0 [pid 5894] ftruncate(5, 43006 [pid 5933] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5894] <... ftruncate resumed>) = 0 [pid 5894] exit_group(0) = ? [pid 5933] <... openat resumed>) = 4 [pid 5933] ioctl(4, LOOP_SET_FD, 3 [pid 5894] +++ exited with 0 +++ [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5894, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=23 /* 0.23 s */} --- [pid 5066] umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5066] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5066] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5066] umount2("./8/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5935] <... write resumed>) = 16777216 [pid 5933] <... ioctl resumed>) = 0 [pid 5935] munmap(0x7f716ab16000, 138412032 [ 90.185693][ T5933] loop3: detected capacity change from 0 to 32768 [pid 5933] close(3) = 0 [pid 5933] mkdir("./bus", 0777) = 0 [pid 5933] mount("/dev/loop3", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5935] <... munmap resumed>) = 0 [pid 5935] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 90.256740][ T5933] BTRFS: device /dev/loop3 using temp-fsid 5af00952-e4e8-459f-a132-4db32295da96 [ 90.281246][ T5933] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz-executor383 (5933) [pid 5935] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5935] close(3) = 0 [pid 5935] mkdir("./bus", 0777) = 0 [ 90.301620][ T5935] loop0: detected capacity change from 0 to 32768 [ 90.314510][ T5933] _btrfs_printk: 49 callbacks suppressed [ 90.314521][ T5933] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm [ 90.340688][ T5935] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz-executor383 (5935) [pid 5935] mount("/dev/loop0", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5066] <... umount2 resumed>) = 0 [pid 5066] umount2("./8/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] newfstatat(AT_FDCWD, "./8/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] umount2("./8/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./8/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5066] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 5066] rmdir("./8/bus") = 0 [ 90.353458][ T5933] BTRFS info (device loop3): enabling auto defrag [ 90.360147][ T5933] BTRFS info (device loop3): enabling disk space caching [pid 5066] umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] newfstatat(AT_FDCWD, "./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] unlink("./8/binderfs") = 0 [pid 5066] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./8") = 0 [pid 5066] mkdir("./9", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = 0 [pid 5066] close(3) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5940] <... write resumed>) = 16777216 [pid 5938] <... write resumed>) = 16777216 [pid 5066] <... clone resumed>, child_tidptr=0x555556d0c650) = 5959 ./strace-static-x86_64: Process 5959 attached [pid 5940] munmap(0x7f716ab16000, 138412032 [pid 5938] munmap(0x7f716ab16000, 138412032 [pid 5940] <... munmap resumed>) = 0 [ 90.410672][ T5933] BTRFS info (device loop3): max_inline at 0 [ 90.417673][ T5933] BTRFS info (device loop3): force clearing of disk cache [ 90.428121][ T5935] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm [ 90.432512][ T5933] BTRFS info (device loop3): turning on sync discard [pid 5959] set_robust_list(0x555556d0c660, 24) = 0 [pid 5940] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5938] <... munmap resumed>) = 0 [pid 5959] chdir("./9" [pid 5940] <... openat resumed>) = 4 [pid 5940] ioctl(4, LOOP_SET_FD, 3 [pid 5938] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5940] <... ioctl resumed>) = 0 [pid 5938] <... openat resumed>) = 4 [pid 5959] <... chdir resumed>) = 0 [pid 5938] ioctl(4, LOOP_SET_FD, 3 [pid 5959] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5959] setpgid(0, 0) = 0 [pid 5959] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5959] write(3, "1000", 4) = 4 [pid 5959] close(3) = 0 [pid 5959] symlink("/dev/binderfs", "./binderfs") = 0 [ 90.464115][ T5933] BTRFS info (device loop3): disk space caching is enabled [ 90.466671][ T5935] BTRFS info (device loop0): enabling auto defrag [ 90.482376][ T5940] loop4: detected capacity change from 0 to 32768 [ 90.492613][ T5938] loop2: detected capacity change from 0 to 32768 [pid 5959] memfd_create("syzkaller", 0) = 3 [pid 5959] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5940] close(3 [pid 5959] <... mmap resumed>) = 0x7f716ab16000 [pid 5940] <... close resumed>) = 0 [pid 5940] mkdir("./bus", 0777) = 0 [pid 5940] mount("/dev/loop4", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5938] <... ioctl resumed>) = 0 [pid 5938] close(3) = 0 [pid 5938] mkdir("./bus", 0777) = 0 [ 90.514064][ T5935] BTRFS info (device loop0): enabling disk space caching [ 90.541887][ T5940] BTRFS: device /dev/loop4 using temp-fsid 96b1c604-0631-48ab-bcab-591ce9be0e1e [ 90.560610][ T5940] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz-executor383 (5940) [ 90.561866][ T5935] BTRFS info (device loop0): max_inline at 0 [ 90.600816][ T5935] BTRFS info (device loop0): force clearing of disk cache [ 90.604604][ T5938] BTRFS: device /dev/loop2 using temp-fsid 2b8257ee-5f47-4f64-afa6-c6a81ccdd758 [ 90.607973][ T5935] BTRFS info (device loop0): turning on sync discard [ 90.607999][ T5935] BTRFS info (device loop0): disk space caching is enabled [ 90.617774][ T5938] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz-executor383 (5938) [ 90.651738][ T5940] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm [pid 5938] mount("/dev/loop2", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5941] <... write resumed>) = 16777216 [ 90.660179][ T5940] BTRFS info (device loop4): enabling auto defrag [ 90.683512][ T5938] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm [ 90.707307][ T5938] BTRFS info (device loop2): enabling auto defrag [pid 5941] munmap(0x7f716ab16000, 138412032) = 0 [pid 5941] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [ 90.715646][ T5938] BTRFS info (device loop2): enabling disk space caching [ 90.722261][ T5940] BTRFS info (device loop4): enabling disk space caching [ 90.727964][ T5938] BTRFS info (device loop2): max_inline at 0 [ 90.741250][ T5933] BTRFS info (device loop3): enabling ssd optimizations [ 90.757440][ T5940] BTRFS info (device loop4): max_inline at 0 [pid 5941] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5941] close(3) = 0 [pid 5941] mkdir("./bus", 0777) = 0 [ 90.763855][ T5938] BTRFS info (device loop2): force clearing of disk cache [ 90.765066][ T5941] loop5: detected capacity change from 0 to 32768 [ 90.771832][ T5938] BTRFS info (device loop2): turning on sync discard [ 90.779865][ T5940] BTRFS info (device loop4): force clearing of disk cache [ 90.784666][ T5938] BTRFS info (device loop2): disk space caching is enabled [ 90.791712][ T5933] BTRFS info (device loop3): rebuilding free space tree [pid 5941] mount("/dev/loop5", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [ 90.821272][ T5940] BTRFS info (device loop4): turning on sync discard [ 90.828272][ T5941] BTRFS: device /dev/loop5 using temp-fsid 4d45780a-51de-4749-bb94-a70312120a7a [ 90.828291][ T5940] BTRFS info (device loop4): disk space caching is enabled [ 90.837393][ T5941] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 scanned by syz-executor383 (5941) [ 90.867040][ T5935] BTRFS info (device loop0): enabling ssd optimizations [ 90.867196][ T5941] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm [ 90.893168][ T5935] BTRFS info (device loop0): rebuilding free space tree [ 90.910850][ T5941] BTRFS info (device loop5): enabling auto defrag [ 90.923358][ T5933] BTRFS info (device loop3): disabling free space tree [ 90.930269][ T5933] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 90.942666][ T5941] BTRFS info (device loop5): enabling disk space caching [ 90.942710][ T5935] BTRFS info (device loop0): disabling free space tree [ 90.951575][ T5941] BTRFS info (device loop5): max_inline at 0 [pid 5959] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5933] <... mount resumed>) = 0 [pid 5933] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5933] chdir("./bus") = 0 [pid 5933] ioctl(4, LOOP_CLR_FD) = 0 [pid 5933] close(4) = 0 [pid 5933] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [ 90.967895][ T5933] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 90.979079][ T5935] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 90.980323][ T5941] BTRFS info (device loop5): force clearing of disk cache [ 90.993156][ T5935] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 91.009779][ T5938] BTRFS info (device loop2): enabling ssd optimizations [pid 5933] pwrite64(4, "2", 1, 55022) = 1 [pid 5933] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 5935] <... mount resumed>) = 0 [pid 5933] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 5933] ftruncate(5, 43006 [pid 5935] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5935] chdir("./bus" [pid 5933] <... ftruncate resumed>) = 0 [pid 5933] exit_group(0 [pid 5935] <... chdir resumed>) = 0 [ 91.039145][ T5938] BTRFS info (device loop2): rebuilding free space tree [ 91.051573][ T5940] BTRFS info (device loop4): enabling ssd optimizations [ 91.062940][ T5941] BTRFS info (device loop5): turning on sync discard [ 91.074186][ T5940] BTRFS info (device loop4): rebuilding free space tree [ 91.081703][ T5938] BTRFS info (device loop2): disabling free space tree [pid 5935] ioctl(4, LOOP_CLR_FD) = 0 [pid 5935] close(4) = 0 [pid 5935] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5933] <... exit_group resumed>) = ? [pid 5935] pwrite64(4, "2", 1, 55022 [pid 5933] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5933, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=33 /* 0.33 s */} --- [pid 5068] umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5068] umount2("./8/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5935] <... pwrite64 resumed>) = 1 [pid 5935] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [ 91.088658][ T5938] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 91.090608][ T5941] BTRFS info (device loop5): disk space caching is enabled [ 91.122155][ T5938] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [pid 5935] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 5935] ftruncate(5, 43006) = 0 [pid 5935] exit_group(0) = ? [pid 5935] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5935, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=38 /* 0.38 s */} --- [pid 5065] umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] getdents64(3, [pid 5938] <... mount resumed>) = 0 [ 91.153117][ T5940] BTRFS info (device loop4): disabling free space tree [ 91.160038][ T5940] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [pid 5938] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5065] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5065] umount2("./9/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5938] chdir("./bus") = 0 [pid 5938] ioctl(4, LOOP_CLR_FD) = 0 [pid 5938] close(4) = 0 [pid 5938] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [ 91.210617][ T5940] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [pid 5938] pwrite64(4, "2", 1, 55022 [pid 5940] <... mount resumed>) = 0 [pid 5940] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5938] <... pwrite64 resumed>) = 1 [pid 5940] chdir("./bus" [pid 5938] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5940] <... chdir resumed>) = 0 [pid 5940] ioctl(4, LOOP_CLR_FD [pid 5938] <... openat resumed>) = 5 [pid 5940] <... ioctl resumed>) = 0 [pid 5940] close(4) = 0 [pid 5938] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5940] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5959] <... write resumed>) = 16777216 [pid 5940] <... open resumed>) = 4 [pid 5938] <... write resumed>) = 65191 [pid 5068] <... umount2 resumed>) = 0 [pid 5938] ftruncate(5, 43006 [pid 5068] umount2("./8/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5940] pwrite64(4, "2", 1, 55022 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] newfstatat(AT_FDCWD, "./8/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] umount2("./8/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5959] munmap(0x7f716ab16000, 138412032 [pid 5938] <... ftruncate resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./8/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5938] exit_group(0 [pid 5068] newfstatat(4, "", [pid 5938] <... exit_group resumed>) = ? [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5068] rmdir("./8/bus") = 0 [pid 5938] +++ exited with 0 +++ [pid 5068] umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5959] <... munmap resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5938, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=42 /* 0.42 s */} --- [pid 5068] newfstatat(AT_FDCWD, "./8/binderfs", [pid 5959] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5067] restart_syscall(<... resuming interrupted clone ...> [pid 5068] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5959] <... openat resumed>) = 4 [pid 5068] unlink("./8/binderfs" [pid 5067] <... restart_syscall resumed>) = 0 [ 91.277104][ T5941] BTRFS info (device loop5): enabling ssd optimizations [ 91.310324][ T5941] BTRFS info (device loop5): rebuilding free space tree [pid 5068] <... unlink resumed>) = 0 [pid 5068] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5067] umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] rmdir("./8" [pid 5959] ioctl(4, LOOP_SET_FD, 3 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5940] <... pwrite64 resumed>) = 1 [pid 5067] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5940] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5067] <... openat resumed>) = 3 [pid 5068] <... rmdir resumed>) = 0 [pid 5940] <... openat resumed>) = 5 [pid 5067] newfstatat(3, "", [pid 5068] mkdir("./9", 0777 [pid 5067] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] <... mkdir resumed>) = 0 [pid 5067] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5068] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5067] umount2("./9/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5940] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5068] <... openat resumed>) = 3 [pid 5940] <... write resumed>) = 65191 [pid 5068] ioctl(3, LOOP_CLR_FD) = 0 [pid 5940] ftruncate(5, 43006 [pid 5068] close(3 [pid 5940] <... ftruncate resumed>) = 0 [pid 5068] <... close resumed>) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5940] exit_group(0./strace-static-x86_64: Process 6038 attached [pid 5068] <... clone resumed>, child_tidptr=0x555556d0c650) = 6038 [pid 5940] <... exit_group resumed>) = ? [pid 6038] set_robust_list(0x555556d0c660, 24) = 0 [pid 5959] <... ioctl resumed>) = 0 [pid 5940] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5940, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=35 /* 0.35 s */} --- [ 91.342565][ T5959] loop1: detected capacity change from 0 to 32768 [pid 6038] chdir("./9" [pid 5069] umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6038] <... chdir resumed>) = 0 [pid 6038] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5959] close(3 [pid 6038] <... prctl resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5959] <... close resumed>) = 0 [pid 6038] setpgid(0, 0 [pid 5959] mkdir("./bus", 0777 [pid 6038] <... setpgid resumed>) = 0 [pid 5069] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6038] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5959] <... mkdir resumed>) = 0 [pid 5069] <... openat resumed>) = 3 [pid 6038] <... openat resumed>) = 3 [pid 5069] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6038] write(3, "1000", 4 [pid 5959] mount("/dev/loop1", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5069] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 6038] <... write resumed>) = 4 [pid 5069] umount2("./8/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6038] close(3) = 0 [pid 6038] symlink("/dev/binderfs", "./binderfs" [pid 5065] <... umount2 resumed>) = 0 [pid 5065] umount2("./9/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] newfstatat(AT_FDCWD, "./9/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] umount2("./9/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./9/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5065] close(4 [pid 6038] <... symlink resumed>) = 0 [pid 5065] <... close resumed>) = 0 [pid 6038] memfd_create("syzkaller", 0 [pid 5065] rmdir("./9/bus" [pid 6038] <... memfd_create resumed>) = 3 [pid 5065] <... rmdir resumed>) = 0 [pid 6038] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [ 91.384249][ T5941] BTRFS info (device loop5): disabling free space tree [ 91.406554][ T5959] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz-executor383 (5959) [ 91.420025][ T5941] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [pid 5065] umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] newfstatat(AT_FDCWD, "./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] unlink("./9/binderfs") = 0 [pid 5065] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 5065] rmdir("./9") = 0 [pid 5065] mkdir("./10", 0777) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = 0 [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d0c650) = 6039 ./strace-static-x86_64: Process 6039 attached [pid 6039] set_robust_list(0x555556d0c660, 24) = 0 [pid 6039] chdir("./10") = 0 [pid 6039] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6039] setpgid(0, 0) = 0 [pid 6039] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6039] write(3, "1000", 4) = 4 [pid 6039] close(3) = 0 [pid 6039] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6039] memfd_create("syzkaller", 0) = 3 [pid 6039] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 5067] <... umount2 resumed>) = 0 [ 91.482821][ T5941] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 91.483918][ T5959] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm [pid 5067] umount2("./9/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] newfstatat(AT_FDCWD, "./9/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5067] umount2("./9/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./9/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5067] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./9/bus") = 0 [pid 5067] umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] newfstatat(AT_FDCWD, "./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5941] <... mount resumed>) = 0 [pid 5941] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5941] chdir("./bus") = 0 [pid 5941] ioctl(4, LOOP_CLR_FD) = 0 [pid 5941] close(4) = 0 [pid 5941] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5941] pwrite64(4, "2", 1, 55022 [pid 5067] unlink("./9/binderfs") = 0 [pid 5067] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5941] <... pwrite64 resumed>) = 1 [pid 5941] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 5941] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 5941] ftruncate(5, 43006) = 0 [pid 5941] exit_group(0) = ? [pid 5941] +++ exited with 0 +++ [pid 5067] close(3) = 0 [pid 5067] rmdir("./9" [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5941, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=40 /* 0.40 s */} --- [pid 5067] <... rmdir resumed>) = 0 [pid 5070] umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 91.612664][ T5959] BTRFS info (device loop1): enabling auto defrag [ 91.619150][ T5959] BTRFS info (device loop1): enabling disk space caching [pid 5070] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] mkdir("./10", 0777 [pid 5070] newfstatat(3, "", [pid 5067] <... mkdir resumed>) = 0 [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5070] getdents64(3, [pid 5069] <... umount2 resumed>) = 0 [pid 5067] ioctl(3, LOOP_CLR_FD [pid 5069] umount2("./8/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... ioctl resumed>) = 0 [pid 5067] close(3) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5069] newfstatat(AT_FDCWD, "./8/bus", [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] umount2("./8/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... clone resumed>, child_tidptr=0x555556d0c650) = 6042 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 6042 attached [pid 5069] openat(AT_FDCWD, "./8/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6042] set_robust_list(0x555556d0c660, 24) = 0 [pid 5069] <... openat resumed>) = 4 [pid 5069] newfstatat(4, "", [pid 6042] chdir("./10" [pid 5070] umount2("./8/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [ 91.673687][ T5959] BTRFS info (device loop1): max_inline at 0 [ 91.680462][ T5959] BTRFS info (device loop1): force clearing of disk cache [pid 5069] getdents64(4, [pid 6042] <... chdir resumed>) = 0 [pid 5069] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 6042] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5069] rmdir("./8/bus" [pid 6042] setpgid(0, 0 [pid 5069] <... rmdir resumed>) = 0 [pid 6042] <... setpgid resumed>) = 0 [pid 6042] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5069] umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6042] <... openat resumed>) = 3 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] newfstatat(AT_FDCWD, "./8/binderfs", [pid 6042] write(3, "1000", 4) = 4 [pid 5069] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 91.737329][ T5959] BTRFS info (device loop1): turning on sync discard [pid 6042] close(3 [pid 5069] unlink("./8/binderfs" [pid 6042] <... close resumed>) = 0 [pid 5069] <... unlink resumed>) = 0 [pid 5069] getdents64(3, [pid 6042] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5069] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5069] close(3 [pid 6042] memfd_create("syzkaller", 0 [pid 5069] <... close resumed>) = 0 [pid 5069] rmdir("./8") = 0 [pid 5069] mkdir("./9", 0777 [pid 6042] <... memfd_create resumed>) = 3 [pid 5069] <... mkdir resumed>) = 0 [pid 6042] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 5069] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6038] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5069] <... openat resumed>) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = 0 [ 91.793657][ T5959] BTRFS info (device loop1): disk space caching is enabled [pid 5069] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d0c650) = 6046 ./strace-static-x86_64: Process 6046 attached [pid 6046] set_robust_list(0x555556d0c660, 24) = 0 [pid 6046] chdir("./9") = 0 [pid 6046] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6046] setpgid(0, 0) = 0 [pid 6046] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6046] write(3, "1000", 4) = 4 [pid 6046] close(3) = 0 [pid 6046] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6046] memfd_create("syzkaller", 0) = 3 [pid 6039] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5070] <... umount2 resumed>) = 0 [pid 6046] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 5070] umount2("./8/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] newfstatat(AT_FDCWD, "./8/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] umount2("./8/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] openat(AT_FDCWD, "./8/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5070] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5070] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5070] close(4) = 0 [pid 5070] rmdir("./8/bus") = 0 [pid 5070] umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6042] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5070] newfstatat(AT_FDCWD, "./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] unlink("./8/binderfs") = 0 [pid 5070] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5070] close(3) = 0 [pid 5070] rmdir("./8") = 0 [pid 5070] mkdir("./9", 0777) = 0 [pid 5070] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5070] ioctl(3, LOOP_CLR_FD) = 0 [pid 5070] close(3) = 0 [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6057 attached [pid 6057] set_robust_list(0x555556d0c660, 24) = 0 [pid 6057] chdir("./9") = 0 [pid 6057] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6046] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5070] <... clone resumed>, child_tidptr=0x555556d0c650) = 6057 [pid 6057] <... prctl resumed>) = 0 [pid 6057] setpgid(0, 0) = 0 [pid 6057] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6057] write(3, "1000", 4) = 4 [pid 6057] close(3) = 0 [pid 6057] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6057] memfd_create("syzkaller", 0) = 3 [pid 6057] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [ 92.291674][ T5959] BTRFS info (device loop1): enabling ssd optimizations [ 92.345824][ T5959] BTRFS info (device loop1): rebuilding free space tree [pid 6038] <... write resumed>) = 16777216 [pid 6038] munmap(0x7f716ab16000, 138412032 [pid 6042] <... write resumed>) = 16777216 [pid 6042] munmap(0x7f716ab16000, 138412032 [pid 6038] <... munmap resumed>) = 0 [pid 6042] <... munmap resumed>) = 0 [ 92.452718][ T5959] BTRFS info (device loop1): disabling free space tree [ 92.459667][ T5959] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [pid 6038] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6042] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6038] ioctl(4, LOOP_SET_FD, 3 [pid 6042] <... openat resumed>) = 4 [pid 6042] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6038] <... ioctl resumed>) = 0 [pid 6038] close(3) = 0 [pid 6038] mkdir("./bus", 0777) = 0 [ 92.519122][ T6038] loop3: detected capacity change from 0 to 32768 [ 92.550991][ T6042] loop2: detected capacity change from 0 to 32768 [pid 6038] mount("/dev/loop3", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 6042] close(3) = 0 [pid 6042] mkdir("./bus", 0777) = 0 [ 92.571661][ T5959] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 92.584741][ T6038] BTRFS: device /dev/loop3 using temp-fsid e163c8d5-2ff9-4ede-84fa-2ec6b1fa1820 [pid 6042] mount("/dev/loop2", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 6057] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5959] <... mount resumed>) = 0 [pid 5959] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5959] chdir("./bus") = 0 [pid 5959] ioctl(4, LOOP_CLR_FD) = 0 [pid 5959] close(4) = 0 [ 92.629703][ T6038] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz-executor383 (6038) [pid 5959] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5959] pwrite64(4, "2", 1, 55022) = 1 [pid 5959] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 5959] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 5959] ftruncate(5, 43006) = 0 [pid 5959] exit_group(0) = ? [pid 5959] +++ exited with 0 +++ [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5959, si_uid=0, si_status=0, si_utime=0, si_stime=35 /* 0.35 s */} --- [pid 5066] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5066] umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5066] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 92.722550][ T6042] BTRFS: device /dev/loop2 using temp-fsid 503df94e-251d-4ffd-9fff-f96183b71e9a [ 92.738192][ T6038] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm [pid 5066] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [ 92.778694][ T6038] BTRFS info (device loop3): enabling auto defrag [ 92.780263][ T6042] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz-executor383 (6042) [ 92.816011][ T6038] BTRFS info (device loop3): enabling disk space caching [ 92.842405][ T6038] BTRFS info (device loop3): max_inline at 0 [ 92.848494][ T6038] BTRFS info (device loop3): force clearing of disk cache [ 92.880661][ T6042] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm [pid 5066] umount2("./9/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6039] <... write resumed>) = 16777216 [ 92.889124][ T6042] BTRFS info (device loop2): enabling auto defrag [ 92.901058][ T6038] BTRFS info (device loop3): turning on sync discard [pid 6039] munmap(0x7f716ab16000, 138412032 [pid 6046] <... write resumed>) = 16777216 [pid 6039] <... munmap resumed>) = 0 [pid 6046] munmap(0x7f716ab16000, 138412032 [pid 6039] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6046] <... munmap resumed>) = 0 [pid 6039] <... openat resumed>) = 4 [ 92.937818][ T6038] BTRFS info (device loop3): disk space caching is enabled [ 92.953882][ T6042] BTRFS info (device loop2): enabling disk space caching [ 92.963382][ T6039] loop0: detected capacity change from 0 to 32768 [pid 6039] ioctl(4, LOOP_SET_FD, 3 [pid 6046] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6039] <... ioctl resumed>) = 0 [pid 6039] close(3) = 0 [pid 6039] mkdir("./bus", 0777) = 0 [pid 6046] ioctl(4, LOOP_SET_FD, 3 [pid 6039] mount("/dev/loop0", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 6046] <... ioctl resumed>) = 0 [pid 6046] close(3) = 0 [pid 6046] mkdir("./bus", 0777) = 0 [pid 6046] mount("/dev/loop4", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5066] <... umount2 resumed>) = 0 [pid 5066] umount2("./9/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] newfstatat(AT_FDCWD, "./9/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] umount2("./9/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./9/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5066] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [ 92.982767][ T6042] BTRFS info (device loop2): max_inline at 0 [ 92.997445][ T6046] loop4: detected capacity change from 0 to 32768 [ 93.006507][ T6039] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz-executor383 (6039) [ 93.022822][ T6042] BTRFS info (device loop2): force clearing of disk cache [ 93.029946][ T6042] BTRFS info (device loop2): turning on sync discard [pid 5066] rmdir("./9/bus") = 0 [pid 5066] umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] newfstatat(AT_FDCWD, "./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] unlink("./9/binderfs") = 0 [pid 5066] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./9") = 0 [pid 5066] mkdir("./10", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = 0 [pid 5066] close(3) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6079 attached [pid 6079] set_robust_list(0x555556d0c660, 24) = 0 [pid 6079] chdir("./10") = 0 [pid 6079] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6079] setpgid(0, 0) = 0 [pid 6079] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 93.089420][ T6046] BTRFS: device /dev/loop4 using temp-fsid 9a9d380e-4d78-4cc3-a0db-99730e3e8967 [ 93.091329][ T6042] BTRFS info (device loop2): disk space caching is enabled [ 93.109113][ T6046] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz-executor383 (6046) [ 93.124038][ T6039] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm [pid 6079] write(3, "1000", 4) = 4 [pid 5066] <... clone resumed>, child_tidptr=0x555556d0c650) = 6079 [pid 6079] close(3) = 0 [pid 6079] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6079] memfd_create("syzkaller", 0) = 3 [pid 6079] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [ 93.170621][ T6039] BTRFS info (device loop0): enabling auto defrag [ 93.177815][ T6039] BTRFS info (device loop0): enabling disk space caching [ 93.188982][ T6039] BTRFS info (device loop0): max_inline at 0 [ 93.195591][ T6039] BTRFS info (device loop0): force clearing of disk cache [ 93.202891][ T6039] BTRFS info (device loop0): turning on sync discard [ 93.209595][ T6039] BTRFS info (device loop0): disk space caching is enabled [pid 6057] <... write resumed>) = 16777216 [pid 6057] munmap(0x7f716ab16000, 138412032) = 0 [pid 6057] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [ 93.244050][ T6046] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm [ 93.255632][ T6038] BTRFS info (device loop3): enabling ssd optimizations [ 93.271425][ T6038] BTRFS info (device loop3): rebuilding free space tree [ 93.280620][ T6046] BTRFS info (device loop4): enabling auto defrag [pid 6057] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6057] close(3) = 0 [ 93.287580][ T6046] BTRFS info (device loop4): enabling disk space caching [ 93.296166][ T6046] BTRFS info (device loop4): max_inline at 0 [ 93.302354][ T6057] loop5: detected capacity change from 0 to 32768 [ 93.303639][ T6046] BTRFS info (device loop4): force clearing of disk cache [pid 6057] mkdir("./bus", 0777) = 0 [pid 6057] mount("/dev/loop5", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 6038] <... mount resumed>) = 0 [pid 6038] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6038] chdir("./bus") = 0 [pid 6038] ioctl(4, LOOP_CLR_FD) = 0 [pid 6038] close(4) = 0 [pid 6038] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6038] pwrite64(4, "2", 1, 55022) = 1 [pid 6038] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [ 93.359843][ T6057] BTRFS: device /dev/loop5 using temp-fsid 31f33fa0-c66c-4de2-b848-185a396e4e51 [pid 6079] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6038] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 6038] ftruncate(5, 43006) = 0 [pid 6038] exit_group(0) = ? [pid 6038] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6038, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=29 /* 0.29 s */} --- [pid 5068] restart_syscall(<... resuming interrupted clone ...>) = 0 [ 93.421092][ T6057] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 scanned by syz-executor383 (6057) [pid 5068] umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 6042] <... mount resumed>) = 0 [pid 5068] umount2("./9/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6042] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6042] chdir("./bus") = 0 [pid 6042] ioctl(4, LOOP_CLR_FD) = 0 [pid 6042] close(4) = 0 [pid 6042] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6042] pwrite64(4, "2", 1, 55022) = 1 [pid 6042] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 6042] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 6042] ftruncate(5, 43006) = 0 [pid 6042] exit_group(0 [pid 6039] <... mount resumed>) = 0 [pid 6039] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6039] chdir("./bus") = 0 [pid 6039] ioctl(4, LOOP_CLR_FD) = 0 [pid 6039] close(4) = 0 [pid 6039] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6042] <... exit_group resumed>) = ? [pid 6039] pwrite64(4, "2", 1, 55022 [pid 6042] +++ exited with 0 +++ [pid 6046] <... mount resumed>) = 0 [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6042, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=31 /* 0.31 s */} --- [pid 6046] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 6079] <... write resumed>) = 16777216 [pid 6046] <... openat resumed>) = 3 [pid 5067] umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6079] munmap(0x7f716ab16000, 138412032 [pid 6046] chdir("./bus" [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6046] <... chdir resumed>) = 0 [pid 5067] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6046] ioctl(4, LOOP_CLR_FD [pid 5067] <... openat resumed>) = 3 [pid 6046] <... ioctl resumed>) = 0 [pid 5067] newfstatat(3, "", [pid 6046] close(4 [pid 5067] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6046] <... close resumed>) = 0 [pid 5067] getdents64(3, [pid 6046] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 6046] <... open resumed>) = 4 [pid 6039] <... pwrite64 resumed>) = 1 [pid 5067] umount2("./10/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6039] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 6039] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 6079] <... munmap resumed>) = 0 [pid 6079] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6046] pwrite64(4, "2", 1, 55022 [pid 6079] <... openat resumed>) = 4 [pid 6039] ftruncate(5, 43006 [pid 6079] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6079] close(3) = 0 [pid 6039] <... ftruncate resumed>) = 0 [pid 6079] mkdir("./bus", 0777 [pid 6046] <... pwrite64 resumed>) = 1 [pid 6039] exit_group(0) = ? [pid 6079] <... mkdir resumed>) = 0 [pid 6046] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 6039] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6039, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=33 /* 0.33 s */} --- [pid 6046] <... openat resumed>) = 5 [ 93.721123][ T6079] loop1: detected capacity change from 0 to 32768 [pid 5065] umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6079] mount("/dev/loop1", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 6046] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6046] <... write resumed>) = 65191 [pid 5065] <... openat resumed>) = 3 [pid 5065] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] getdents64(3, [pid 6046] ftruncate(5, 43006 [pid 5065] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5065] umount2("./10/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6046] <... ftruncate resumed>) = 0 [pid 6046] exit_group(0) = ? [pid 6046] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6046, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=32 /* 0.32 s */} --- [pid 5069] umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] <... umount2 resumed>) = 0 [ 93.763110][ T6079] BTRFS: device /dev/loop1 using temp-fsid bd90bd8b-528c-40cd-a812-6523391104b1 [pid 5069] <... openat resumed>) = 3 [pid 5068] umount2("./9/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] newfstatat(AT_FDCWD, "./9/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] umount2("./9/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./9/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5068] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5068] rmdir("./9/bus") = 0 [pid 5068] umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] newfstatat(AT_FDCWD, "./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] unlink("./9/binderfs") = 0 [pid 5068] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5068] rmdir("./9") = 0 [pid 5068] mkdir("./10", 0777 [pid 5069] newfstatat(3, "", [pid 5068] <... mkdir resumed>) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6057] <... mount resumed>) = 0 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6057] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6057] chdir("./bus") = 0 [pid 6057] ioctl(4, LOOP_CLR_FD) = 0 [pid 6057] close(4) = 0 [pid 5069] getdents64(3, [pid 6057] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5068] <... openat resumed>) = 3 [pid 5069] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5069] umount2("./9/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6057] pwrite64(4, "2", 1, 55022 [pid 5068] ioctl(3, LOOP_CLR_FD) = 0 [ 93.840436][ T6079] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz-executor383 (6079) [pid 5068] close(3) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d0c650) = 6146 ./strace-static-x86_64: Process 6146 attached [pid 6146] set_robust_list(0x555556d0c660, 24) = 0 [pid 6146] chdir("./10") = 0 [pid 6146] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6146] setpgid(0, 0) = 0 [pid 6146] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6146] write(3, "1000", 4 [pid 6057] <... pwrite64 resumed>) = 1 [pid 6057] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 6146] <... write resumed>) = 4 [pid 6146] close(3) = 0 [pid 6146] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6057] <... openat resumed>) = 5 [pid 6146] memfd_create("syzkaller", 0) = 3 [pid 6146] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 6057] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 6057] ftruncate(5, 43006) = 0 [pid 6057] exit_group(0) = ? [pid 6057] +++ exited with 0 +++ [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6057, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=22 /* 0.22 s */} --- [pid 5070] umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5070] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5070] umount2("./9/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6146] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5065] <... umount2 resumed>) = 0 [pid 5065] umount2("./10/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... umount2 resumed>) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] newfstatat(AT_FDCWD, "./10/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] umount2("./10/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./10/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5069] umount2("./9/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] getdents64(4, [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5069] newfstatat(AT_FDCWD, "./9/bus", [pid 5065] close(4 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] <... close resumed>) = 0 [pid 5069] umount2("./9/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] rmdir("./10/bus" [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... rmdir resumed>) = 0 [pid 5069] openat(AT_FDCWD, "./9/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] <... openat resumed>) = 4 [pid 5065] newfstatat(AT_FDCWD, "./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] unlink("./10/binderfs" [pid 5069] newfstatat(4, "", [pid 5065] <... unlink resumed>) = 0 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] getdents64(3, [pid 5069] getdents64(4, [pid 5065] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5069] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5065] close(3 [pid 5069] getdents64(4, [pid 5065] <... close resumed>) = 0 [pid 5069] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5065] rmdir("./10" [pid 5069] close(4 [pid 5065] <... rmdir resumed>) = 0 [pid 5069] <... close resumed>) = 0 [pid 5065] mkdir("./11", 0777) = 0 [pid 5069] rmdir("./9/bus") = 0 [pid 5069] umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... openat resumed>) = 3 [pid 5069] newfstatat(AT_FDCWD, "./9/binderfs", [pid 5065] ioctl(3, LOOP_CLR_FD [pid 5069] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] <... ioctl resumed>) = 0 [pid 5069] unlink("./9/binderfs" [pid 5065] close(3 [pid 5069] <... unlink resumed>) = 0 [pid 5065] <... close resumed>) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5069] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5065] <... clone resumed>, child_tidptr=0x555556d0c650) = 6163 [pid 5069] close(3) = 0 [pid 5069] rmdir("./9"./strace-static-x86_64: Process 6163 attached ) = 0 [pid 6163] set_robust_list(0x555556d0c660, 24 [pid 5069] mkdir("./10", 0777) = 0 [pid 6163] <... set_robust_list resumed>) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6163] chdir("./11" [pid 5069] <... openat resumed>) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5069] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6165 attached [pid 6165] set_robust_list(0x555556d0c660, 24 [pid 6163] <... chdir resumed>) = 0 [pid 6163] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6163] setpgid(0, 0 [pid 5069] <... clone resumed>, child_tidptr=0x555556d0c650) = 6165 [pid 6163] <... setpgid resumed>) = 0 [pid 6163] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6165] <... set_robust_list resumed>) = 0 [pid 6163] write(3, "1000", 4) = 4 [pid 6163] close(3 [pid 6165] chdir("./10" [pid 6163] <... close resumed>) = 0 [pid 6165] <... chdir resumed>) = 0 [pid 6165] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6165] setpgid(0, 0) = 0 [pid 6163] symlink("/dev/binderfs", "./binderfs" [pid 6165] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6163] <... symlink resumed>) = 0 [pid 6163] memfd_create("syzkaller", 0 [pid 6165] <... openat resumed>) = 3 [pid 6163] <... memfd_create resumed>) = 3 [pid 6165] write(3, "1000", 4) = 4 [pid 6165] close(3) = 0 [pid 6163] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6165] symlink("/dev/binderfs", "./binderfs" [pid 6163] <... mmap resumed>) = 0x7f716ab16000 [pid 6165] <... symlink resumed>) = 0 [pid 6165] memfd_create("syzkaller", 0) = 3 [pid 6165] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 5070] <... umount2 resumed>) = 0 [pid 5070] umount2("./9/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] newfstatat(AT_FDCWD, "./9/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] umount2("./9/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] openat(AT_FDCWD, "./9/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5070] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5070] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5070] close(4) = 0 [pid 5070] rmdir("./9/bus") = 0 [pid 5070] umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] newfstatat(AT_FDCWD, "./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] unlink("./9/binderfs") = 0 [pid 6079] <... mount resumed>) = 0 [pid 6079] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5070] getdents64(3, [pid 6079] chdir("./bus" [pid 5070] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5070] close(3) = 0 [pid 5070] rmdir("./9") = 0 [pid 6079] <... chdir resumed>) = 0 [pid 6079] ioctl(4, LOOP_CLR_FD) = 0 [pid 5070] mkdir("./10", 0777 [pid 6079] close(4 [pid 5070] <... mkdir resumed>) = 0 [pid 6079] <... close resumed>) = 0 [pid 6079] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5070] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5070] ioctl(3, LOOP_CLR_FD [pid 6079] <... open resumed>) = 4 [pid 5070] <... ioctl resumed>) = 0 [pid 5070] close(3) = 0 [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6079] pwrite64(4, "2", 1, 55022 [pid 5070] <... clone resumed>, child_tidptr=0x555556d0c650) = 6167 ./strace-static-x86_64: Process 6167 attached [pid 6167] set_robust_list(0x555556d0c660, 24) = 0 [pid 6167] chdir("./10") = 0 [pid 6167] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6167] setpgid(0, 0) = 0 [pid 6167] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6167] write(3, "1000", 4) = 4 [pid 6167] close(3) = 0 [pid 6167] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6167] memfd_create("syzkaller", 0) = 3 [pid 6167] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 6079] <... pwrite64 resumed>) = 1 [pid 6079] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 6079] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 6079] ftruncate(5, 43006) = 0 [pid 6079] exit_group(0) = ? [pid 6079] +++ exited with 0 +++ [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6079, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=21 /* 0.21 s */} --- [pid 5066] umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5066] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5066] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5066] umount2("./10/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... umount2 resumed>) = 0 [pid 5067] umount2("./10/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] newfstatat(AT_FDCWD, "./10/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5067] umount2("./10/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./10/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6163] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5067] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5067] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./10/bus") = 0 [pid 5067] umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] newfstatat(AT_FDCWD, "./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5067] unlink("./10/binderfs") = 0 [pid 5067] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./10") = 0 [pid 5067] mkdir("./11", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] close(3 [pid 6165] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5067] <... close resumed>) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6168 attached , child_tidptr=0x555556d0c650) = 6168 [pid 6168] set_robust_list(0x555556d0c660, 24) = 0 [pid 6168] chdir("./11") = 0 [pid 6168] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6168] setpgid(0, 0) = 0 [pid 6168] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6168] write(3, "1000", 4) = 4 [pid 6168] close(3) = 0 [pid 6168] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6168] memfd_create("syzkaller", 0) = 3 [pid 6168] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 6167] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5066] <... umount2 resumed>) = 0 [pid 5066] umount2("./10/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] newfstatat(AT_FDCWD, "./10/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] umount2("./10/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./10/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6146] <... write resumed>) = 16777216 [pid 5066] <... openat resumed>) = 4 [pid 5066] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5066] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 5066] rmdir("./10/bus") = 0 [pid 5066] umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] newfstatat(AT_FDCWD, "./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] unlink("./10/binderfs") = 0 [pid 5066] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./10") = 0 [pid 5066] mkdir("./11", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = 0 [pid 5066] close(3) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d0c650) = 6169 ./strace-static-x86_64: Process 6169 attached [pid 6146] munmap(0x7f716ab16000, 138412032 [pid 6169] set_robust_list(0x555556d0c660, 24) = 0 [pid 6169] chdir("./11") = 0 [pid 6146] <... munmap resumed>) = 0 [pid 6169] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6146] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6169] <... prctl resumed>) = 0 [pid 6169] setpgid(0, 0 [pid 6146] <... openat resumed>) = 4 [pid 6169] <... setpgid resumed>) = 0 [pid 6146] ioctl(4, LOOP_SET_FD, 3 [pid 6169] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6169] write(3, "1000", 4) = 4 [pid 6169] close(3) = 0 [pid 6169] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6146] <... ioctl resumed>) = 0 [pid 6146] close(3) = 0 [pid 6169] memfd_create("syzkaller", 0 [pid 6146] mkdir("./bus", 0777 [pid 6169] <... memfd_create resumed>) = 3 [pid 6146] <... mkdir resumed>) = 0 [ 95.101818][ T6146] loop3: detected capacity change from 0 to 32768 [pid 6169] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6146] mount("/dev/loop3", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 6169] <... mmap resumed>) = 0x7f716ab16000 [ 95.157973][ T6146] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz-executor383 (6146) [pid 6168] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6165] <... write resumed>) = 16777216 [pid 6163] <... write resumed>) = 16777216 [pid 6167] <... write resumed>) = 16777216 [pid 6167] munmap(0x7f716ab16000, 138412032 [pid 6169] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6165] munmap(0x7f716ab16000, 138412032 [pid 6167] <... munmap resumed>) = 0 [pid 6165] <... munmap resumed>) = 0 [pid 6163] munmap(0x7f716ab16000, 138412032 [pid 6167] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 6163] <... munmap resumed>) = 0 [pid 6167] <... openat resumed>) = 4 [pid 6167] ioctl(4, LOOP_SET_FD, 3 [pid 6165] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6165] ioctl(4, LOOP_SET_FD, 3 [pid 6163] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6165] <... ioctl resumed>) = 0 [pid 6163] <... openat resumed>) = 4 [pid 6163] ioctl(4, LOOP_SET_FD, 3 [pid 6167] <... ioctl resumed>) = 0 [pid 6167] close(3) = 0 [pid 6167] mkdir("./bus", 0777) = 0 [ 95.437735][ T6167] loop5: detected capacity change from 0 to 32768 [ 95.461011][ T6165] loop4: detected capacity change from 0 to 32768 [ 95.469869][ T6163] loop0: detected capacity change from 0 to 32768 [pid 6167] mount("/dev/loop5", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 6165] close(3) = 0 [pid 6163] <... ioctl resumed>) = 0 [pid 6163] close(3) = 0 [pid 6163] mkdir("./bus", 0777) = 0 [pid 6165] mkdir("./bus", 0777 [pid 6163] mount("/dev/loop0", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 6165] <... mkdir resumed>) = 0 [ 95.496205][ T6167] BTRFS: device /dev/loop5 using temp-fsid 723fb3e7-69c1-4809-88bd-7d1211ad6168 [ 95.511300][ T6146] _btrfs_printk: 51 callbacks suppressed [ 95.511312][ T6146] BTRFS info (device loop3): enabling ssd optimizations [ 95.536293][ T6146] BTRFS info (device loop3): rebuilding free space tree [ 95.540125][ T6167] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 scanned by syz-executor383 (6167) [ 95.580566][ T6146] BTRFS info (device loop3): disabling free space tree [pid 6165] mount("/dev/loop4", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 6168] <... write resumed>) = 16777216 [ 95.587652][ T6146] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 95.610587][ T6146] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 95.633937][ T6167] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm [pid 6168] munmap(0x7f716ab16000, 138412032) = 0 [pid 6168] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 95.635001][ T6163] BTRFS: device /dev/loop0 using temp-fsid d2f06c6c-c63e-4395-a503-92ef9b8dc04c [ 95.650564][ T6167] BTRFS info (device loop5): enabling auto defrag [ 95.657964][ T6163] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz-executor383 (6163) [ 95.670575][ T6167] BTRFS info (device loop5): enabling disk space caching [ 95.679387][ T6167] BTRFS info (device loop5): max_inline at 0 [ 95.686630][ T6168] loop2: detected capacity change from 0 to 32768 [pid 6168] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6168] close(3) = 0 [pid 6168] mkdir("./bus", 0777 [pid 6146] <... mount resumed>) = 0 [pid 6146] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6168] <... mkdir resumed>) = 0 [ 95.693602][ T6167] BTRFS info (device loop5): force clearing of disk cache [ 95.698788][ T6163] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm [ 95.701413][ T6167] BTRFS info (device loop5): turning on sync discard [ 95.710261][ T6163] BTRFS info (device loop0): enabling auto defrag [ 95.716578][ T6165] BTRFS: device /dev/loop4 using temp-fsid 87eb2e9b-ad9b-48c6-8191-c8efbf1111c1 [ 95.733072][ T6165] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz-executor383 (6165) [pid 6146] chdir("./bus") = 0 [pid 6168] mount("/dev/loop2", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 6146] ioctl(4, LOOP_CLR_FD) = 0 [pid 6146] close(4) = 0 [ 95.747286][ T6167] BTRFS info (device loop5): disk space caching is enabled [ 95.760752][ T6168] BTRFS: device /dev/loop2 using temp-fsid a638aaa6-0851-4af8-a74a-3a771e2d9957 [ 95.769834][ T6168] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz-executor383 (6168) [ 95.783907][ T6165] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm [ 95.785480][ T6163] BTRFS info (device loop0): enabling disk space caching [pid 6146] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [ 95.799442][ T6163] BTRFS info (device loop0): max_inline at 0 [ 95.810112][ T6165] BTRFS info (device loop4): enabling auto defrag [ 95.811567][ T6163] BTRFS info (device loop0): force clearing of disk cache [ 95.834087][ T6165] BTRFS info (device loop4): enabling disk space caching [ 95.840696][ T6168] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm [pid 6146] pwrite64(4, "2", 1, 55022) = 1 [pid 6146] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [ 95.849580][ T6168] BTRFS info (device loop2): enabling auto defrag [ 95.854305][ T6163] BTRFS info (device loop0): turning on sync discard [ 95.856619][ T6168] BTRFS info (device loop2): enabling disk space caching [ 95.870553][ T6168] BTRFS info (device loop2): max_inline at 0 [ 95.877124][ T6168] BTRFS info (device loop2): force clearing of disk cache [ 95.881203][ T6165] BTRFS info (device loop4): max_inline at 0 [ 95.884960][ T6168] BTRFS info (device loop2): turning on sync discard [pid 6146] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 6146] ftruncate(5, 43006) = 0 [ 95.897429][ T6168] BTRFS info (device loop2): disk space caching is enabled [ 95.905606][ T6163] BTRFS info (device loop0): disk space caching is enabled [ 95.906808][ T6165] BTRFS info (device loop4): force clearing of disk cache [ 95.932955][ T6167] BTRFS info (device loop5): enabling ssd optimizations [ 95.940601][ T6165] BTRFS info (device loop4): turning on sync discard [pid 6146] exit_group(0) = ? [pid 6169] <... write resumed>) = 16777216 [pid 6146] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6146, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=27 /* 0.27 s */} --- [pid 5068] umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6169] munmap(0x7f716ab16000, 138412032 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6169] <... munmap resumed>) = 0 [pid 5068] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [ 95.947309][ T6165] BTRFS info (device loop4): disk space caching is enabled [ 95.965992][ T6167] BTRFS info (device loop5): rebuilding free space tree [ 95.988897][ T6167] BTRFS info (device loop5): disabling free space tree [pid 5068] umount2("./10/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6169] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6169] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6167] <... mount resumed>) = 0 [pid 6167] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6167] chdir("./bus") = 0 [pid 6167] ioctl(4, LOOP_CLR_FD) = 0 [pid 6167] close(4) = 0 [ 95.996620][ T6167] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 96.007422][ T6167] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 96.008323][ T6163] BTRFS info (device loop0): enabling ssd optimizations [ 96.030115][ T6169] loop1: detected capacity change from 0 to 32768 [ 96.039173][ T6163] BTRFS info (device loop0): rebuilding free space tree [pid 6167] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6169] close(3) = 0 [pid 6169] mkdir("./bus", 0777) = 0 [pid 6167] pwrite64(4, "2", 1, 55022 [ 96.070677][ T6168] BTRFS info (device loop2): enabling ssd optimizations [ 96.072702][ T6165] BTRFS info (device loop4): enabling ssd optimizations [ 96.085709][ T6169] BTRFS: device /dev/loop1 using temp-fsid aed7b62d-dd9a-41f1-82c3-4ede141370a6 [ 96.089293][ T6165] BTRFS info (device loop4): rebuilding free space tree [ 96.095084][ T6169] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz-executor383 (6169) [pid 6169] mount("/dev/loop1", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 6167] <... pwrite64 resumed>) = 1 [pid 6167] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 6167] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 6167] ftruncate(5, 43006) = 0 [pid 6167] exit_group(0) = ? [pid 6167] +++ exited with 0 +++ [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6167, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=36 /* 0.36 s */} --- [pid 5070] umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5070] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [ 96.123965][ T6163] BTRFS info (device loop0): disabling free space tree [ 96.141335][ T6168] BTRFS info (device loop2): rebuilding free space tree [ 96.175464][ T6168] BTRFS info (device loop2): disabling free space tree [ 96.186727][ T6169] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm [ 96.190911][ T6168] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 96.199778][ T6163] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 96.233527][ T6169] BTRFS info (device loop1): enabling auto defrag [ 96.235571][ T6165] BTRFS info (device loop4): disabling free space tree [ 96.243253][ T6169] BTRFS info (device loop1): enabling disk space caching [ 96.260024][ T6168] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 96.260332][ T6163] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [pid 5070] umount2("./10/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6165] <... mount resumed>) = 0 [pid 6165] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 6168] <... mount resumed>) = 0 [pid 6168] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6165] <... openat resumed>) = 3 [pid 6168] chdir("./bus") = 0 [pid 6168] ioctl(4, LOOP_CLR_FD) = 0 [pid 6168] close(4) = 0 [ 96.282668][ T6169] BTRFS info (device loop1): max_inline at 0 [ 96.289856][ T6165] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 96.305638][ T6165] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 96.308804][ T6169] BTRFS info (device loop1): force clearing of disk cache [pid 6168] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6165] chdir("./bus" [pid 5070] <... umount2 resumed>) = 0 [pid 6165] <... chdir resumed>) = 0 [pid 6165] ioctl(4, LOOP_CLR_FD [pid 5070] umount2("./10/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6165] <... ioctl resumed>) = 0 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6168] pwrite64(4, "2", 1, 55022 [pid 5070] newfstatat(AT_FDCWD, "./10/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] umount2("./10/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] openat(AT_FDCWD, "./10/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5070] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 6165] close(4 [pid 6168] <... pwrite64 resumed>) = 1 [pid 6165] <... close resumed>) = 0 [pid 5070] getdents64(4, [pid 6165] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5070] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5070] close(4) = 0 [pid 5070] rmdir("./10/bus" [pid 6165] <... open resumed>) = 4 [pid 5070] <... rmdir resumed>) = 0 [pid 5070] umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6165] pwrite64(4, "2", 1, 55022 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6168] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5070] newfstatat(AT_FDCWD, "./10/binderfs", [pid 6168] <... openat resumed>) = 5 [pid 5070] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] unlink("./10/binderfs") = 0 [pid 6168] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5070] getdents64(3, [pid 6168] <... write resumed>) = 65191 [pid 5070] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5070] close(3 [pid 6168] ftruncate(5, 43006 [pid 5070] <... close resumed>) = 0 [pid 5070] rmdir("./10" [pid 6165] <... pwrite64 resumed>) = 1 [pid 5070] <... rmdir resumed>) = 0 [pid 6168] <... ftruncate resumed>) = 0 [pid 6165] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 5070] mkdir("./11", 0777) = 0 [pid 6168] exit_group(0 [pid 6165] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5070] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5070] ioctl(3, LOOP_CLR_FD) = 0 [pid 5070] close(3 [pid 6168] <... exit_group resumed>) = ? [pid 6165] <... write resumed>) = 65191 [pid 5070] <... close resumed>) = 0 [pid 6168] +++ exited with 0 +++ [pid 6165] ftruncate(5, 43006 [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d0c650) = 6248 [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6168, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=31 /* 0.31 s */} --- ./strace-static-x86_64: Process 6248 attached [pid 5067] umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6248] set_robust_list(0x555556d0c660, 24 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6248] <... set_robust_list resumed>) = 0 [pid 6248] chdir("./11") = 0 [pid 5067] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6248] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5067] <... openat resumed>) = 3 [pid 6248] <... prctl resumed>) = 0 [pid 6248] setpgid(0, 0 [pid 5067] newfstatat(3, "", [pid 6248] <... setpgid resumed>) = 0 [pid 5067] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6248] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6165] <... ftruncate resumed>) = 0 [pid 5067] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5067] umount2("./11/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6248] <... openat resumed>) = 3 [pid 6165] exit_group(0 [pid 6163] <... mount resumed>) = 0 [pid 6165] <... exit_group resumed>) = ? [pid 6163] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6163] chdir("./bus") = 0 [pid 6163] ioctl(4, LOOP_CLR_FD [pid 6248] write(3, "1000", 4 [pid 6165] +++ exited with 0 +++ [pid 6163] <... ioctl resumed>) = 0 [pid 6248] <... write resumed>) = 4 [pid 6163] close(4 [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6165, si_uid=0, si_status=0, si_utime=7 /* 0.07 s */, si_stime=30 /* 0.30 s */} --- [pid 5069] umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6248] close(3 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6248] <... close resumed>) = 0 [pid 5069] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6248] symlink("/dev/binderfs", "./binderfs" [pid 5069] <... openat resumed>) = 3 [ 96.393892][ T6169] BTRFS info (device loop1): turning on sync discard [ 96.427917][ T6169] BTRFS info (device loop1): disk space caching is enabled [pid 6248] <... symlink resumed>) = 0 [pid 5069] newfstatat(3, "", [pid 6248] memfd_create("syzkaller", 0) = 3 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6248] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5069] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5069] umount2("./10/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6248] <... mmap resumed>) = 0x7f716ab16000 [pid 6163] <... close resumed>) = 0 [pid 6163] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6163] pwrite64(4, "2", 1, 55022) = 1 [pid 6163] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 6163] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 6163] ftruncate(5, 43006) = 0 [pid 6163] exit_group(0) = ? [pid 6163] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6163, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=50 /* 0.50 s */} --- [pid 5065] umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [ 96.640929][ T6169] BTRFS info (device loop1): enabling ssd optimizations [ 96.654558][ T6169] BTRFS info (device loop1): rebuilding free space tree [ 96.685560][ T6169] BTRFS info (device loop1): disabling free space tree [ 96.730878][ T6169] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [pid 5065] umount2("./11/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... umount2 resumed>) = 0 [pid 5069] <... umount2 resumed>) = 0 [pid 5067] umount2("./11/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] newfstatat(AT_FDCWD, "./11/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5067] umount2("./11/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] umount2("./10/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./11/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] newfstatat(AT_FDCWD, "./10/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5067] <... openat resumed>) = 4 [pid 5069] umount2("./10/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] newfstatat(4, "", [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] openat(AT_FDCWD, "./10/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [ 96.771358][ T6169] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [pid 5067] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5069] <... openat resumed>) = 4 [pid 5069] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5067] getdents64(4, [pid 5068] <... umount2 resumed>) = 0 [pid 5069] getdents64(4, [pid 5067] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5065] <... umount2 resumed>) = 0 [pid 5069] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5067] close(4 [pid 5068] umount2("./10/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] newfstatat(AT_FDCWD, "./10/bus", [pid 5069] getdents64(4, [pid 5067] <... close resumed>) = 0 [pid 5069] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5067] rmdir("./11/bus" [pid 5069] close(4 [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] umount2("./10/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./10/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5067] <... rmdir resumed>) = 0 [pid 5069] <... close resumed>) = 0 [pid 5069] rmdir("./10/bus" [pid 5068] <... openat resumed>) = 4 [pid 5067] umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] getdents64(4, [pid 5069] <... rmdir resumed>) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] newfstatat(AT_FDCWD, "./11/binderfs", [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] newfstatat(AT_FDCWD, "./10/binderfs", [pid 5068] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5067] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] umount2("./11/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] unlink("./10/binderfs" [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] getdents64(4, [pid 5065] newfstatat(AT_FDCWD, "./11/bus", [pid 5069] <... unlink resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] close(4 [pid 5065] umount2("./11/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... close resumed>) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] rmdir("./10/bus" [pid 5065] openat(AT_FDCWD, "./11/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] getdents64(3, [pid 5067] unlink("./11/binderfs" [pid 5069] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5068] <... rmdir resumed>) = 0 [pid 5067] <... unlink resumed>) = 0 [pid 5065] <... openat resumed>) = 4 [pid 5069] close(3 [pid 5067] getdents64(3, [pid 5068] umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] newfstatat(4, "", [pid 5069] <... close resumed>) = 0 [pid 5067] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5069] rmdir("./10" [pid 5067] close(3 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] <... close resumed>) = 0 [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] newfstatat(AT_FDCWD, "./10/binderfs", [pid 5065] getdents64(4, [pid 5069] <... rmdir resumed>) = 0 [pid 5068] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5067] rmdir("./11" [pid 5065] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5069] mkdir("./11", 0777 [pid 5068] unlink("./10/binderfs" [pid 5065] getdents64(4, [pid 5068] <... unlink resumed>) = 0 [pid 5067] <... rmdir resumed>) = 0 [pid 5065] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5068] getdents64(3, [pid 5065] close(4 [pid 6248] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6169] <... mount resumed>) = 0 [pid 5069] <... mkdir resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5067] mkdir("./12", 0777 [pid 5065] <... close resumed>) = 0 [pid 5065] rmdir("./11/bus" [pid 5069] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5065] <... rmdir resumed>) = 0 [pid 5068] close(3 [pid 5069] <... openat resumed>) = 3 [pid 5068] <... close resumed>) = 0 [pid 5068] rmdir("./10" [pid 6169] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5068] <... rmdir resumed>) = 0 [pid 5067] <... mkdir resumed>) = 0 [pid 5065] umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... ioctl resumed>) = 0 [pid 5069] close(3 [pid 5067] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6169] <... openat resumed>) = 3 [pid 5065] newfstatat(AT_FDCWD, "./11/binderfs", [pid 6169] chdir("./bus" [pid 5069] <... close resumed>) = 0 [pid 5067] <... openat resumed>) = 3 [pid 5065] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] unlink("./11/binderfs" [pid 6169] <... chdir resumed>) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5067] ioctl(3, LOOP_CLR_FD [pid 5065] <... unlink resumed>) = 0 [pid 5068] mkdir("./11", 0777 [pid 5067] <... ioctl resumed>) = 0 [pid 5068] <... mkdir resumed>) = 0 [pid 5065] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 5065] rmdir("./11"./strace-static-x86_64: Process 6267 attached [pid 5068] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5067] close(3 [pid 5065] <... rmdir resumed>) = 0 [pid 6267] set_robust_list(0x555556d0c660, 24 [pid 6169] ioctl(4, LOOP_CLR_FD [pid 5069] <... clone resumed>, child_tidptr=0x555556d0c650) = 6267 [pid 5067] <... close resumed>) = 0 [pid 6267] <... set_robust_list resumed>) = 0 [pid 6169] <... ioctl resumed>) = 0 [pid 5068] <... openat resumed>) = 3 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5065] mkdir("./12", 0777 [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5065] <... mkdir resumed>) = 0 [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5065] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5068] close(3 [pid 5065] <... openat resumed>) = 3 [pid 6267] chdir("./11" [pid 6169] close(4 [pid 5068] <... close resumed>) = 0 [pid 5065] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 6268 attached [pid 5067] <... clone resumed>, child_tidptr=0x555556d0c650) = 6268 [pid 6267] <... chdir resumed>) = 0 [pid 6169] <... close resumed>) = 0 [pid 6169] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6268] set_robust_list(0x555556d0c660, 24 [pid 5065] <... ioctl resumed>) = 0 [pid 6268] <... set_robust_list resumed>) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5065] close(3 [pid 6268] chdir("./12" [pid 6267] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6169] <... open resumed>) = 4 [pid 5065] <... close resumed>) = 0 [pid 6267] <... prctl resumed>) = 0 [pid 6268] <... chdir resumed>) = 0 [pid 6267] setpgid(0, 0 [pid 6169] pwrite64(4, "2", 1, 55022 [pid 5068] <... clone resumed>, child_tidptr=0x555556d0c650) = 6269 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6269 attached [pid 6268] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6269] set_robust_list(0x555556d0c660, 24 [pid 6268] <... prctl resumed>) = 0 [pid 6269] <... set_robust_list resumed>) = 0 [pid 6268] setpgid(0, 0 [pid 6269] chdir("./11" [pid 6268] <... setpgid resumed>) = 0 [pid 6267] <... setpgid resumed>) = 0 [pid 6269] <... chdir resumed>) = 0 [pid 6268] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6267] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6269] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6268] <... openat resumed>) = 3 [pid 5065] <... clone resumed>, child_tidptr=0x555556d0c650) = 6270 [pid 6269] <... prctl resumed>) = 0 [pid 6268] write(3, "1000", 4./strace-static-x86_64: Process 6270 attached [pid 6269] setpgid(0, 0 [pid 6268] <... write resumed>) = 4 [pid 6270] set_robust_list(0x555556d0c660, 24 [pid 6269] <... setpgid resumed>) = 0 [pid 6268] close(3 [pid 6270] <... set_robust_list resumed>) = 0 [pid 6269] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6268] <... close resumed>) = 0 [pid 6270] chdir("./12" [pid 6269] <... openat resumed>) = 3 [pid 6268] symlink("/dev/binderfs", "./binderfs" [pid 6270] <... chdir resumed>) = 0 [pid 6269] write(3, "1000", 4 [pid 6268] <... symlink resumed>) = 0 [pid 6270] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6269] <... write resumed>) = 4 [pid 6268] memfd_create("syzkaller", 0 [pid 6267] <... openat resumed>) = 3 [pid 6270] <... prctl resumed>) = 0 [pid 6269] close(3 [pid 6268] <... memfd_create resumed>) = 3 [pid 6267] write(3, "1000", 4 [pid 6270] setpgid(0, 0 [pid 6269] <... close resumed>) = 0 [pid 6169] <... pwrite64 resumed>) = 1 [pid 6269] symlink("/dev/binderfs", "./binderfs" [pid 6267] <... write resumed>) = 4 [pid 6169] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 6270] <... setpgid resumed>) = 0 [pid 6269] <... symlink resumed>) = 0 [pid 6268] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6270] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6269] memfd_create("syzkaller", 0 [pid 6268] <... mmap resumed>) = 0x7f716ab16000 [pid 6267] close(3 [pid 6169] <... openat resumed>) = 5 [pid 6267] <... close resumed>) = 0 [pid 6270] <... openat resumed>) = 3 [pid 6269] <... memfd_create resumed>) = 3 [pid 6267] symlink("/dev/binderfs", "./binderfs" [pid 6169] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 6270] write(3, "1000", 4 [pid 6269] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6267] <... symlink resumed>) = 0 [pid 6270] <... write resumed>) = 4 [pid 6269] <... mmap resumed>) = 0x7f716ab16000 [pid 6270] close(3 [pid 6169] <... write resumed>) = 65191 [pid 6270] <... close resumed>) = 0 [pid 6270] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6169] ftruncate(5, 43006 [pid 6270] memfd_create("syzkaller", 0) = 3 [pid 6270] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 6267] memfd_create("syzkaller", 0 [pid 6169] <... ftruncate resumed>) = 0 [pid 6169] exit_group(0) = ? [pid 6267] <... memfd_create resumed>) = 3 [pid 6169] +++ exited with 0 +++ [pid 6267] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6169, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=34 /* 0.34 s */} --- [pid 5066] restart_syscall(<... resuming interrupted clone ...> [pid 6267] <... mmap resumed>) = 0x7f716ab16000 [pid 5066] <... restart_syscall resumed>) = 0 [pid 5066] umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5066] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5066] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5066] umount2("./11/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6268] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5066] <... umount2 resumed>) = 0 [pid 5066] umount2("./11/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] newfstatat(AT_FDCWD, "./11/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] umount2("./11/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./11/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5066] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 5066] rmdir("./11/bus") = 0 [pid 5066] umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] newfstatat(AT_FDCWD, "./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] unlink("./11/binderfs") = 0 [pid 5066] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./11") = 0 [pid 5066] mkdir("./12", 0777 [pid 6269] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5066] <... mkdir resumed>) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = 0 [pid 5066] close(3) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6272 attached [pid 6272] set_robust_list(0x555556d0c660, 24 [pid 5066] <... clone resumed>, child_tidptr=0x555556d0c650) = 6272 [pid 6272] <... set_robust_list resumed>) = 0 [pid 6270] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6267] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6272] chdir("./12") = 0 [pid 6272] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6272] setpgid(0, 0) = 0 [pid 6272] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6272] write(3, "1000", 4) = 4 [pid 6272] close(3) = 0 [pid 6272] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6272] memfd_create("syzkaller", 0) = 3 [pid 6272] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6248] <... write resumed>) = 16777216 [pid 6272] <... mmap resumed>) = 0x7f716ab16000 [pid 6248] munmap(0x7f716ab16000, 138412032) = 0 [pid 6248] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 6248] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6248] close(3) = 0 [pid 6248] mkdir("./bus", 0777) = 0 [ 97.752501][ T6248] loop5: detected capacity change from 0 to 32768 [ 97.784398][ T6248] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 scanned by syz-executor383 (6248) [pid 6248] mount("/dev/loop5", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 6268] <... write resumed>) = 16777216 [pid 6268] munmap(0x7f716ab16000, 138412032) = 0 [pid 6268] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6268] ioctl(4, LOOP_SET_FD, 3) = 0 [ 97.864060][ T6248] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm [ 97.900930][ T6268] loop2: detected capacity change from 0 to 32768 [ 97.901972][ T6248] BTRFS info (device loop5): enabling auto defrag [pid 6268] close(3) = 0 [pid 6268] mkdir("./bus", 0777) = 0 [ 97.964793][ T6268] BTRFS: device /dev/loop2 using temp-fsid 074f455d-be84-4218-a8a5-1277b38f1a7c [ 97.975988][ T6248] BTRFS info (device loop5): enabling disk space caching [pid 6268] mount("/dev/loop2", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [ 98.011663][ T6268] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz-executor383 (6268) [ 98.012761][ T6248] BTRFS info (device loop5): max_inline at 0 [ 98.090681][ T6248] BTRFS info (device loop5): force clearing of disk cache [ 98.095022][ T6268] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm [ 98.097945][ T6248] BTRFS info (device loop5): turning on sync discard [pid 6272] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6267] <... write resumed>) = 16777216 [pid 6269] <... write resumed>) = 16777216 [pid 6267] munmap(0x7f716ab16000, 138412032 [pid 6269] munmap(0x7f716ab16000, 138412032 [pid 6267] <... munmap resumed>) = 0 [pid 6267] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 98.151848][ T6268] BTRFS info (device loop2): enabling auto defrag [ 98.153825][ T6248] BTRFS info (device loop5): disk space caching is enabled [ 98.167875][ T6268] BTRFS info (device loop2): enabling disk space caching [pid 6267] ioctl(4, LOOP_SET_FD, 3 [pid 6269] <... munmap resumed>) = 0 [pid 6270] <... write resumed>) = 16777216 [pid 6270] munmap(0x7f716ab16000, 138412032 [pid 6269] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6270] <... munmap resumed>) = 0 [pid 6269] <... openat resumed>) = 4 [pid 6269] ioctl(4, LOOP_SET_FD, 3 [pid 6267] <... ioctl resumed>) = 0 [pid 6267] close(3) = 0 [pid 6267] mkdir("./bus", 0777) = 0 [ 98.204321][ T6267] loop4: detected capacity change from 0 to 32768 [ 98.212019][ T6268] BTRFS info (device loop2): max_inline at 0 [ 98.228163][ T6269] loop3: detected capacity change from 0 to 32768 [ 98.240652][ T6268] BTRFS info (device loop2): force clearing of disk cache [ 98.241087][ T6270] loop0: detected capacity change from 0 to 32768 [pid 6270] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6267] mount("/dev/loop4", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 6270] <... openat resumed>) = 4 [pid 6270] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6270] close(3 [pid 6269] <... ioctl resumed>) = 0 [pid 6270] <... close resumed>) = 0 [pid 6269] close(3 [pid 6270] mkdir("./bus", 0777 [pid 6269] <... close resumed>) = 0 [ 98.247788][ T6268] BTRFS info (device loop2): turning on sync discard [ 98.260931][ T6267] BTRFS: device /dev/loop4 using temp-fsid 0d96f308-0d83-4a51-827e-672a71c81508 [ 98.260985][ T6267] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz-executor383 (6267) [ 98.284138][ T6268] BTRFS info (device loop2): disk space caching is enabled [pid 6270] <... mkdir resumed>) = 0 [pid 6269] mkdir("./bus", 0777 [pid 6270] mount("/dev/loop0", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 6269] <... mkdir resumed>) = 0 [ 98.298848][ T6267] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm [ 98.310719][ T6270] BTRFS: device /dev/loop0 using temp-fsid 1589d8e7-ed2d-4f89-a8b4-a9bbcb28ea65 [ 98.319784][ T6270] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz-executor383 (6270) [ 98.337641][ T6267] BTRFS info (device loop4): enabling auto defrag [pid 6269] mount("/dev/loop3", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 6272] <... write resumed>) = 16777216 [ 98.354568][ T6267] BTRFS info (device loop4): enabling disk space caching [ 98.363155][ T6267] BTRFS info (device loop4): max_inline at 0 [ 98.364237][ T6269] BTRFS: device /dev/loop3 using temp-fsid 02591cf9-cbb5-47ea-b4d8-f43ee3cb3bfe [ 98.379622][ T6267] BTRFS info (device loop4): force clearing of disk cache [ 98.388012][ T6267] BTRFS info (device loop4): turning on sync discard [ 98.392381][ T6270] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm [pid 6272] munmap(0x7f716ab16000, 138412032) = 0 [pid 6272] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [ 98.404127][ T6267] BTRFS info (device loop4): disk space caching is enabled [ 98.404850][ T6269] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz-executor383 (6269) [ 98.411714][ T6270] BTRFS info (device loop0): enabling auto defrag [ 98.431327][ T6270] BTRFS info (device loop0): enabling disk space caching [ 98.438439][ T6270] BTRFS info (device loop0): max_inline at 0 [ 98.447682][ T6272] loop1: detected capacity change from 0 to 32768 [pid 6272] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6272] close(3) = 0 [pid 6272] mkdir("./bus", 0777) = 0 [ 98.448719][ T6269] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm [ 98.466462][ T6248] BTRFS info (device loop5): enabling ssd optimizations [ 98.474917][ T6248] BTRFS info (device loop5): rebuilding free space tree [ 98.476587][ T6272] BTRFS: device /dev/loop1 using temp-fsid 23ffc789-2b38-45cc-b10f-41cdbd70ba18 [ 98.483238][ T6270] BTRFS info (device loop0): force clearing of disk cache [ 98.501881][ T6270] BTRFS info (device loop0): turning on sync discard [ 98.502123][ T6269] BTRFS info (device loop3): enabling auto defrag [ 98.510960][ T6270] BTRFS info (device loop0): disk space caching is enabled [ 98.515589][ T6272] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz-executor383 (6272) [ 98.534989][ T6268] BTRFS info (device loop2): enabling ssd optimizations [ 98.538424][ T6269] BTRFS info (device loop3): enabling disk space caching [ 98.544932][ T6268] BTRFS info (device loop2): rebuilding free space tree [pid 6272] mount("/dev/loop1", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 6248] <... mount resumed>) = 0 [pid 6248] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6248] chdir("./bus") = 0 [pid 6248] ioctl(4, LOOP_CLR_FD) = 0 [pid 6248] close(4) = 0 [pid 6248] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6248] pwrite64(4, "2", 1, 55022) = 1 [pid 6248] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 6248] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 6248] ftruncate(5, 43006) = 0 [pid 6248] exit_group(0) = ? [pid 6248] +++ exited with 0 +++ [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6248, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=36 /* 0.36 s */} --- [pid 6268] <... mount resumed>) = 0 [pid 6268] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5070] umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5070] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5070] umount2("./11/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6268] chdir("./bus") = 0 [pid 6268] ioctl(4, LOOP_CLR_FD) = 0 [pid 6268] close(4) = 0 [pid 6268] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6268] pwrite64(4, "2", 1, 55022) = 1 [pid 6268] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 6268] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 6267] <... mount resumed>) = 0 [pid 6267] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6267] chdir("./bus") = 0 [pid 6268] ftruncate(5, 43006 [pid 6267] ioctl(4, LOOP_CLR_FD) = 0 [pid 6267] close(4 [pid 6268] <... ftruncate resumed>) = 0 [pid 6267] <... close resumed>) = 0 [pid 6268] exit_group(0 [pid 6267] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6268] <... exit_group resumed>) = ? [pid 6268] +++ exited with 0 +++ [pid 6267] <... open resumed>) = 4 [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6268, si_uid=0, si_status=0, si_utime=0, si_stime=33 /* 0.33 s */} --- [pid 5067] umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6267] pwrite64(4, "2", 1, 55022 [pid 5067] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5067] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5067] umount2("./12/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6267] <... pwrite64 resumed>) = 1 [pid 5070] <... umount2 resumed>) = 0 [pid 5070] umount2("./11/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] newfstatat(AT_FDCWD, "./11/bus", [pid 6267] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] umount2("./11/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6267] <... openat resumed>) = 5 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6267] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5070] openat(AT_FDCWD, "./11/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6267] <... write resumed>) = 65191 [pid 5070] <... openat resumed>) = 4 [pid 5070] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 6267] ftruncate(5, 43006 [pid 5070] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5070] close(4) = 0 [pid 5070] rmdir("./11/bus") = 0 [pid 6267] <... ftruncate resumed>) = 0 [pid 6267] exit_group(0 [pid 5070] umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6267] <... exit_group resumed>) = ? [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] newfstatat(AT_FDCWD, "./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] unlink("./11/binderfs") = 0 [pid 6267] +++ exited with 0 +++ [pid 5070] getdents64(3, [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6267, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=26 /* 0.26 s */} --- [pid 5070] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5070] close(3 [pid 5069] restart_syscall(<... resuming interrupted clone ...> [pid 5070] <... close resumed>) = 0 [pid 5069] <... restart_syscall resumed>) = 0 [pid 5070] rmdir("./11") = 0 [pid 5070] mkdir("./12", 0777 [pid 5069] umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] <... mkdir resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5069] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5070] <... openat resumed>) = 3 [pid 5069] <... openat resumed>) = 3 [pid 5070] ioctl(3, LOOP_CLR_FD [pid 5069] newfstatat(3, "", [pid 5070] <... ioctl resumed>) = 0 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] close(3 [pid 5069] getdents64(3, [pid 5070] <... close resumed>) = 0 [pid 5069] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5069] umount2("./11/bus", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6365 attached [pid 6365] set_robust_list(0x555556d0c660, 24) = 0 [pid 6365] chdir("./12") = 0 [pid 5070] <... clone resumed>, child_tidptr=0x555556d0c650) = 6365 [pid 6365] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6365] setpgid(0, 0 [pid 6272] <... mount resumed>) = 0 [pid 6269] <... mount resumed>) = 0 [pid 6272] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 6269] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 6272] <... openat resumed>) = 3 [pid 6272] chdir("./bus" [pid 6269] <... openat resumed>) = 3 [pid 6272] <... chdir resumed>) = 0 [pid 6269] chdir("./bus" [pid 6272] ioctl(4, LOOP_CLR_FD [pid 6269] <... chdir resumed>) = 0 [pid 6272] <... ioctl resumed>) = 0 [pid 6269] ioctl(4, LOOP_CLR_FD [pid 6272] close(4 [pid 6269] <... ioctl resumed>) = 0 [pid 6272] <... close resumed>) = 0 [pid 6272] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6269] close(4) = 0 [pid 6365] <... setpgid resumed>) = 0 [pid 6365] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6272] <... open resumed>) = 4 [pid 6269] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6365] write(3, "1000", 4) = 4 [pid 6365] close(3) = 0 [pid 6365] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6365] memfd_create("syzkaller", 0) = 3 [pid 6365] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 6269] pwrite64(4, "2", 1, 55022 [pid 6272] pwrite64(4, "2", 1, 55022) = 1 [pid 6269] <... pwrite64 resumed>) = 1 [pid 6272] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 6270] <... mount resumed>) = 0 [pid 6269] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 6270] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 6272] <... openat resumed>) = 5 [pid 6270] <... openat resumed>) = 3 [pid 6272] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 6269] <... openat resumed>) = 5 [pid 6270] chdir("./bus") = 0 [pid 6272] <... write resumed>) = 65191 [pid 6270] ioctl(4, LOOP_CLR_FD [pid 6269] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 6270] <... ioctl resumed>) = 0 [pid 6270] close(4) = 0 [pid 6270] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6269] <... write resumed>) = 65191 [pid 6270] pwrite64(4, "2", 1, 55022 [pid 6272] ftruncate(5, 43006 [pid 6269] ftruncate(5, 43006 [pid 6272] <... ftruncate resumed>) = 0 [pid 6269] <... ftruncate resumed>) = 0 [pid 6272] exit_group(0) = ? [pid 6269] exit_group(0 [pid 6272] +++ exited with 0 +++ [pid 6269] <... exit_group resumed>) = ? [pid 6270] <... pwrite64 resumed>) = 1 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6272, si_uid=0, si_status=0, si_utime=0, si_stime=31 /* 0.31 s */} --- [pid 6270] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5066] umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6270] <... openat resumed>) = 5 [pid 6269] +++ exited with 0 +++ [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6269, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=33 /* 0.33 s */} --- [pid 5066] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5066] newfstatat(3, "", [pid 6270] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5068] umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6270] <... write resumed>) = 65191 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] getdents64(3, [pid 5068] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5068] <... openat resumed>) = 3 [pid 5066] umount2("./12/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] newfstatat(3, "", [pid 6270] ftruncate(5, 43006 [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5068] umount2("./11/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... umount2 resumed>) = 0 [pid 5067] umount2("./12/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] newfstatat(AT_FDCWD, "./12/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6270] <... ftruncate resumed>) = 0 [pid 5067] umount2("./12/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./12/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6270] exit_group(0 [pid 5067] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6270] <... exit_group resumed>) = ? [pid 6270] +++ exited with 0 +++ [pid 5067] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5067] close(4 [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6270, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=30 /* 0.30 s */} --- [pid 5067] <... close resumed>) = 0 [pid 5065] restart_syscall(<... resuming interrupted clone ...> [pid 5067] rmdir("./12/bus" [pid 5065] <... restart_syscall resumed>) = 0 [pid 5067] <... rmdir resumed>) = 0 [pid 5067] umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] <... umount2 resumed>) = 0 [pid 5065] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5067] newfstatat(AT_FDCWD, "./12/binderfs", [pid 5065] <... openat resumed>) = 3 [pid 5067] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] newfstatat(3, "", [pid 5067] unlink("./12/binderfs" [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5067] <... unlink resumed>) = 0 [pid 5067] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5067] close(3 [pid 5069] umount2("./11/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... close resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] newfstatat(AT_FDCWD, "./11/bus", [pid 5067] rmdir("./12") = 0 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] umount2("./11/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./11/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, [pid 5067] mkdir("./13", 0777 [pid 5065] getdents64(3, [pid 5069] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5067] <... mkdir resumed>) = 0 [pid 5069] close(4 [pid 5067] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5065] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5067] <... openat resumed>) = 3 [pid 5069] <... close resumed>) = 0 [pid 5065] umount2("./12/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] rmdir("./11/bus" [pid 5067] ioctl(3, LOOP_CLR_FD [pid 5069] <... rmdir resumed>) = 0 [pid 5067] <... ioctl resumed>) = 0 [pid 5067] close(3) = 0 [pid 5069] umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] newfstatat(AT_FDCWD, "./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] unlink("./11/binderfs") = 0 [pid 5069] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5069] close(3./strace-static-x86_64: Process 6367 attached ) = 0 [pid 5067] <... clone resumed>, child_tidptr=0x555556d0c650) = 6367 [pid 6367] set_robust_list(0x555556d0c660, 24 [pid 5069] rmdir("./11" [pid 6367] <... set_robust_list resumed>) = 0 [pid 5069] <... rmdir resumed>) = 0 [pid 6367] chdir("./13" [pid 5069] mkdir("./12", 0777 [pid 6367] <... chdir resumed>) = 0 [pid 5069] <... mkdir resumed>) = 0 [pid 6367] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6367] setpgid(0, 0 [pid 5069] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6367] <... setpgid resumed>) = 0 [pid 5069] <... openat resumed>) = 3 [pid 6367] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5069] ioctl(3, LOOP_CLR_FD) = 0 [pid 6367] <... openat resumed>) = 3 [pid 6367] write(3, "1000", 4) = 4 [pid 6367] close(3) = 0 [pid 6367] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5069] close(3 [pid 6367] memfd_create("syzkaller", 0 [pid 5069] <... close resumed>) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d0c650) = 6368 [pid 6367] <... memfd_create resumed>) = 3 [pid 6367] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 ./strace-static-x86_64: Process 6368 attached [pid 6368] set_robust_list(0x555556d0c660, 24) = 0 [pid 6368] chdir("./12") = 0 [pid 6368] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6368] setpgid(0, 0) = 0 [pid 6368] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6368] write(3, "1000", 4) = 4 [pid 6368] close(3) = 0 [pid 6368] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6368] memfd_create("syzkaller", 0) = 3 [pid 6368] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 6365] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6368] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5068] <... umount2 resumed>) = 0 [pid 5065] <... umount2 resumed>) = 0 [pid 5068] umount2("./11/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] umount2("./12/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] newfstatat(AT_FDCWD, "./11/bus", [pid 5065] newfstatat(AT_FDCWD, "./12/bus", [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] umount2("./11/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] umount2("./12/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./11/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] openat(AT_FDCWD, "./12/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] <... openat resumed>) = 4 [pid 5065] <... openat resumed>) = 4 [pid 5068] newfstatat(4, "", [pid 5065] newfstatat(4, "", [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] getdents64(4, [pid 5065] getdents64(4, [pid 5068] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5065] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, [pid 5065] getdents64(4, [pid 5068] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5068] close(4 [pid 5065] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5068] <... close resumed>) = 0 [pid 5065] close(4 [pid 5068] rmdir("./11/bus" [pid 5065] <... close resumed>) = 0 [pid 5068] <... rmdir resumed>) = 0 [pid 5065] rmdir("./12/bus") = 0 [pid 5065] umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] newfstatat(AT_FDCWD, "./12/binderfs", [pid 5068] newfstatat(AT_FDCWD, "./11/binderfs", [pid 5065] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] unlink("./12/binderfs" [pid 5068] unlink("./11/binderfs") = 0 [pid 5065] <... unlink resumed>) = 0 [pid 5065] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5065] close(3 [pid 5068] getdents64(3, [pid 5065] <... close resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5065] rmdir("./12" [pid 5068] close(3 [pid 5065] <... rmdir resumed>) = 0 [pid 5068] <... close resumed>) = 0 [pid 5065] mkdir("./13", 0777 [pid 5068] rmdir("./11" [pid 5065] <... mkdir resumed>) = 0 [pid 5068] <... rmdir resumed>) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5068] mkdir("./12", 0777) = 0 [pid 5065] <... openat resumed>) = 3 [pid 5068] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5065] ioctl(3, LOOP_CLR_FD [pid 5068] <... openat resumed>) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5065] <... ioctl resumed>) = 0 [pid 5068] <... ioctl resumed>) = 0 [pid 5068] close(3 [pid 5065] close(3 [pid 5068] <... close resumed>) = 0 [pid 5065] <... close resumed>) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] <... clone resumed>, child_tidptr=0x555556d0c650) = 6372 [pid 5065] <... clone resumed>, child_tidptr=0x555556d0c650) = 6373 ./strace-static-x86_64: Process 6373 attached [pid 6373] set_robust_list(0x555556d0c660, 24) = 0 [pid 6373] chdir("./13") = 0 [pid 6373] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6373] setpgid(0, 0./strace-static-x86_64: Process 6372 attached ) = 0 [pid 6367] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6373] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6372] set_robust_list(0x555556d0c660, 24 [pid 5066] <... umount2 resumed>) = 0 [pid 6373] <... openat resumed>) = 3 [pid 6373] write(3, "1000", 4) = 4 [pid 6373] close(3) = 0 [pid 6373] symlink("/dev/binderfs", "./binderfs" [pid 6372] <... set_robust_list resumed>) = 0 [pid 5066] umount2("./12/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6373] <... symlink resumed>) = 0 [pid 6372] chdir("./12" [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6373] memfd_create("syzkaller", 0) = 3 [pid 6372] <... chdir resumed>) = 0 [pid 5066] newfstatat(AT_FDCWD, "./12/bus", [pid 6373] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 6372] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5066] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6372] <... prctl resumed>) = 0 [pid 5066] umount2("./12/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6372] setpgid(0, 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6372] <... setpgid resumed>) = 0 [pid 5066] openat(AT_FDCWD, "./12/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6372] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5066] <... openat resumed>) = 4 [pid 6372] <... openat resumed>) = 3 [pid 5066] newfstatat(4, "", [pid 6372] write(3, "1000", 4 [pid 5066] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5066] getdents64(4, [pid 6372] <... write resumed>) = 4 [pid 6372] close(3 [pid 5066] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 6372] <... close resumed>) = 0 [pid 6372] symlink("/dev/binderfs", "./binderfs" [pid 5066] getdents64(4, [pid 6372] <... symlink resumed>) = 0 [pid 5066] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 6372] memfd_create("syzkaller", 0 [pid 5066] close(4) = 0 [pid 6372] <... memfd_create resumed>) = 3 [pid 5066] rmdir("./12/bus") = 0 [pid 5066] umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6372] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6372] <... mmap resumed>) = 0x7f716ab16000 [pid 5066] newfstatat(AT_FDCWD, "./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] unlink("./12/binderfs") = 0 [pid 5066] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./12") = 0 [pid 5066] mkdir("./13", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = 0 [pid 5066] close(3) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d0c650) = 6374 ./strace-static-x86_64: Process 6374 attached [pid 6374] set_robust_list(0x555556d0c660, 24) = 0 [pid 6374] chdir("./13") = 0 [pid 6374] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6374] setpgid(0, 0) = 0 [pid 6374] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6374] write(3, "1000", 4) = 4 [pid 6374] close(3) = 0 [pid 6374] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6374] memfd_create("syzkaller", 0) = 3 [pid 6374] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 6373] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6368] <... write resumed>) = 16777216 [pid 6368] munmap(0x7f716ab16000, 138412032 [pid 6365] <... write resumed>) = 16777216 [pid 6368] <... munmap resumed>) = 0 [pid 6368] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6365] munmap(0x7f716ab16000, 138412032 [pid 6368] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6365] <... munmap resumed>) = 0 [pid 6372] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6368] close(3) = 0 [pid 6368] mkdir("./bus", 0777) = 0 [ 100.161807][ T6368] loop4: detected capacity change from 0 to 32768 [pid 6368] mount("/dev/loop4", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 6365] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 6365] ioctl(4, LOOP_SET_FD, 3) = 0 [ 100.208823][ T6368] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz-executor383 (6368) [ 100.241291][ T6365] loop5: detected capacity change from 0 to 32768 [pid 6365] close(3) = 0 [pid 6365] mkdir("./bus", 0777) = 0 [ 100.297549][ T6365] BTRFS: device /dev/loop5 using temp-fsid dd932e93-ae61-4f3b-b96d-78a5882717ec [ 100.321548][ T6365] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 scanned by syz-executor383 (6365) [pid 6365] mount("/dev/loop5", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 6367] <... write resumed>) = 16777216 [pid 6367] munmap(0x7f716ab16000, 138412032) = 0 [pid 6367] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6367] ioctl(4, LOOP_SET_FD, 3 [pid 6374] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6367] <... ioctl resumed>) = 0 [pid 6367] close(3) = 0 [pid 6367] mkdir("./bus", 0777) = 0 [ 100.433375][ T6367] loop2: detected capacity change from 0 to 32768 [ 100.476021][ T6367] BTRFS: device /dev/loop2 using temp-fsid 3b3f8522-fbd8-48fc-8080-0e51b5ae7f3a [ 100.514244][ T6367] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz-executor383 (6367) [ 100.561374][ T6368] _btrfs_printk: 53 callbacks suppressed [ 100.561387][ T6368] BTRFS info (device loop4): disabling free space tree [ 100.574564][ T6368] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 100.584856][ T6368] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [pid 6367] mount("/dev/loop2", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 6368] <... mount resumed>) = 0 [ 100.612627][ T6367] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm [ 100.621129][ T6367] BTRFS info (device loop2): enabling auto defrag [ 100.627552][ T6367] BTRFS info (device loop2): enabling disk space caching [ 100.635110][ T6367] BTRFS info (device loop2): max_inline at 0 [ 100.642044][ T6367] BTRFS info (device loop2): force clearing of disk cache [ 100.649406][ T6367] BTRFS info (device loop2): turning on sync discard [ 100.650802][ T6365] BTRFS info (device loop5): enabling ssd optimizations [pid 6368] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6368] chdir("./bus") = 0 [pid 6368] ioctl(4, LOOP_CLR_FD) = 0 [pid 6368] close(4) = 0 [pid 6368] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6368] pwrite64(4, "2", 1, 55022 [pid 6373] <... write resumed>) = 16777216 [pid 6373] munmap(0x7f716ab16000, 138412032 [pid 6368] <... pwrite64 resumed>) = 1 [pid 6368] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 6373] <... munmap resumed>) = 0 [pid 6368] <... openat resumed>) = 5 [ 100.656578][ T6367] BTRFS info (device loop2): disk space caching is enabled [pid 6373] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6373] ioctl(4, LOOP_SET_FD, 3 [pid 6368] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 6372] <... write resumed>) = 16777216 [ 100.721562][ T6373] loop0: detected capacity change from 0 to 32768 [ 100.731428][ T6365] BTRFS info (device loop5): rebuilding free space tree [pid 6373] <... ioctl resumed>) = 0 [pid 6372] munmap(0x7f716ab16000, 138412032 [pid 6368] ftruncate(5, 43006 [pid 6373] close(3 [pid 6372] <... munmap resumed>) = 0 [pid 6373] <... close resumed>) = 0 [pid 6373] mkdir("./bus", 0777 [pid 6368] <... ftruncate resumed>) = 0 [pid 6373] <... mkdir resumed>) = 0 [pid 6373] mount("/dev/loop0", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 6368] exit_group(0) = ? [pid 6368] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6368, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=31 /* 0.31 s */} --- [pid 5069] umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6372] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5069] newfstatat(3, "", [pid 6372] <... openat resumed>) = 4 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 6372] ioctl(4, LOOP_SET_FD, 3 [pid 5069] umount2("./12/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6372] <... ioctl resumed>) = 0 [ 100.764470][ T6373] BTRFS: device /dev/loop0 using temp-fsid 8cad4b74-510d-42c9-bbf7-48cd3299ece8 [ 100.783838][ T6372] loop3: detected capacity change from 0 to 32768 [ 100.802675][ T6365] BTRFS info (device loop5): disabling free space tree [pid 6372] close(3) = 0 [pid 6372] mkdir("./bus", 0777) = 0 [ 100.820007][ T6373] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz-executor383 (6373) [ 100.837957][ T6365] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [pid 6372] mount("/dev/loop3", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5069] <... umount2 resumed>) = 0 [ 100.860988][ T6365] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 100.871859][ T6373] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm [ 100.891905][ T6372] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz-executor383 (6372) [ 100.905089][ T6367] BTRFS info (device loop2): enabling ssd optimizations [pid 5069] umount2("./12/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6374] <... write resumed>) = 16777216 [pid 5069] newfstatat(AT_FDCWD, "./12/bus", [pid 6374] munmap(0x7f716ab16000, 138412032 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] umount2("./12/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6365] <... mount resumed>) = 0 [pid 6365] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6365] chdir("./bus") = 0 [pid 6365] ioctl(4, LOOP_CLR_FD [pid 6374] <... munmap resumed>) = 0 [pid 6365] <... ioctl resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6365] close(4) = 0 [pid 5069] openat(AT_FDCWD, "./12/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6365] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] <... openat resumed>) = 4 [pid 5069] newfstatat(4, "", [pid 6374] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6365] <... open resumed>) = 4 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 100.917224][ T6367] BTRFS info (device loop2): rebuilding free space tree [ 100.924764][ T6373] BTRFS info (device loop0): enabling auto defrag [ 100.932203][ T6373] BTRFS info (device loop0): enabling disk space caching [ 100.952371][ T6372] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm [pid 6365] pwrite64(4, "2", 1, 55022 [pid 5069] getdents64(4, [pid 6374] <... openat resumed>) = 4 [pid 5069] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 6374] ioctl(4, LOOP_SET_FD, 3 [pid 5069] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [ 100.967477][ T6372] BTRFS info (device loop3): enabling auto defrag [ 100.978192][ T6373] BTRFS info (device loop0): max_inline at 0 [ 100.986243][ T6374] loop1: detected capacity change from 0 to 32768 [ 100.987358][ T6373] BTRFS info (device loop0): force clearing of disk cache [ 100.994067][ T6372] BTRFS info (device loop3): enabling disk space caching [ 101.000466][ T6367] BTRFS info (device loop2): disabling free space tree [pid 6374] <... ioctl resumed>) = 0 [pid 6374] close(3 [pid 5069] close(4) = 0 [pid 5069] rmdir("./12/bus" [pid 6365] <... pwrite64 resumed>) = 1 [pid 6365] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5069] <... rmdir resumed>) = 0 [pid 6374] <... close resumed>) = 0 [pid 6365] <... openat resumed>) = 5 [pid 5069] umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6374] mkdir("./bus", 0777 [pid 6365] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] newfstatat(AT_FDCWD, "./12/binderfs", [pid 6374] <... mkdir resumed>) = 0 [pid 6365] <... write resumed>) = 65191 [pid 5069] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] unlink("./12/binderfs" [pid 6365] ftruncate(5, 43006 [pid 6374] mount("/dev/loop1", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5069] <... unlink resumed>) = 0 [pid 5069] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5069] close(3 [pid 6365] <... ftruncate resumed>) = 0 [pid 5069] <... close resumed>) = 0 [pid 6365] exit_group(0) = ? [pid 5069] rmdir("./12" [pid 6365] +++ exited with 0 +++ [pid 5069] <... rmdir resumed>) = 0 [pid 5069] mkdir("./13", 0777 [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6365, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=23 /* 0.23 s */} --- [pid 5069] <... mkdir resumed>) = 0 [pid 5070] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5070] umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5070] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5070] umount2("./12/bus", MNT_DETACH|UMOUNT_NOFOLLOW [ 101.015059][ T6373] BTRFS info (device loop0): turning on sync discard [ 101.032772][ T6373] BTRFS info (device loop0): disk space caching is enabled [ 101.037332][ T6374] BTRFS: device /dev/loop1 using temp-fsid 4ccadadd-a2e6-4f4c-9933-8561715983a5 [ 101.053761][ T6367] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 101.060783][ T6372] BTRFS info (device loop3): max_inline at 0 [pid 5069] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = 0 [pid 5069] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6426 attached , child_tidptr=0x555556d0c650) = 6426 [ 101.070489][ T6372] BTRFS info (device loop3): force clearing of disk cache [ 101.082699][ T6374] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz-executor383 (6374) [ 101.097422][ T6367] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 101.103633][ T6372] BTRFS info (device loop3): turning on sync discard [pid 6426] set_robust_list(0x555556d0c660, 24) = 0 [pid 6426] chdir("./13") = 0 [pid 6426] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6426] setpgid(0, 0) = 0 [pid 6426] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6426] write(3, "1000", 4) = 4 [pid 6426] close(3) = 0 [pid 6426] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6426] memfd_create("syzkaller", 0 [pid 6367] <... mount resumed>) = 0 [ 101.117219][ T6372] BTRFS info (device loop3): disk space caching is enabled [pid 6426] <... memfd_create resumed>) = 3 [pid 6426] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 6367] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5070] <... umount2 resumed>) = 0 [pid 6367] <... openat resumed>) = 3 [pid 5070] umount2("./12/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6367] chdir("./bus" [pid 5070] newfstatat(AT_FDCWD, "./12/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6367] <... chdir resumed>) = 0 [pid 6367] ioctl(4, LOOP_CLR_FD [pid 5070] umount2("./12/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] openat(AT_FDCWD, "./12/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6367] <... ioctl resumed>) = 0 [pid 6367] close(4 [pid 5070] <... openat resumed>) = 4 [pid 6367] <... close resumed>) = 0 [pid 6367] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5070] newfstatat(4, "", [pid 6367] <... open resumed>) = 4 [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 101.162133][ T6374] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm [pid 5070] getdents64(4, [pid 6367] pwrite64(4, "2", 1, 55022 [pid 5070] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5070] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5070] close(4) = 0 [pid 5070] rmdir("./12/bus") = 0 [pid 5070] umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] newfstatat(AT_FDCWD, "./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6367] <... pwrite64 resumed>) = 1 [pid 5070] unlink("./12/binderfs" [pid 6367] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 5070] <... unlink resumed>) = 0 [ 101.221090][ T6374] BTRFS info (device loop1): enabling auto defrag [ 101.244741][ T6374] BTRFS info (device loop1): enabling disk space caching [pid 5070] getdents64(3, [pid 6367] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5070] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 6367] <... write resumed>) = 65191 [pid 5070] close(3) = 0 [pid 5070] rmdir("./12") = 0 [pid 5070] mkdir("./13", 0777 [pid 6367] ftruncate(5, 43006) = 0 [pid 6367] exit_group(0 [pid 5070] <... mkdir resumed>) = 0 [pid 6367] <... exit_group resumed>) = ? [pid 5070] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [ 101.270690][ T6374] BTRFS info (device loop1): max_inline at 0 [ 101.274329][ T6373] BTRFS info (device loop0): enabling ssd optimizations [ 101.277621][ T6374] BTRFS info (device loop1): force clearing of disk cache [ 101.297133][ T6373] BTRFS info (device loop0): rebuilding free space tree [ 101.310671][ T6374] BTRFS info (device loop1): turning on sync discard [pid 5070] ioctl(3, LOOP_CLR_FD [pid 6367] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6367, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=36 /* 0.36 s */} --- [pid 5070] <... ioctl resumed>) = 0 [pid 5067] umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] close(3) = 0 [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5070] <... clone resumed>, child_tidptr=0x555556d0c650) = 6452 ./strace-static-x86_64: Process 6452 attached [pid 6452] set_robust_list(0x555556d0c660, 24) = 0 [pid 5067] <... openat resumed>) = 3 [pid 5067] newfstatat(3, "", [pid 6452] chdir("./13" [pid 5067] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5067] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5067] umount2("./13/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6452] <... chdir resumed>) = 0 [pid 6452] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 101.317393][ T6374] BTRFS info (device loop1): disk space caching is enabled [pid 6452] setpgid(0, 0) = 0 [pid 6452] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6452] write(3, "1000", 4) = 4 [pid 6426] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6452] close(3) = 0 [pid 6452] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6452] memfd_create("syzkaller", 0) = 3 [pid 6452] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [ 101.386743][ T6373] BTRFS info (device loop0): disabling free space tree [ 101.397753][ T6372] BTRFS info (device loop3): enabling ssd optimizations [ 101.411471][ T6373] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 101.432055][ T6372] BTRFS info (device loop3): rebuilding free space tree [pid 5067] <... umount2 resumed>) = 0 [pid 5067] umount2("./13/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] newfstatat(AT_FDCWD, "./13/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 101.467659][ T6373] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [pid 5067] umount2("./13/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./13/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5067] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./13/bus") = 0 [pid 5067] umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] newfstatat(AT_FDCWD, "./13/binderfs", [pid 6373] <... mount resumed>) = 0 [pid 6372] <... mount resumed>) = 0 [pid 5067] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6373] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 6372] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5067] unlink("./13/binderfs" [pid 6373] <... openat resumed>) = 3 [pid 6372] <... openat resumed>) = 3 [pid 5067] <... unlink resumed>) = 0 [pid 6373] chdir("./bus" [pid 5067] getdents64(3, [pid 6373] <... chdir resumed>) = 0 [ 101.537626][ T6372] BTRFS info (device loop3): disabling free space tree [ 101.550840][ T6372] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 101.562221][ T6372] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [pid 6372] chdir("./bus" [pid 6373] ioctl(4, LOOP_CLR_FD) = 0 [pid 6373] close(4 [pid 5067] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 6373] <... close resumed>) = 0 [pid 5067] close(3 [pid 6373] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6372] <... chdir resumed>) = 0 [pid 5067] <... close resumed>) = 0 [pid 6373] <... open resumed>) = 4 [pid 6372] ioctl(4, LOOP_CLR_FD [pid 5067] rmdir("./13") = 0 [pid 6372] <... ioctl resumed>) = 0 [pid 5067] mkdir("./14", 0777) = 0 [pid 6372] close(4 [pid 5067] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6373] pwrite64(4, "2", 1, 55022 [pid 6372] <... close resumed>) = 0 [pid 5067] <... openat resumed>) = 3 [pid 6372] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] ioctl(3, LOOP_CLR_FD) = 0 [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6471 attached [pid 6372] <... open resumed>) = 4 [pid 5067] <... clone resumed>, child_tidptr=0x555556d0c650) = 6471 [pid 6471] set_robust_list(0x555556d0c660, 24) = 0 [ 101.620683][ T6374] BTRFS info (device loop1): enabling ssd optimizations [pid 6471] chdir("./14" [pid 6373] <... pwrite64 resumed>) = 1 [pid 6372] pwrite64(4, "2", 1, 55022 [pid 6471] <... chdir resumed>) = 0 [pid 6373] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 6471] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6373] <... openat resumed>) = 5 [pid 6471] setpgid(0, 0 [pid 6373] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 6471] <... setpgid resumed>) = 0 [pid 6373] <... write resumed>) = 65191 [pid 6372] <... pwrite64 resumed>) = 1 [pid 6372] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 6471] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6373] ftruncate(5, 43006 [pid 6471] <... openat resumed>) = 3 [pid 6373] <... ftruncate resumed>) = 0 [pid 6372] <... openat resumed>) = 5 [pid 6471] write(3, "1000", 4) = 4 [pid 6372] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 6471] close(3 [pid 6373] exit_group(0 [pid 6471] <... close resumed>) = 0 [pid 6373] <... exit_group resumed>) = ? [pid 6372] <... write resumed>) = 65191 [pid 6471] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6373] +++ exited with 0 +++ [pid 6372] ftruncate(5, 43006 [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6373, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=33 /* 0.33 s */} --- [ 101.681906][ T6374] BTRFS info (device loop1): rebuilding free space tree [pid 5065] umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6471] memfd_create("syzkaller", 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6471] <... memfd_create resumed>) = 3 [pid 6471] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5065] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6471] <... mmap resumed>) = 0x7f716ab16000 [pid 6372] <... ftruncate resumed>) = 0 [pid 5065] <... openat resumed>) = 3 [pid 5065] newfstatat(3, "", [pid 6372] exit_group(0 [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] getdents64(3, [pid 6372] <... exit_group resumed>) = ? [pid 5065] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 6372] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6372, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=36 /* 0.36 s */} --- [pid 5068] umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] getdents64(3, [pid 5065] umount2("./13/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [ 101.778808][ T6374] BTRFS info (device loop1): disabling free space tree [ 101.810468][ T6374] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [pid 5068] umount2("./12/bus", MNT_DETACH|UMOUNT_NOFOLLOW [ 101.888175][ T6374] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [pid 6452] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6426] <... write resumed>) = 16777216 [pid 6426] munmap(0x7f716ab16000, 138412032) = 0 [pid 6426] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6426] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6426] close(3) = 0 [pid 6426] mkdir("./bus", 0777) = 0 [pid 5065] <... umount2 resumed>) = 0 [pid 6426] mount("/dev/loop4", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 6374] <... mount resumed>) = 0 [ 101.981088][ T6426] loop4: detected capacity change from 0 to 32768 [pid 5068] <... umount2 resumed>) = 0 [pid 5065] umount2("./13/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6374] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5068] umount2("./12/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6374] <... openat resumed>) = 3 [pid 5068] newfstatat(AT_FDCWD, "./12/bus", [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] newfstatat(AT_FDCWD, "./13/bus", [pid 6374] chdir("./bus" [pid 5068] umount2("./12/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6374] <... chdir resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6374] ioctl(4, LOOP_CLR_FD [pid 5068] openat(AT_FDCWD, "./12/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] umount2("./13/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... openat resumed>) = 4 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6374] <... ioctl resumed>) = 0 [pid 5068] newfstatat(4, "", [pid 5065] openat(AT_FDCWD, "./13/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6374] close(4) = 0 [pid 5065] <... openat resumed>) = 4 [pid 6374] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6374] <... open resumed>) = 4 [pid 5065] getdents64(4, [ 102.042571][ T6426] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz-executor383 (6426) [pid 5068] getdents64(4, [pid 6374] pwrite64(4, "2", 1, 55022 [pid 5068] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5065] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, [pid 5068] getdents64(4, [pid 5065] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5065] close(4 [pid 5068] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 6374] <... pwrite64 resumed>) = 1 [pid 6374] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5068] close(4 [pid 5065] <... close resumed>) = 0 [pid 5068] <... close resumed>) = 0 [pid 5065] rmdir("./13/bus" [pid 6374] <... openat resumed>) = 5 [pid 5068] rmdir("./12/bus" [pid 5065] <... rmdir resumed>) = 0 [pid 5068] <... rmdir resumed>) = 0 [pid 5065] umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6374] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 5068] umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 102.122915][ T6426] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm [pid 6374] ftruncate(5, 43006 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] newfstatat(AT_FDCWD, "./13/binderfs", [pid 5068] newfstatat(AT_FDCWD, "./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6374] <... ftruncate resumed>) = 0 [pid 5068] unlink("./12/binderfs" [pid 5065] unlink("./13/binderfs" [pid 6374] exit_group(0 [pid 5068] <... unlink resumed>) = 0 [pid 6374] <... exit_group resumed>) = ? [pid 5068] getdents64(3, [pid 5065] <... unlink resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 6374] +++ exited with 0 +++ [pid 5068] close(3 [pid 5065] getdents64(3, [pid 5068] <... close resumed>) = 0 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6374, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=33 /* 0.33 s */} --- [pid 5065] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5068] rmdir("./12" [pid 5065] close(3 [pid 5068] <... rmdir resumed>) = 0 [pid 5066] umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] mkdir("./13", 0777 [pid 5065] <... close resumed>) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] <... mkdir resumed>) = 0 [pid 5066] <... openat resumed>) = 3 [pid 5065] rmdir("./13" [pid 5068] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5066] newfstatat(3, "", [pid 5065] <... rmdir resumed>) = 0 [pid 5065] mkdir("./14", 0777 [pid 5068] <... openat resumed>) = 3 [pid 5066] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5066] getdents64(3, [pid 5065] <... mkdir resumed>) = 0 [pid 5068] <... ioctl resumed>) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5068] close(3 [pid 5066] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5068] <... close resumed>) = 0 [pid 5066] umount2("./13/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... openat resumed>) = 3 [ 102.168213][ T6426] BTRFS info (device loop4): enabling auto defrag [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5065] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 6474 attached ) = 0 [pid 6474] set_robust_list(0x555556d0c660, 24 [pid 5068] <... clone resumed>, child_tidptr=0x555556d0c650) = 6474 [pid 5065] close(3 [pid 6474] <... set_robust_list resumed>) = 0 [pid 5065] <... close resumed>) = 0 [pid 6474] chdir("./13" [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6474] <... chdir resumed>) = 0 ./strace-static-x86_64: Process 6475 attached [pid 6474] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6475] set_robust_list(0x555556d0c660, 24 [pid 6474] setpgid(0, 0 [pid 5065] <... clone resumed>, child_tidptr=0x555556d0c650) = 6475 [pid 6475] <... set_robust_list resumed>) = 0 [pid 6475] chdir("./14") = 0 [pid 6475] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6475] setpgid(0, 0) = 0 [pid 6475] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6474] <... setpgid resumed>) = 0 [ 102.220091][ T6426] BTRFS info (device loop4): enabling disk space caching [pid 6474] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6474] write(3, "1000", 4) = 4 [pid 6475] write(3, "1000", 4 [pid 6474] close(3 [pid 6475] <... write resumed>) = 4 [pid 6474] <... close resumed>) = 0 [pid 6474] symlink("/dev/binderfs", "./binderfs" [pid 6475] close(3) = 0 [pid 6474] <... symlink resumed>) = 0 [pid 6475] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6475] memfd_create("syzkaller", 0) = 3 [pid 6475] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6474] memfd_create("syzkaller", 0 [pid 6475] <... mmap resumed>) = 0x7f716ab16000 [pid 6474] <... memfd_create resumed>) = 3 [pid 6474] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [ 102.262601][ T6426] BTRFS info (device loop4): max_inline at 0 [ 102.306281][ T6426] BTRFS info (device loop4): force clearing of disk cache [pid 6471] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5066] <... umount2 resumed>) = 0 [pid 5066] umount2("./13/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] newfstatat(AT_FDCWD, "./13/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] umount2("./13/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./13/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5066] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 5066] rmdir("./13/bus") = 0 [pid 5066] umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 102.378662][ T6426] BTRFS info (device loop4): turning on sync discard [ 102.402791][ T6426] BTRFS info (device loop4): disk space caching is enabled [pid 5066] newfstatat(AT_FDCWD, "./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] unlink("./13/binderfs") = 0 [pid 5066] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./13") = 0 [pid 5066] mkdir("./14", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = 0 [pid 5066] close(3) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d0c650) = 6483 ./strace-static-x86_64: Process 6483 attached [pid 6483] set_robust_list(0x555556d0c660, 24) = 0 [pid 6483] chdir("./14") = 0 [pid 6483] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6483] setpgid(0, 0) = 0 [pid 6483] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6483] write(3, "1000", 4) = 4 [pid 6483] close(3) = 0 [pid 6483] symlink("/dev/binderfs", "./binderfs") = 0 [ 102.556236][ T6426] BTRFS info (device loop4): enabling ssd optimizations [ 102.564885][ T6426] BTRFS info (device loop4): rebuilding free space tree [ 102.578668][ T6426] BTRFS info (device loop4): disabling free space tree [ 102.585847][ T6426] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [pid 6483] memfd_create("syzkaller", 0) = 3 [ 102.598761][ T6426] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [pid 6483] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 6452] <... write resumed>) = 16777216 [pid 6474] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6452] munmap(0x7f716ab16000, 138412032 [pid 6426] <... mount resumed>) = 0 [pid 6452] <... munmap resumed>) = 0 [pid 6426] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6452] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 6426] chdir("./bus") = 0 [pid 6452] <... openat resumed>) = 4 [pid 6426] ioctl(4, LOOP_CLR_FD [pid 6452] ioctl(4, LOOP_SET_FD, 3 [pid 6426] <... ioctl resumed>) = 0 [pid 6426] close(4) = 0 [pid 6426] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6426] pwrite64(4, "2", 1, 55022 [pid 6475] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6452] <... ioctl resumed>) = 0 [pid 6452] close(3) = 0 [pid 6452] mkdir("./bus", 0777 [pid 6426] <... pwrite64 resumed>) = 1 [pid 6426] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 6452] <... mkdir resumed>) = 0 [ 102.764051][ T6452] loop5: detected capacity change from 0 to 32768 [pid 6452] mount("/dev/loop5", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 6426] <... openat resumed>) = 5 [pid 6426] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 6426] ftruncate(5, 43006) = 0 [pid 6426] exit_group(0) = ? [pid 6426] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6426, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=39 /* 0.39 s */} --- [pid 5069] umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 102.851100][ T6452] BTRFS: device /dev/loop5 using temp-fsid a6661966-cb43-4182-a1c2-b4aa2865c090 [ 102.860320][ T6452] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 scanned by syz-executor383 (6452) [pid 6483] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5069] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [ 102.923495][ T6452] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm [ 102.962170][ T6452] BTRFS info (device loop5): enabling auto defrag [pid 5069] umount2("./13/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6471] <... write resumed>) = 16777216 [ 103.010602][ T6452] BTRFS info (device loop5): enabling disk space caching [ 103.017707][ T6452] BTRFS info (device loop5): max_inline at 0 [pid 6471] munmap(0x7f716ab16000, 138412032) = 0 [pid 6471] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6471] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6471] close(3) = 0 [pid 6471] mkdir("./bus", 0777) = 0 [ 103.080639][ T6452] BTRFS info (device loop5): force clearing of disk cache [ 103.091014][ T6452] BTRFS info (device loop5): turning on sync discard [ 103.108531][ T6452] BTRFS info (device loop5): disk space caching is enabled [ 103.116113][ T6471] loop2: detected capacity change from 0 to 32768 [pid 6471] mount("/dev/loop2", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5069] <... umount2 resumed>) = 0 [pid 6483] <... write resumed>) = 16777216 [pid 5069] umount2("./13/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6483] munmap(0x7f716ab16000, 138412032 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] newfstatat(AT_FDCWD, "./13/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] umount2("./13/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 103.157870][ T6471] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz-executor383 (6471) [pid 5069] openat(AT_FDCWD, "./13/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6483] <... munmap resumed>) = 0 [pid 5069] <... openat resumed>) = 4 [pid 6483] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5069] newfstatat(4, "", [pid 6483] <... openat resumed>) = 4 [pid 6483] ioctl(4, LOOP_SET_FD, 3 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6483] <... ioctl resumed>) = 0 [pid 5069] getdents64(4, [pid 6483] close(3 [pid 5069] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 6483] <... close resumed>) = 0 [pid 5069] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 6483] mkdir("./bus", 0777 [pid 5069] close(4) = 0 [pid 5069] rmdir("./13/bus") = 0 [pid 5069] umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] newfstatat(AT_FDCWD, "./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6483] <... mkdir resumed>) = 0 [pid 5069] unlink("./13/binderfs") = 0 [pid 5069] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./13") = 0 [pid 5069] mkdir("./14", 0777) = 0 [ 103.217931][ T6471] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm [ 103.226574][ T6471] BTRFS info (device loop2): enabling auto defrag [ 103.233997][ T6483] loop1: detected capacity change from 0 to 32768 [pid 5069] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6483] mount("/dev/loop1", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5069] <... openat resumed>) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = 0 [pid 5069] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6507 attached [pid 6507] set_robust_list(0x555556d0c660, 24) = 0 [pid 6507] chdir("./14" [pid 6474] <... write resumed>) = 16777216 [pid 6507] <... chdir resumed>) = 0 [pid 5069] <... clone resumed>, child_tidptr=0x555556d0c650) = 6507 [ 103.270255][ T6471] BTRFS info (device loop2): enabling disk space caching [ 103.279240][ T6471] BTRFS info (device loop2): max_inline at 0 [ 103.286770][ T6483] BTRFS: device /dev/loop1 using temp-fsid ed687d8b-fcdd-45f6-aad2-8e573dbe5437 [ 103.296347][ T6483] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz-executor383 (6483) [pid 6507] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6474] munmap(0x7f716ab16000, 138412032 [pid 6507] setpgid(0, 0 [pid 6474] <... munmap resumed>) = 0 [pid 6507] <... setpgid resumed>) = 0 [pid 6507] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6507] write(3, "1000", 4) = 4 [pid 6507] close(3) = 0 [pid 6507] symlink("/dev/binderfs", "./binderfs" [pid 6474] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6507] <... symlink resumed>) = 0 [pid 6474] <... openat resumed>) = 4 [pid 6507] memfd_create("syzkaller", 0 [pid 6474] ioctl(4, LOOP_SET_FD, 3 [pid 6507] <... memfd_create resumed>) = 3 [ 103.323065][ T6483] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm [ 103.342733][ T6452] BTRFS info (device loop5): enabling ssd optimizations [ 103.342778][ T6471] BTRFS info (device loop2): force clearing of disk cache [ 103.357519][ T6471] BTRFS info (device loop2): turning on sync discard [ 103.363999][ T6474] loop3: detected capacity change from 0 to 32768 [pid 6507] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 6475] <... write resumed>) = 16777216 [pid 6474] <... ioctl resumed>) = 0 [pid 6474] close(3) = 0 [pid 6474] mkdir("./bus", 0777) = 0 [ 103.364787][ T6471] BTRFS info (device loop2): disk space caching is enabled [ 103.391497][ T6483] BTRFS info (device loop1): enabling auto defrag [ 103.402389][ T6452] BTRFS info (device loop5): rebuilding free space tree [ 103.414048][ T6483] BTRFS info (device loop1): enabling disk space caching [pid 6475] munmap(0x7f716ab16000, 138412032) = 0 [pid 6474] mount("/dev/loop3", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 6475] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 103.428127][ T6474] BTRFS: device /dev/loop3 using temp-fsid fe569058-df4d-4c0d-b291-4dd7a7045b7d [ 103.438947][ T6475] loop0: detected capacity change from 0 to 32768 [ 103.452314][ T6483] BTRFS info (device loop1): max_inline at 0 [ 103.458328][ T6483] BTRFS info (device loop1): force clearing of disk cache [pid 6475] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6475] close(3) = 0 [pid 6475] mkdir("./bus", 0777) = 0 [ 103.471188][ T6474] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz-executor383 (6474) [ 103.484013][ T6452] BTRFS info (device loop5): disabling free space tree [ 103.491644][ T6452] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 103.501917][ T6452] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 103.503006][ T6483] BTRFS info (device loop1): turning on sync discard [pid 6475] mount("/dev/loop0", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 6452] <... mount resumed>) = 0 [pid 6452] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6452] chdir("./bus") = 0 [pid 6452] ioctl(4, LOOP_CLR_FD) = 0 [pid 6452] close(4) = 0 [pid 6452] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [ 103.540679][ T6474] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm [ 103.552429][ T6475] BTRFS: device /dev/loop0 using temp-fsid c7ca8787-7fff-46d7-a8ce-4c16d1dd580c [pid 6452] pwrite64(4, "2", 1, 55022) = 1 [pid 6452] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [ 103.588400][ T6474] BTRFS info (device loop3): enabling auto defrag [ 103.610748][ T6483] BTRFS info (device loop1): disk space caching is enabled [ 103.620983][ T6475] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz-executor383 (6475) [pid 6452] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 6452] ftruncate(5, 43006) = 0 [pid 6452] exit_group(0) = ? [pid 6452] +++ exited with 0 +++ [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6452, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=36 /* 0.36 s */} --- [pid 5070] umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5070] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [ 103.650813][ T6474] BTRFS info (device loop3): enabling disk space caching [ 103.657889][ T6474] BTRFS info (device loop3): max_inline at 0 [ 103.689111][ T6475] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm [pid 5070] umount2("./13/bus", MNT_DETACH|UMOUNT_NOFOLLOW [ 103.725448][ T6471] BTRFS info (device loop2): enabling ssd optimizations [pid 6507] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6471] <... mount resumed>) = 0 [pid 6471] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6471] chdir("./bus") = 0 [pid 6471] ioctl(4, LOOP_CLR_FD) = 0 [pid 6471] close(4) = 0 [pid 6471] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6471] pwrite64(4, "2", 1, 55022) = 1 [pid 5070] <... umount2 resumed>) = 0 [pid 6471] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5070] umount2("./13/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6471] <... openat resumed>) = 5 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6471] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5070] newfstatat(AT_FDCWD, "./13/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] umount2("./13/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6471] <... write resumed>) = 65191 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6471] ftruncate(5, 43006 [pid 5070] openat(AT_FDCWD, "./13/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6471] <... ftruncate resumed>) = 0 [pid 5070] <... openat resumed>) = 4 [pid 6471] exit_group(0 [pid 5070] newfstatat(4, "", [pid 6471] <... exit_group resumed>) = ? [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 6471] +++ exited with 0 +++ [pid 5070] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6471, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=33 /* 0.33 s */} --- [pid 5070] close(4) = 0 [pid 5070] rmdir("./13/bus" [pid 5067] umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] <... rmdir resumed>) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] <... openat resumed>) = 3 [pid 5070] newfstatat(AT_FDCWD, "./13/binderfs", [pid 5067] newfstatat(3, "", [pid 5070] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5067] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] unlink("./13/binderfs" [pid 5067] getdents64(3, [pid 5070] <... unlink resumed>) = 0 [pid 5067] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5067] umount2("./14/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5070] close(3) = 0 [pid 5070] rmdir("./13") = 0 [pid 5070] mkdir("./14", 0777) = 0 [pid 5070] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5070] ioctl(3, LOOP_CLR_FD) = 0 [pid 5070] close(3) = 0 [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6574 attached [pid 6483] <... mount resumed>) = 0 [pid 6483] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5070] <... clone resumed>, child_tidptr=0x555556d0c650) = 6574 [pid 6574] set_robust_list(0x555556d0c660, 24 [pid 6483] <... openat resumed>) = 3 [pid 6574] <... set_robust_list resumed>) = 0 [pid 6474] <... mount resumed>) = 0 [pid 6483] chdir("./bus" [pid 6574] chdir("./14" [pid 6483] <... chdir resumed>) = 0 [pid 6483] ioctl(4, LOOP_CLR_FD) = 0 [pid 6474] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 6483] close(4 [pid 6574] <... chdir resumed>) = 0 [pid 6483] <... close resumed>) = 0 [pid 6474] <... openat resumed>) = 3 [pid 6483] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6574] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6574] setpgid(0, 0) = 0 [pid 6574] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6574] write(3, "1000", 4 [pid 6483] <... open resumed>) = 4 [pid 6474] chdir("./bus" [pid 6574] <... write resumed>) = 4 [pid 6574] close(3 [pid 6474] <... chdir resumed>) = 0 [pid 6574] <... close resumed>) = 0 [pid 6574] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6574] memfd_create("syzkaller", 0 [pid 6474] ioctl(4, LOOP_CLR_FD [pid 6574] <... memfd_create resumed>) = 3 [pid 6474] <... ioctl resumed>) = 0 [pid 6474] close(4 [pid 6574] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6483] pwrite64(4, "2", 1, 55022 [pid 6474] <... close resumed>) = 0 [pid 6574] <... mmap resumed>) = 0x7f716ab16000 [pid 6474] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6483] <... pwrite64 resumed>) = 1 [pid 6474] <... open resumed>) = 4 [pid 6474] pwrite64(4, "2", 1, 55022 [pid 6483] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 6475] <... mount resumed>) = 0 [pid 6475] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6483] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 6475] chdir("./bus" [pid 6483] <... write resumed>) = 65191 [pid 6475] <... chdir resumed>) = 0 [pid 6475] ioctl(4, LOOP_CLR_FD) = 0 [pid 6483] ftruncate(5, 43006 [pid 6475] close(4 [pid 6483] <... ftruncate resumed>) = 0 [pid 6475] <... close resumed>) = 0 [pid 6474] <... pwrite64 resumed>) = 1 [pid 6475] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6474] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 6483] exit_group(0) = ? [pid 6475] <... open resumed>) = 4 [pid 6474] <... openat resumed>) = 5 [pid 6483] +++ exited with 0 +++ [pid 6475] pwrite64(4, "2", 1, 55022 [pid 6474] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6483, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=29 /* 0.29 s */} --- [pid 5066] restart_syscall(<... resuming interrupted clone ...> [pid 6474] <... write resumed>) = 65191 [pid 5066] <... restart_syscall resumed>) = 0 [pid 6474] ftruncate(5, 43006 [pid 5066] umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5066] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6474] <... ftruncate resumed>) = 0 [pid 5066] getdents64(3, [pid 6474] exit_group(0 [pid 5066] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5066] umount2("./14/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6474] <... exit_group resumed>) = ? [pid 6474] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6474, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=28 /* 0.28 s */} --- [pid 5068] umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6475] <... pwrite64 resumed>) = 1 [pid 5068] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6475] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5068] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5068] umount2("./13/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6475] <... openat resumed>) = 5 [pid 6475] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 6475] ftruncate(5, 43006) = 0 [pid 6475] exit_group(0) = ? [pid 6475] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6475, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=32 /* 0.32 s */} --- [pid 5065] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5065] umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5065] umount2("./14/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6574] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5066] <... umount2 resumed>) = 0 [pid 5066] umount2("./14/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] newfstatat(AT_FDCWD, "./14/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] umount2("./14/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./14/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5066] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 5066] rmdir("./14/bus") = 0 [pid 5066] umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] newfstatat(AT_FDCWD, "./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] unlink("./14/binderfs") = 0 [pid 5066] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./14") = 0 [pid 5066] mkdir("./15", 0777 [pid 5068] <... umount2 resumed>) = 0 [pid 5066] <... mkdir resumed>) = 0 [pid 5068] umount2("./13/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] newfstatat(AT_FDCWD, "./13/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] umount2("./13/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... openat resumed>) = 3 [pid 5068] openat(AT_FDCWD, "./13/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] ioctl(3, LOOP_CLR_FD [pid 5068] <... openat resumed>) = 4 [pid 5066] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5068] newfstatat(4, "", [pid 5066] close(3 [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5066] <... close resumed>) = 0 [pid 5068] getdents64(4, [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5066] <... clone resumed>, child_tidptr=0x555556d0c650) = 6577 ./strace-static-x86_64: Process 6577 attached [pid 5068] rmdir("./13/bus" [pid 6577] set_robust_list(0x555556d0c660, 24 [pid 5068] <... rmdir resumed>) = 0 [pid 5068] umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] newfstatat(AT_FDCWD, "./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] unlink("./13/binderfs") = 0 [pid 5068] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5068] close(3 [pid 6577] <... set_robust_list resumed>) = 0 [pid 5068] <... close resumed>) = 0 [pid 5068] rmdir("./13") = 0 [pid 5068] mkdir("./14", 0777) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD) = 0 [pid 5068] close(3) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6577] chdir("./15" [pid 5068] <... clone resumed>, child_tidptr=0x555556d0c650) = 6578 [pid 6577] <... chdir resumed>) = 0 ./strace-static-x86_64: Process 6578 attached [pid 6578] set_robust_list(0x555556d0c660, 24) = 0 [pid 6578] chdir("./14" [pid 6577] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6578] <... chdir resumed>) = 0 [pid 6577] setpgid(0, 0 [pid 6578] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6578] setpgid(0, 0) = 0 [pid 6578] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6578] write(3, "1000", 4) = 4 [pid 6578] close(3) = 0 [pid 6578] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6578] memfd_create("syzkaller", 0) = 3 [pid 6578] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 5065] <... umount2 resumed>) = 0 [pid 6577] <... setpgid resumed>) = 0 [pid 5065] umount2("./14/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6577] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6577] <... openat resumed>) = 3 [pid 5065] newfstatat(AT_FDCWD, "./14/bus", [pid 6507] <... write resumed>) = 16777216 [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6577] write(3, "1000", 4 [pid 5065] umount2("./14/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6577] <... write resumed>) = 4 [pid 5067] <... umount2 resumed>) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6577] close(3) = 0 [pid 5065] openat(AT_FDCWD, "./14/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6577] symlink("/dev/binderfs", "./binderfs" [pid 5065] <... openat resumed>) = 4 [pid 6577] <... symlink resumed>) = 0 [pid 6507] munmap(0x7f716ab16000, 138412032 [pid 5065] newfstatat(4, "", [pid 5067] umount2("./14/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] newfstatat(AT_FDCWD, "./14/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5067] umount2("./14/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./14/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] newfstatat(4, "", [pid 5065] getdents64(4, [pid 5067] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5067] getdents64(4, [pid 5065] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 6577] memfd_create("syzkaller", 0 [pid 5067] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, [pid 5067] getdents64(4, [pid 5065] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5065] close(4 [pid 5067] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5065] <... close resumed>) = 0 [pid 5067] close(4) = 0 [pid 5065] rmdir("./14/bus" [pid 5067] rmdir("./14/bus") = 0 [pid 5065] <... rmdir resumed>) = 0 [pid 5067] umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] newfstatat(AT_FDCWD, "./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] unlink("./14/binderfs" [pid 6577] <... memfd_create resumed>) = 3 [pid 5067] <... unlink resumed>) = 0 [pid 6577] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5067] getdents64(3, [pid 6577] <... mmap resumed>) = 0x7f716ab16000 [pid 5067] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 6507] <... munmap resumed>) = 0 [pid 5067] close(3 [pid 5065] newfstatat(AT_FDCWD, "./14/binderfs", [pid 5067] <... close resumed>) = 0 [pid 5065] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6507] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5067] rmdir("./14" [pid 5065] unlink("./14/binderfs" [pid 6507] <... openat resumed>) = 4 [pid 6507] ioctl(4, LOOP_SET_FD, 3 [pid 5067] <... rmdir resumed>) = 0 [pid 5065] <... unlink resumed>) = 0 [pid 5065] getdents64(3, [pid 5067] mkdir("./15", 0777 [pid 5065] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5067] <... mkdir resumed>) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5065] close(3 [pid 5067] <... clone resumed>, child_tidptr=0x555556d0c650) = 6579 [pid 5065] <... close resumed>) = 0 [pid 5065] rmdir("./14") = 0 [pid 5065] mkdir("./15", 0777) = 0 ./strace-static-x86_64: Process 6579 attached [pid 5065] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6579] set_robust_list(0x555556d0c660, 24 [pid 5065] <... openat resumed>) = 3 [pid 6579] <... set_robust_list resumed>) = 0 [pid 5065] ioctl(3, LOOP_CLR_FD [pid 6579] chdir("./15" [pid 6507] <... ioctl resumed>) = 0 [pid 5065] <... ioctl resumed>) = 0 [pid 6579] <... chdir resumed>) = 0 [pid 6507] close(3 [pid 5065] close(3 [pid 6579] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6507] <... close resumed>) = 0 [pid 6579] <... prctl resumed>) = 0 [pid 5065] <... close resumed>) = 0 [pid 6507] mkdir("./bus", 0777 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6579] setpgid(0, 0./strace-static-x86_64: Process 6580 attached ) = 0 [pid 6507] <... mkdir resumed>) = 0 [pid 6579] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6580] set_robust_list(0x555556d0c660, 24 [ 104.705853][ T6507] loop4: detected capacity change from 0 to 32768 [pid 6507] mount("/dev/loop4", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 6580] <... set_robust_list resumed>) = 0 [pid 6579] <... openat resumed>) = 3 [pid 5065] <... clone resumed>, child_tidptr=0x555556d0c650) = 6580 [pid 6580] chdir("./15" [pid 6579] write(3, "1000", 4 [pid 6580] <... chdir resumed>) = 0 [pid 6579] <... write resumed>) = 4 [pid 6580] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6579] close(3) = 0 [pid 6580] <... prctl resumed>) = 0 [pid 6580] setpgid(0, 0 [pid 6579] symlink("/dev/binderfs", "./binderfs" [pid 6580] <... setpgid resumed>) = 0 [pid 6579] <... symlink resumed>) = 0 [pid 6580] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 104.764949][ T6507] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz-executor383 (6507) [pid 6580] write(3, "1000", 4 [pid 6579] memfd_create("syzkaller", 0 [pid 6580] <... write resumed>) = 4 [pid 6579] <... memfd_create resumed>) = 3 [pid 6580] close(3 [pid 6579] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 6580] <... close resumed>) = 0 [pid 6580] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6580] memfd_create("syzkaller", 0) = 3 [pid 6580] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 6578] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6577] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6574] <... write resumed>) = 16777216 [pid 6574] munmap(0x7f716ab16000, 138412032) = 0 [pid 6574] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 6574] ioctl(4, LOOP_SET_FD, 3 [pid 6579] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6574] <... ioctl resumed>) = 0 [pid 6574] close(3) = 0 [pid 6574] mkdir("./bus", 0777) = 0 [ 105.091929][ T6574] loop5: detected capacity change from 0 to 32768 [ 105.142384][ T6574] BTRFS: device /dev/loop5 using temp-fsid 50036a98-c6ff-4926-b40f-a7635eebcb59 [pid 6574] mount("/dev/loop5", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 6507] <... mount resumed>) = 0 [pid 6507] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6507] chdir("./bus") = 0 [pid 6507] ioctl(4, LOOP_CLR_FD) = 0 [pid 6507] close(4) = 0 [ 105.191835][ T6574] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 scanned by syz-executor383 (6574) [pid 6507] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6507] pwrite64(4, "2", 1, 55022 [pid 6580] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6507] <... pwrite64 resumed>) = 1 [pid 6507] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 6507] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 6507] ftruncate(5, 43006) = 0 [pid 6507] exit_group(0) = ? [pid 6507] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6507, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=25 /* 0.25 s */} --- [pid 5069] umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5069] umount2("./14/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6577] <... write resumed>) = 16777216 [pid 6577] munmap(0x7f716ab16000, 138412032 [pid 6574] <... mount resumed>) = 0 [pid 6574] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6574] chdir("./bus") = 0 [pid 6574] ioctl(4, LOOP_CLR_FD) = 0 [pid 6574] close(4 [pid 6577] <... munmap resumed>) = 0 [pid 6574] <... close resumed>) = 0 [pid 5069] <... umount2 resumed>) = 0 [pid 6574] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6574] pwrite64(4, "2", 1, 55022) = 1 [pid 5069] umount2("./14/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6574] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 6574] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6577] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6577] ioctl(4, LOOP_SET_FD, 3 [pid 5069] newfstatat(AT_FDCWD, "./14/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6577] <... ioctl resumed>) = 0 [pid 6574] ftruncate(5, 43006 [pid 6578] <... write resumed>) = 16777216 [pid 6577] close(3 [pid 6574] <... ftruncate resumed>) = 0 [pid 6577] <... close resumed>) = 0 [pid 6574] exit_group(0 [pid 6577] mkdir("./bus", 0777 [pid 6574] <... exit_group resumed>) = ? [pid 6577] <... mkdir resumed>) = 0 [pid 6574] +++ exited with 0 +++ [pid 5069] umount2("./14/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6577] mount("/dev/loop1", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6574, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=25 /* 0.25 s */} --- [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6578] munmap(0x7f716ab16000, 138412032 [pid 5069] openat(AT_FDCWD, "./14/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] newfstatat(4, "", [pid 5070] umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] getdents64(4, [pid 5070] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6578] <... munmap resumed>) = 0 [pid 5070] <... openat resumed>) = 3 [pid 5069] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5070] newfstatat(3, "", [pid 5069] getdents64(4, [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5069] close(4 [pid 5070] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5069] <... close resumed>) = 0 [pid 5070] umount2("./14/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] rmdir("./14/bus") = 0 [pid 5069] umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] newfstatat(AT_FDCWD, "./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 105.583630][ T6577] loop1: detected capacity change from 0 to 32768 [ 105.614544][ T6577] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz-executor383 (6577) [pid 6578] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5069] unlink("./14/binderfs" [pid 6578] ioctl(4, LOOP_SET_FD, 3 [pid 5069] <... unlink resumed>) = 0 [pid 5069] getdents64(3, [pid 6578] <... ioctl resumed>) = 0 [pid 5069] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./14" [pid 6578] close(3) = 0 [pid 5069] <... rmdir resumed>) = 0 [pid 5069] mkdir("./15", 0777 [pid 6578] mkdir("./bus", 0777) = 0 [pid 5069] <... mkdir resumed>) = 0 [pid 6578] mount("/dev/loop3", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [ 105.642747][ T6578] loop3: detected capacity change from 0 to 32768 [ 105.660972][ T6577] _btrfs_printk: 52 callbacks suppressed [ 105.660983][ T6577] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm [pid 5069] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6579] <... write resumed>) = 16777216 [pid 5069] <... openat resumed>) = 3 [pid 6579] munmap(0x7f716ab16000, 138412032 [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5069] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6612 attached , child_tidptr=0x555556d0c650) = 6612 [ 105.690830][ T6578] BTRFS: device /dev/loop3 using temp-fsid 3d3040c8-5ada-4021-901e-eac632bb5985 [ 105.699911][ T6578] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz-executor383 (6578) [ 105.714821][ T6577] BTRFS info (device loop1): enabling auto defrag [ 105.731256][ T6577] BTRFS info (device loop1): enabling disk space caching [pid 6612] set_robust_list(0x555556d0c660, 24) = 0 [pid 6612] chdir("./15") = 0 [pid 6612] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6579] <... munmap resumed>) = 0 [pid 6579] openat(AT_FDCWD, "/dev/loop2", O_RDWR [ 105.752040][ T6577] BTRFS info (device loop1): max_inline at 0 [ 105.769083][ T6577] BTRFS info (device loop1): force clearing of disk cache [ 105.784594][ T6578] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm [ 105.793580][ T6577] BTRFS info (device loop1): turning on sync discard [pid 6612] setpgid(0, 0) = 0 [pid 6580] <... write resumed>) = 16777216 [pid 6579] <... openat resumed>) = 4 [pid 6579] ioctl(4, LOOP_SET_FD, 3 [pid 6612] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6580] munmap(0x7f716ab16000, 138412032 [pid 6612] <... openat resumed>) = 3 [pid 6612] write(3, "1000", 4) = 4 [pid 6580] <... munmap resumed>) = 0 [pid 5070] <... umount2 resumed>) = 0 [pid 6612] close(3 [pid 6580] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6579] <... ioctl resumed>) = 0 [pid 5070] umount2("./14/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6612] <... close resumed>) = 0 [pid 6580] <... openat resumed>) = 4 [pid 6579] close(3 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6612] symlink("/dev/binderfs", "./binderfs" [pid 6580] ioctl(4, LOOP_SET_FD, 3 [pid 6579] <... close resumed>) = 0 [pid 5070] newfstatat(AT_FDCWD, "./14/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 105.793610][ T6577] BTRFS info (device loop1): disk space caching is enabled [ 105.813397][ T6579] loop2: detected capacity change from 0 to 32768 [ 105.833970][ T6578] BTRFS info (device loop3): enabling auto defrag [pid 6579] mkdir("./bus", 0777 [pid 6612] <... symlink resumed>) = 0 [pid 6579] <... mkdir resumed>) = 0 [pid 5070] umount2("./14/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6612] memfd_create("syzkaller", 0 [pid 6579] mount("/dev/loop2", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] openat(AT_FDCWD, "./14/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5070] newfstatat(4, "", [pid 6612] <... memfd_create resumed>) = 3 [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] getdents64(4, [pid 6612] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6580] <... ioctl resumed>) = 0 [pid 5070] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 6612] <... mmap resumed>) = 0x7f716ab16000 [pid 6580] close(3 [pid 5070] getdents64(4, [pid 6580] <... close resumed>) = 0 [pid 5070] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 6580] mkdir("./bus", 0777) = 0 [pid 6580] mount("/dev/loop0", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5070] close(4) = 0 [pid 5070] rmdir("./14/bus") = 0 [pid 5070] umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] newfstatat(AT_FDCWD, "./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 105.852845][ T6580] loop0: detected capacity change from 0 to 32768 [ 105.853265][ T6578] BTRFS info (device loop3): enabling disk space caching [ 105.869693][ T6579] BTRFS: device /dev/loop2 using temp-fsid 57a8b6c0-860f-4188-9bfd-b7ae10c96fb8 [ 105.881123][ T6578] BTRFS info (device loop3): max_inline at 0 [pid 5070] unlink("./14/binderfs") = 0 [pid 5070] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5070] close(3) = 0 [pid 5070] rmdir("./14") = 0 [pid 5070] mkdir("./15", 0777) = 0 [pid 5070] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5070] ioctl(3, LOOP_CLR_FD) = 0 [pid 5070] close(3) = 0 [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d0c650) = 6632 ./strace-static-x86_64: Process 6632 attached [pid 6632] set_robust_list(0x555556d0c660, 24) = 0 [pid 6632] chdir("./15") = 0 [pid 6632] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 105.911084][ T6578] BTRFS info (device loop3): force clearing of disk cache [ 105.918359][ T6578] BTRFS info (device loop3): turning on sync discard [ 105.920930][ T6579] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz-executor383 (6579) [ 105.925319][ T6578] BTRFS info (device loop3): disk space caching is enabled [pid 6632] setpgid(0, 0) = 0 [pid 6632] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6632] write(3, "1000", 4) = 4 [pid 6632] close(3) = 0 [pid 6632] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6632] memfd_create("syzkaller", 0) = 3 [pid 6632] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [ 105.986437][ T6579] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm [ 106.002148][ T6580] BTRFS: device /dev/loop0 using temp-fsid 67693e66-9b16-487d-92ea-c34c6ee374a4 [ 106.013487][ T6580] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz-executor383 (6580) [ 106.026344][ T6579] BTRFS info (device loop2): enabling auto defrag [ 106.054035][ T6579] BTRFS info (device loop2): enabling disk space caching [ 106.063932][ T6580] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm [ 106.070582][ T6579] BTRFS info (device loop2): max_inline at 0 [ 106.079753][ T6579] BTRFS info (device loop2): force clearing of disk cache [ 106.080314][ T6580] BTRFS info (device loop0): enabling auto defrag [ 106.098522][ T6579] BTRFS info (device loop2): turning on sync discard [ 106.098619][ T6577] BTRFS info (device loop1): enabling ssd optimizations [ 106.110597][ T6579] BTRFS info (device loop2): disk space caching is enabled [ 106.131637][ T6578] BTRFS info (device loop3): enabling ssd optimizations [ 106.140473][ T6577] BTRFS info (device loop1): rebuilding free space tree [ 106.148288][ T6580] BTRFS info (device loop0): enabling disk space caching [ 106.150738][ T6578] BTRFS info (device loop3): rebuilding free space tree [ 106.171534][ T6578] BTRFS info (device loop3): disabling free space tree [ 106.178451][ T6578] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 106.191073][ T6580] BTRFS info (device loop0): max_inline at 0 [ 106.197069][ T6580] BTRFS info (device loop0): force clearing of disk cache [pid 6612] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6578] <... mount resumed>) = 0 [pid 6578] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6578] chdir("./bus") = 0 [pid 6578] ioctl(4, LOOP_CLR_FD) = 0 [ 106.204762][ T6580] BTRFS info (device loop0): turning on sync discard [ 106.211496][ T6580] BTRFS info (device loop0): disk space caching is enabled [ 106.219435][ T6578] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 106.221416][ T6577] BTRFS info (device loop1): disabling free space tree [pid 6578] close(4) = 0 [pid 6578] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [ 106.267481][ T6579] BTRFS info (device loop2): enabling ssd optimizations [ 106.282679][ T6577] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [pid 6578] pwrite64(4, "2", 1, 55022) = 1 [pid 6578] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 6578] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 6632] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6578] ftruncate(5, 43006) = 0 [ 106.312457][ T6579] BTRFS info (device loop2): rebuilding free space tree [ 106.341688][ T6577] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [pid 6578] exit_group(0) = ? [pid 6578] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6578, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=41 /* 0.41 s */} --- [pid 5068] umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [ 106.391776][ T6580] BTRFS info (device loop0): enabling ssd optimizations [ 106.400814][ T6579] BTRFS info (device loop2): disabling free space tree [ 106.407800][ T6579] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [pid 5068] umount2("./14/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6577] <... mount resumed>) = 0 [pid 6577] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6612] <... write resumed>) = 16777216 [pid 6577] chdir("./bus" [pid 6612] munmap(0x7f716ab16000, 138412032 [pid 6577] <... chdir resumed>) = 0 [pid 6612] <... munmap resumed>) = 0 [ 106.452474][ T6580] BTRFS info (device loop0): rebuilding free space tree [ 106.492246][ T6579] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [pid 6577] ioctl(4, LOOP_CLR_FD [pid 6612] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6577] <... ioctl resumed>) = 0 [pid 6577] close(4 [pid 6612] <... openat resumed>) = 4 [pid 6577] <... close resumed>) = 0 [pid 6612] ioctl(4, LOOP_SET_FD, 3 [pid 6577] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6612] <... ioctl resumed>) = 0 [pid 6577] pwrite64(4, "2", 1, 55022 [pid 6612] close(3) = 0 [ 106.527524][ T6580] BTRFS info (device loop0): disabling free space tree [ 106.544010][ T6612] loop4: detected capacity change from 0 to 32768 [pid 6612] mkdir("./bus", 0777) = 0 [pid 6577] <... pwrite64 resumed>) = 1 [pid 6577] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 6612] mount("/dev/loop4", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 6577] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [ 106.578040][ T6580] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 106.602235][ T6612] BTRFS: device /dev/loop4 using temp-fsid 9f9c105e-5f00-4837-ab51-3a279adc59e1 [pid 6577] ftruncate(5, 43006 [pid 5068] <... umount2 resumed>) = 0 [pid 5068] umount2("./14/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] newfstatat(AT_FDCWD, "./14/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] umount2("./14/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./14/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5068] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 6577] <... ftruncate resumed>) = 0 [pid 5068] close(4) = 0 [pid 5068] rmdir("./14/bus" [pid 6577] exit_group(0 [pid 5068] <... rmdir resumed>) = 0 [pid 6579] <... mount resumed>) = 0 [pid 6579] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 6577] <... exit_group resumed>) = ? [pid 5068] umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6579] <... openat resumed>) = 3 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6579] chdir("./bus" [pid 5068] newfstatat(AT_FDCWD, "./14/binderfs", [pid 6579] <... chdir resumed>) = 0 [pid 5068] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6579] ioctl(4, LOOP_CLR_FD [pid 5068] unlink("./14/binderfs" [pid 6579] <... ioctl resumed>) = 0 [pid 5068] <... unlink resumed>) = 0 [pid 6579] close(4) = 0 [pid 6577] +++ exited with 0 +++ [pid 5068] getdents64(3, [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6577, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=36 /* 0.36 s */} --- [pid 5068] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5068] close(3 [pid 6579] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] <... close resumed>) = 0 [pid 5068] rmdir("./14") = 0 [pid 6579] <... open resumed>) = 4 [pid 5066] umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] mkdir("./15", 0777) = 0 [pid 5066] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5066] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5066] umount2("./15/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6579] pwrite64(4, "2", 1, 55022 [pid 5068] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD) = 0 [pid 5068] close(3) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6676 attached [pid 6676] set_robust_list(0x555556d0c660, 24 [pid 5068] <... clone resumed>, child_tidptr=0x555556d0c650) = 6676 [pid 6676] <... set_robust_list resumed>) = 0 [pid 6676] chdir("./15") = 0 [ 106.630794][ T6580] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 106.648725][ T6612] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz-executor383 (6612) [pid 6676] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6676] setpgid(0, 0) = 0 [pid 6580] <... mount resumed>) = 0 [pid 6676] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6580] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 6676] <... openat resumed>) = 3 [pid 6580] <... openat resumed>) = 3 [pid 6676] write(3, "1000", 4 [pid 6580] chdir("./bus" [pid 6676] <... write resumed>) = 4 [pid 6676] close(3 [pid 6580] <... chdir resumed>) = 0 [pid 6580] ioctl(4, LOOP_CLR_FD [pid 6676] <... close resumed>) = 0 [pid 6676] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6676] memfd_create("syzkaller", 0) = 3 [pid 6676] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 6580] <... ioctl resumed>) = 0 [pid 6579] <... pwrite64 resumed>) = 1 [pid 6579] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 6579] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 6580] close(4 [pid 6579] <... write resumed>) = 65191 [pid 6580] <... close resumed>) = 0 [pid 6580] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6580] pwrite64(4, "2", 1, 55022 [pid 6579] ftruncate(5, 43006) = 0 [pid 6579] exit_group(0) = ? [pid 6579] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6579, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=36 /* 0.36 s */} --- [ 106.727707][ T6612] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm [pid 5067] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5067] umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6580] <... pwrite64 resumed>) = 1 [pid 5067] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6580] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5067] <... openat resumed>) = 3 [pid 6580] <... openat resumed>) = 5 [pid 5067] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6580] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5067] getdents64(3, [pid 6580] <... write resumed>) = 65191 [pid 5067] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [ 106.789713][ T6612] BTRFS info (device loop4): enabling auto defrag [ 106.822306][ T6612] BTRFS info (device loop4): enabling disk space caching [pid 6580] ftruncate(5, 43006 [pid 5067] umount2("./15/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6632] <... write resumed>) = 16777216 [pid 6580] <... ftruncate resumed>) = 0 [pid 6632] munmap(0x7f716ab16000, 138412032 [pid 6580] exit_group(0) = ? [pid 6580] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6580, si_uid=0, si_status=0, si_utime=7 /* 0.07 s */, si_stime=32 /* 0.32 s */} --- [ 106.871289][ T6612] BTRFS info (device loop4): max_inline at 0 [ 106.888544][ T6612] BTRFS info (device loop4): force clearing of disk cache [pid 5065] umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] getdents64(3, [pid 6632] <... munmap resumed>) = 0 [pid 5065] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 6632] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5066] <... umount2 resumed>) = 0 [pid 5065] umount2("./15/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6632] <... openat resumed>) = 4 [pid 5066] umount2("./15/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6632] ioctl(4, LOOP_SET_FD, 3 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] newfstatat(AT_FDCWD, "./15/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6632] <... ioctl resumed>) = 0 [pid 6632] close(3) = 0 [pid 6632] mkdir("./bus", 0777) = 0 [ 106.962861][ T6612] BTRFS info (device loop4): turning on sync discard [ 106.969735][ T6612] BTRFS info (device loop4): disk space caching is enabled [ 107.001161][ T6632] loop5: detected capacity change from 0 to 32768 [pid 6632] mount("/dev/loop5", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5066] umount2("./15/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./15/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5066] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 5066] rmdir("./15/bus") = 0 [ 107.036822][ T6632] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 scanned by syz-executor383 (6632) [pid 5066] umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... umount2 resumed>) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] umount2("./15/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] newfstatat(AT_FDCWD, "./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] newfstatat(AT_FDCWD, "./15/bus", [pid 5066] unlink("./15/binderfs" [pid 5067] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] <... unlink resumed>) = 0 [pid 5067] umount2("./15/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] getdents64(3, [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5067] openat(AT_FDCWD, "./15/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] close(3) = 0 [pid 5067] <... openat resumed>) = 4 [pid 5066] rmdir("./15" [pid 5067] newfstatat(4, "", [pid 5066] <... rmdir resumed>) = 0 [pid 5067] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5066] mkdir("./16", 0777 [pid 5067] getdents64(4, [pid 5066] <... mkdir resumed>) = 0 [pid 5067] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5066] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5067] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5066] <... openat resumed>) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = 0 [pid 5066] close(3) = 0 [pid 5067] close(4 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5067] <... close resumed>) = 0 [pid 5067] rmdir("./15/bus") = 0 [pid 5066] <... clone resumed>, child_tidptr=0x555556d0c650) = 6690 [pid 5067] umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6690 attached [pid 6690] set_robust_list(0x555556d0c660, 24) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6690] chdir("./16" [pid 5067] newfstatat(AT_FDCWD, "./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5067] unlink("./15/binderfs" [pid 6690] <... chdir resumed>) = 0 [pid 6690] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5067] <... unlink resumed>) = 0 [pid 6690] <... prctl resumed>) = 0 [pid 5067] getdents64(3, [pid 6690] setpgid(0, 0 [pid 5067] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5067] close(3 [pid 6690] <... setpgid resumed>) = 0 [pid 6690] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5067] <... close resumed>) = 0 [pid 5067] rmdir("./15" [pid 6690] write(3, "1000", 4 [pid 5067] <... rmdir resumed>) = 0 [pid 6690] <... write resumed>) = 4 [pid 6690] close(3) = 0 [pid 5067] mkdir("./16", 0777 [pid 5065] <... umount2 resumed>) = 0 [pid 6690] symlink("/dev/binderfs", "./binderfs" [pid 5065] umount2("./15/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6690] <... symlink resumed>) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6690] memfd_create("syzkaller", 0 [pid 5065] newfstatat(AT_FDCWD, "./15/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] umount2("./15/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6690] <... memfd_create resumed>) = 3 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] <... mkdir resumed>) = 0 [pid 5065] openat(AT_FDCWD, "./15/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 6690] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5065] close(4 [pid 6690] <... mmap resumed>) = 0x7f716ab16000 [pid 5065] <... close resumed>) = 0 [ 107.171754][ T6632] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm [ 107.180444][ T6632] BTRFS info (device loop5): enabling auto defrag [ 107.210573][ T6632] BTRFS info (device loop5): enabling disk space caching [pid 5065] rmdir("./15/bus") = 0 [pid 5065] umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] newfstatat(AT_FDCWD, "./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] unlink("./15/binderfs") = 0 [pid 5065] getdents64(3, [pid 5067] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5065] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5065] close(3 [pid 6676] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5065] <... close resumed>) = 0 [pid 5067] <... openat resumed>) = 3 [pid 5065] rmdir("./15") = 0 [pid 5067] ioctl(3, LOOP_CLR_FD [pid 5065] mkdir("./16", 0777) = 0 [pid 5067] <... ioctl resumed>) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = 0 [pid 5065] close(3 [pid 5067] close(3 [pid 5065] <... close resumed>) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6694 attached [pid 5067] <... close resumed>) = 0 [pid 6694] set_robust_list(0x555556d0c660, 24) = 0 [pid 6694] chdir("./16" [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6694] <... chdir resumed>) = 0 [pid 6694] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6694] setpgid(0, 0) = 0 [pid 6694] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5067] <... clone resumed>, child_tidptr=0x555556d0c650) = 6696 [pid 6694] write(3, "1000", 4) = 4 [pid 6694] close(3./strace-static-x86_64: Process 6696 attached ) = 0 [pid 5065] <... clone resumed>, child_tidptr=0x555556d0c650) = 6694 [pid 6696] set_robust_list(0x555556d0c660, 24 [pid 6694] symlink("/dev/binderfs", "./binderfs" [pid 6696] <... set_robust_list resumed>) = 0 [pid 6694] <... symlink resumed>) = 0 [pid 6694] memfd_create("syzkaller", 0 [pid 6696] chdir("./16" [pid 6694] <... memfd_create resumed>) = 3 [ 107.226908][ T6632] BTRFS info (device loop5): max_inline at 0 [ 107.236222][ T6632] BTRFS info (device loop5): force clearing of disk cache [ 107.246966][ T6632] BTRFS info (device loop5): turning on sync discard [ 107.254762][ T6632] BTRFS info (device loop5): disk space caching is enabled [pid 6694] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 6696] <... chdir resumed>) = 0 [pid 6696] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6696] setpgid(0, 0) = 0 [pid 6696] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6696] write(3, "1000", 4) = 4 [pid 6696] close(3) = 0 [pid 6696] symlink("/dev/binderfs", "./binderfs") = 0 [ 107.321293][ T6612] BTRFS info (device loop4): enabling ssd optimizations [pid 6696] memfd_create("syzkaller", 0) = 3 [pid 6696] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [ 107.392742][ T6612] BTRFS info (device loop4): rebuilding free space tree [ 107.480392][ T6612] BTRFS info (device loop4): disabling free space tree [ 107.507308][ T6612] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 107.525402][ T6632] BTRFS info (device loop5): enabling ssd optimizations [ 107.537368][ T6612] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [pid 6612] <... mount resumed>) = 0 [pid 6612] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6612] chdir("./bus") = 0 [pid 6612] ioctl(4, LOOP_CLR_FD) = 0 [ 107.581856][ T6632] BTRFS info (device loop5): rebuilding free space tree [pid 6612] close(4) = 0 [pid 6612] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [ 107.651855][ T6632] BTRFS info (device loop5): disabling free space tree [ 107.668659][ T6632] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [pid 6612] pwrite64(4, "2", 1, 55022) = 1 [pid 6612] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 6612] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 6612] ftruncate(5, 43006) = 0 [pid 6612] exit_group(0) = ? [pid 6612] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6612, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=32 /* 0.32 s */} --- [pid 5069] umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5069] umount2("./15/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6694] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [ 107.700711][ T6632] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [pid 6690] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6696] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6632] <... mount resumed>) = 0 [pid 6632] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5069] <... umount2 resumed>) = 0 [pid 6632] chdir("./bus") = 0 [pid 5069] umount2("./15/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6632] ioctl(4, LOOP_CLR_FD [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6632] <... ioctl resumed>) = 0 [pid 5069] newfstatat(AT_FDCWD, "./15/bus", [pid 6632] close(4 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6632] <... close resumed>) = 0 [pid 5069] umount2("./15/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6632] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6632] <... open resumed>) = 4 [pid 5069] openat(AT_FDCWD, "./15/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6632] pwrite64(4, "2", 1, 55022 [pid 5069] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 6676] <... write resumed>) = 16777216 [pid 6632] <... pwrite64 resumed>) = 1 [pid 5069] rmdir("./15/bus") = 0 [pid 6676] munmap(0x7f716ab16000, 138412032 [pid 6632] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5069] umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] newfstatat(AT_FDCWD, "./15/binderfs", [pid 6632] <... openat resumed>) = 5 [pid 5069] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] unlink("./15/binderfs") = 0 [pid 5069] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 6676] <... munmap resumed>) = 0 [pid 6632] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5069] rmdir("./15" [pid 6632] <... write resumed>) = 65191 [pid 5069] <... rmdir resumed>) = 0 [pid 6632] ftruncate(5, 43006 [pid 6676] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5069] mkdir("./16", 0777) = 0 [pid 6676] <... openat resumed>) = 4 [pid 5069] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6676] ioctl(4, LOOP_SET_FD, 3 [pid 6632] <... ftruncate resumed>) = 0 [pid 5069] <... openat resumed>) = 3 [pid 6676] <... ioctl resumed>) = 0 [pid 6632] exit_group(0 [pid 5069] ioctl(3, LOOP_CLR_FD [pid 6676] close(3 [pid 6632] <... exit_group resumed>) = ? [pid 6676] <... close resumed>) = 0 [pid 5069] <... ioctl resumed>) = 0 [pid 6632] +++ exited with 0 +++ [pid 6676] mkdir("./bus", 0777 [pid 5069] close(3 [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6632, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=33 /* 0.33 s */} --- [pid 5070] umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... close resumed>) = 0 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6676] <... mkdir resumed>) = 0 [pid 5070] <... openat resumed>) = 3 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5070] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5070] umount2("./15/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6676] mount("/dev/loop3", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5069] <... clone resumed>, child_tidptr=0x555556d0c650) = 6715 ./strace-static-x86_64: Process 6715 attached [pid 6715] set_robust_list(0x555556d0c660, 24) = 0 [pid 6715] chdir("./16") = 0 [pid 6715] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6715] setpgid(0, 0) = 0 [pid 6715] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6715] write(3, "1000", 4) = 4 [pid 6715] close(3) = 0 [ 108.040182][ T6676] loop3: detected capacity change from 0 to 32768 [ 108.075913][ T6676] BTRFS: device /dev/loop3 using temp-fsid 19c7e6e9-7c20-41c0-b79b-b0f734b33af8 [pid 6715] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6715] memfd_create("syzkaller", 0) = 3 [pid 6715] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [ 108.120596][ T6676] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz-executor383 (6676) [ 108.260691][ T6676] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm [ 108.269252][ T6676] BTRFS info (device loop3): enabling auto defrag [pid 6694] <... write resumed>) = 16777216 [ 108.301930][ T6676] BTRFS info (device loop3): enabling disk space caching [pid 6694] munmap(0x7f716ab16000, 138412032 [pid 6690] <... write resumed>) = 16777216 [pid 6690] munmap(0x7f716ab16000, 138412032 [pid 6694] <... munmap resumed>) = 0 [pid 6690] <... munmap resumed>) = 0 [pid 5070] <... umount2 resumed>) = 0 [ 108.344080][ T6676] BTRFS info (device loop3): max_inline at 0 [ 108.372713][ T6676] BTRFS info (device loop3): force clearing of disk cache [pid 6694] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6690] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5070] umount2("./15/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] newfstatat(AT_FDCWD, "./15/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] umount2("./15/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] openat(AT_FDCWD, "./15/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5070] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5070] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5070] close(4 [pid 6694] <... openat resumed>) = 4 [pid 6690] <... openat resumed>) = 4 [pid 5070] <... close resumed>) = 0 [pid 5070] rmdir("./15/bus") = 0 [pid 5070] umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] newfstatat(AT_FDCWD, "./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6694] ioctl(4, LOOP_SET_FD, 3 [pid 6690] ioctl(4, LOOP_SET_FD, 3 [pid 5070] unlink("./15/binderfs") = 0 [pid 5070] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5070] close(3) = 0 [pid 5070] rmdir("./15") = 0 [pid 6690] <... ioctl resumed>) = 0 [pid 5070] mkdir("./16", 0777) = 0 [pid 5070] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5070] ioctl(3, LOOP_CLR_FD) = 0 [pid 5070] close(3) = 0 [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6715] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6696] <... write resumed>) = 16777216 [pid 6694] <... ioctl resumed>) = 0 [pid 6690] close(3 [pid 5070] <... clone resumed>, child_tidptr=0x555556d0c650) = 6716 [pid 6694] close(3 [pid 6690] <... close resumed>) = 0 [ 108.405130][ T6676] BTRFS info (device loop3): turning on sync discard [ 108.421323][ T6690] loop1: detected capacity change from 0 to 32768 [ 108.427985][ T6694] loop0: detected capacity change from 0 to 32768 [ 108.439468][ T6676] BTRFS info (device loop3): disk space caching is enabled [pid 6690] mkdir("./bus", 0777 [pid 6694] <... close resumed>) = 0 ./strace-static-x86_64: Process 6716 attached [pid 6694] mkdir("./bus", 0777 [pid 6716] set_robust_list(0x555556d0c660, 24) = 0 [pid 6716] chdir("./16") = 0 [pid 6694] <... mkdir resumed>) = 0 [pid 6716] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6690] <... mkdir resumed>) = 0 [pid 6716] setpgid(0, 0 [pid 6690] mount("/dev/loop1", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 6694] mount("/dev/loop0", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 6716] <... setpgid resumed>) = 0 [pid 6716] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6716] write(3, "1000", 4 [pid 6696] munmap(0x7f716ab16000, 138412032 [pid 6716] <... write resumed>) = 4 [pid 6716] close(3) = 0 [pid 6716] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6696] <... munmap resumed>) = 0 [pid 6716] memfd_create("syzkaller", 0) = 3 [pid 6716] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 6696] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 108.456631][ T6694] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz-executor383 (6694) [ 108.495210][ T6696] loop2: detected capacity change from 0 to 32768 [pid 6696] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6696] close(3) = 0 [pid 6696] mkdir("./bus", 0777) = 0 [ 108.523305][ T6690] BTRFS: device /dev/loop1 using temp-fsid 7dc74d07-6c35-4c48-a068-35892552d9c2 [ 108.532508][ T6690] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz-executor383 (6690) [ 108.535322][ T6694] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm [ 108.565661][ T6690] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm [ 108.567446][ T6696] BTRFS: device /dev/loop2 using temp-fsid 29c6a114-43aa-499a-9dc3-010094560a25 [ 108.580555][ T6690] BTRFS info (device loop1): enabling auto defrag [ 108.591269][ T6690] BTRFS info (device loop1): enabling disk space caching [ 108.610660][ T6690] BTRFS info (device loop1): max_inline at 0 [ 108.616746][ T6690] BTRFS info (device loop1): force clearing of disk cache [ 108.640632][ T6690] BTRFS info (device loop1): turning on sync discard [ 108.646974][ T6694] BTRFS info (device loop0): enabling auto defrag [ 108.654591][ T6690] BTRFS info (device loop1): disk space caching is enabled [ 108.670615][ T6696] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz-executor383 (6696) [ 108.690649][ T6694] BTRFS info (device loop0): enabling disk space caching [ 108.692986][ T6696] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm [ 108.710701][ T6694] BTRFS info (device loop0): max_inline at 0 [ 108.716725][ T6694] BTRFS info (device loop0): force clearing of disk cache [pid 6696] mount("/dev/loop2", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 6715] <... write resumed>) = 16777216 [ 108.768781][ T6676] BTRFS info (device loop3): enabling ssd optimizations [ 108.781013][ T6690] BTRFS info (device loop1): enabling ssd optimizations [ 108.790479][ T6696] BTRFS info (device loop2): enabling auto defrag [ 108.797877][ T6696] BTRFS info (device loop2): enabling disk space caching [ 108.805128][ T6696] BTRFS info (device loop2): max_inline at 0 [ 108.810979][ T6694] BTRFS info (device loop0): turning on sync discard [pid 6715] munmap(0x7f716ab16000, 138412032) = 0 [pid 6715] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6716] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6715] <... openat resumed>) = 4 [pid 6715] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6715] close(3) = 0 [pid 6715] mkdir("./bus", 0777) = 0 [ 108.816354][ T6696] BTRFS info (device loop2): force clearing of disk cache [ 108.826586][ T6676] BTRFS info (device loop3): rebuilding free space tree [ 108.839903][ T6715] loop4: detected capacity change from 0 to 32768 [ 108.858524][ T6715] BTRFS: device /dev/loop4 using temp-fsid e528fd3e-1ffd-4e95-bdf4-12316bfae816 [pid 6715] mount("/dev/loop4", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 6690] <... mount resumed>) = 0 [pid 6690] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6690] chdir("./bus") = 0 [pid 6690] ioctl(4, LOOP_CLR_FD) = 0 [pid 6690] close(4) = 0 [pid 6690] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6690] pwrite64(4, "2", 1, 55022 [pid 6676] <... mount resumed>) = 0 [pid 6676] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6676] chdir("./bus") = 0 [ 108.883880][ T6715] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz-executor383 (6715) [pid 6690] <... pwrite64 resumed>) = 1 [pid 6676] ioctl(4, LOOP_CLR_FD [pid 6690] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 6676] <... ioctl resumed>) = 0 [pid 6690] <... openat resumed>) = 5 [pid 6676] close(4 [pid 6690] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 6676] <... close resumed>) = 0 [pid 6676] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6690] <... write resumed>) = 65191 [pid 6690] ftruncate(5, 43006 [pid 6676] pwrite64(4, "2", 1, 55022 [pid 6690] <... ftruncate resumed>) = 0 [pid 6690] exit_group(0) = ? [pid 6690] +++ exited with 0 +++ [pid 6676] <... pwrite64 resumed>) = 1 [pid 6676] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6690, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=31 /* 0.31 s */} --- [pid 6676] <... openat resumed>) = 5 [pid 5066] umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6676] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5066] <... openat resumed>) = 3 [pid 5066] newfstatat(3, "", [pid 6676] <... write resumed>) = 65191 [pid 5066] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6676] ftruncate(5, 43006 [pid 5066] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5066] umount2("./16/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6676] <... ftruncate resumed>) = 0 [pid 6676] exit_group(0) = ? [pid 6676] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6676, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=34 /* 0.34 s */} --- [pid 5068] umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5068] umount2("./15/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6694] <... mount resumed>) = 0 [pid 6694] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6694] chdir("./bus") = 0 [pid 6694] ioctl(4, LOOP_CLR_FD) = 0 [pid 6694] close(4) = 0 [pid 6694] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6715] <... mount resumed>) = 0 [pid 6694] <... open resumed>) = 4 [pid 6715] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6694] pwrite64(4, "2", 1, 55022 [pid 6715] chdir("./bus") = 0 [pid 6715] ioctl(4, LOOP_CLR_FD) = 0 [pid 6715] close(4) = 0 [pid 6715] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6694] <... pwrite64 resumed>) = 1 [pid 6694] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 6715] <... open resumed>) = 4 [pid 6694] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 6715] pwrite64(4, "2", 1, 55022 [pid 6694] <... write resumed>) = 65191 [pid 6694] ftruncate(5, 43006 [pid 6696] <... mount resumed>) = 0 [pid 6696] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6696] chdir("./bus" [pid 6694] <... ftruncate resumed>) = 0 [pid 6696] <... chdir resumed>) = 0 [pid 6715] <... pwrite64 resumed>) = 1 [pid 6696] ioctl(4, LOOP_CLR_FD [pid 6694] exit_group(0 [pid 6715] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 6696] <... ioctl resumed>) = 0 [pid 6694] <... exit_group resumed>) = ? [pid 6715] <... openat resumed>) = 5 [pid 6715] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 6696] close(4 [pid 6715] <... write resumed>) = 65191 [pid 6696] <... close resumed>) = 0 [pid 6694] +++ exited with 0 +++ [pid 6696] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6694, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=33 /* 0.33 s */} --- [pid 6696] <... open resumed>) = 4 [pid 6715] ftruncate(5, 43006) = 0 [pid 6696] pwrite64(4, "2", 1, 55022 [pid 5065] umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6716] <... write resumed>) = 16777216 [pid 6715] exit_group(0 [pid 5065] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5065] umount2("./16/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6696] <... pwrite64 resumed>) = 1 [pid 6696] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 6696] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 6716] munmap(0x7f716ab16000, 138412032 [pid 6715] <... exit_group resumed>) = ? [pid 6696] ftruncate(5, 43006 [pid 6715] +++ exited with 0 +++ [pid 6696] <... ftruncate resumed>) = 0 [pid 6696] exit_group(0 [pid 6716] <... munmap resumed>) = 0 [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6715, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=27 /* 0.27 s */} --- [pid 5069] umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6696] <... exit_group resumed>) = ? [pid 5069] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6696] +++ exited with 0 +++ [pid 5069] <... openat resumed>) = 3 [pid 5069] newfstatat(3, "", [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6696, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=28 /* 0.28 s */} --- [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] getdents64(3, [pid 6716] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5069] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5067] umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6716] ioctl(4, LOOP_SET_FD, 3 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] umount2("./16/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5067] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5067] umount2("./16/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... umount2 resumed>) = 0 [pid 5066] umount2("./16/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] newfstatat(AT_FDCWD, "./16/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] umount2("./16/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./16/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5066] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 5066] rmdir("./16/bus") = 0 [pid 5066] umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] newfstatat(AT_FDCWD, "./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] unlink("./16/binderfs") = 0 [pid 5066] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./16") = 0 [pid 5068] <... umount2 resumed>) = 0 [pid 5066] mkdir("./17", 0777 [pid 5068] umount2("./15/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... mkdir resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = 0 [pid 5066] close(3) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6796 attached [pid 5068] newfstatat(AT_FDCWD, "./15/bus", [pid 6796] set_robust_list(0x555556d0c660, 24 [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] <... clone resumed>, child_tidptr=0x555556d0c650) = 6796 [pid 5068] umount2("./15/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6796] <... set_robust_list resumed>) = 0 [ 109.345046][ T6716] loop5: detected capacity change from 0 to 32768 [pid 6796] chdir("./17" [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./15/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6796] <... chdir resumed>) = 0 [pid 6796] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6716] <... ioctl resumed>) = 0 [pid 6796] <... prctl resumed>) = 0 [pid 6716] close(3 [pid 5068] <... openat resumed>) = 4 [pid 6716] <... close resumed>) = 0 [pid 6716] mkdir("./bus", 0777) = 0 [pid 6716] mount("/dev/loop5", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 6796] setpgid(0, 0 [pid 5068] newfstatat(4, "", [pid 6796] <... setpgid resumed>) = 0 [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6796] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5068] getdents64(4, [pid 6796] <... openat resumed>) = 3 [pid 5068] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 6796] write(3, "1000", 4 [pid 5068] close(4 [pid 6796] <... write resumed>) = 4 [pid 5068] <... close resumed>) = 0 [pid 6796] close(3 [pid 5068] rmdir("./15/bus" [pid 6796] <... close resumed>) = 0 [pid 6796] symlink("/dev/binderfs", "./binderfs" [pid 5068] <... rmdir resumed>) = 0 [pid 5068] umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6796] <... symlink resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] newfstatat(AT_FDCWD, "./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6796] memfd_create("syzkaller", 0 [ 109.408592][ T6716] BTRFS: device /dev/loop5 using temp-fsid 00e3c480-fb0d-4ed5-93fa-3904e1ddae91 [pid 5068] unlink("./15/binderfs" [pid 6796] <... memfd_create resumed>) = 3 [pid 5068] <... unlink resumed>) = 0 [pid 5068] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 6796] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 5068] close(3) = 0 [pid 5068] rmdir("./15") = 0 [pid 5068] mkdir("./16", 0777) = 0 [ 109.463783][ T6716] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 scanned by syz-executor383 (6716) [pid 5068] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5068] close(3) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6799 attached , child_tidptr=0x555556d0c650) = 6799 [pid 6799] set_robust_list(0x555556d0c660, 24) = 0 [pid 6799] chdir("./16") = 0 [pid 6799] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6799] setpgid(0, 0) = 0 [pid 6799] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5069] <... umount2 resumed>) = 0 [pid 5069] umount2("./16/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] newfstatat(AT_FDCWD, "./16/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] umount2("./16/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6799] write(3, "1000", 4) = 4 [pid 6799] close(3 [pid 5069] openat(AT_FDCWD, "./16/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6799] <... close resumed>) = 0 [pid 5069] <... openat resumed>) = 4 [pid 6799] symlink("/dev/binderfs", "./binderfs" [pid 5069] newfstatat(4, "", [pid 6799] <... symlink resumed>) = 0 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6799] memfd_create("syzkaller", 0 [pid 5069] getdents64(4, [pid 5065] <... umount2 resumed>) = 0 [pid 6799] <... memfd_create resumed>) = 3 [pid 5069] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5065] umount2("./16/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] getdents64(4, [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5065] newfstatat(AT_FDCWD, "./16/bus", [pid 5069] close(4) = 0 [pid 5069] rmdir("./16/bus" [pid 6799] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5069] <... rmdir resumed>) = 0 [pid 6799] <... mmap resumed>) = 0x7f716ab16000 [pid 5069] umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... umount2 resumed>) = 0 [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] umount2("./16/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] umount2("./16/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] newfstatat(AT_FDCWD, "./16/binderfs", [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5067] newfstatat(AT_FDCWD, "./16/bus", [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] unlink("./16/binderfs" [pid 5067] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] openat(AT_FDCWD, "./16/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] <... unlink resumed>) = 0 [pid 5067] umount2("./16/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... openat resumed>) = 4 [pid 5069] getdents64(3, [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5067] openat(AT_FDCWD, "./16/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] newfstatat(4, "", [pid 5069] close(3 [pid 5067] <... openat resumed>) = 4 [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] <... close resumed>) = 0 [pid 5067] newfstatat(4, "", [pid 5065] getdents64(4, [pid 5069] rmdir("./16" [pid 5067] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5069] <... rmdir resumed>) = 0 [pid 5067] getdents64(4, [pid 5065] getdents64(4, [pid 5069] mkdir("./17", 0777 [pid 5065] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5067] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5065] close(4 [pid 5069] <... mkdir resumed>) = 0 [pid 5067] getdents64(4, [pid 5065] <... close resumed>) = 0 [pid 5067] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5065] rmdir("./16/bus" [pid 5067] close(4 [pid 5069] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5067] <... close resumed>) = 0 [pid 5065] <... rmdir resumed>) = 0 [pid 5069] <... openat resumed>) = 3 [pid 5067] rmdir("./16/bus" [pid 5065] umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] <... rmdir resumed>) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] close(3 [pid 5067] umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] newfstatat(AT_FDCWD, "./16/binderfs", [pid 5069] <... close resumed>) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5067] newfstatat(AT_FDCWD, "./16/binderfs", [pid 5065] unlink("./16/binderfs" [pid 5067] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] <... unlink resumed>) = 0 ./strace-static-x86_64: Process 6812 attached [pid 5069] <... clone resumed>, child_tidptr=0x555556d0c650) = 6812 [pid 5067] unlink("./16/binderfs" [pid 5065] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5065] close(3 [pid 6812] set_robust_list(0x555556d0c660, 24 [pid 5067] <... unlink resumed>) = 0 [pid 5065] <... close resumed>) = 0 [pid 6812] <... set_robust_list resumed>) = 0 [pid 5067] getdents64(3, [pid 5065] rmdir("./16") = 0 [pid 5065] mkdir("./17", 0777) = 0 [pid 6812] chdir("./17" [pid 5067] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5067] close(3 [pid 5065] <... openat resumed>) = 3 [pid 6812] <... chdir resumed>) = 0 [pid 5067] <... close resumed>) = 0 [pid 5065] ioctl(3, LOOP_CLR_FD [pid 6812] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5067] rmdir("./16" [pid 5065] <... ioctl resumed>) = 0 [pid 6812] <... prctl resumed>) = 0 [pid 5067] <... rmdir resumed>) = 0 [pid 5065] close(3 [pid 6812] setpgid(0, 0 [pid 5067] mkdir("./17", 0777 [pid 5065] <... close resumed>) = 0 [pid 6812] <... setpgid resumed>) = 0 [pid 5067] <... mkdir resumed>) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6812] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 6814 attached [pid 6814] set_robust_list(0x555556d0c660, 24 [pid 6812] <... openat resumed>) = 3 [pid 5067] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5065] <... clone resumed>, child_tidptr=0x555556d0c650) = 6814 [pid 6814] <... set_robust_list resumed>) = 0 [pid 6814] chdir("./17" [pid 6812] write(3, "1000", 4 [pid 5067] <... openat resumed>) = 3 [pid 6814] <... chdir resumed>) = 0 [pid 6812] <... write resumed>) = 4 [pid 6796] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5067] ioctl(3, LOOP_CLR_FD [pid 6812] close(3 [pid 5067] <... ioctl resumed>) = 0 [pid 6814] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6812] <... close resumed>) = 0 [pid 6814] <... prctl resumed>) = 0 [pid 6812] symlink("/dev/binderfs", "./binderfs" [pid 5067] close(3 [pid 6814] setpgid(0, 0 [pid 6812] <... symlink resumed>) = 0 [pid 6814] <... setpgid resumed>) = 0 [pid 6814] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6812] memfd_create("syzkaller", 0 [pid 5067] <... close resumed>) = 0 [pid 6812] <... memfd_create resumed>) = 3 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6814] <... openat resumed>) = 3 [pid 6812] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0./strace-static-x86_64: Process 6816 attached [pid 6814] write(3, "1000", 4 [pid 6816] set_robust_list(0x555556d0c660, 24 [pid 6814] <... write resumed>) = 4 [pid 6816] <... set_robust_list resumed>) = 0 [pid 6814] close(3 [pid 6812] <... mmap resumed>) = 0x7f716ab16000 [pid 5067] <... clone resumed>, child_tidptr=0x555556d0c650) = 6816 [pid 6814] <... close resumed>) = 0 [pid 6816] chdir("./17" [pid 6814] symlink("/dev/binderfs", "./binderfs" [pid 6816] <... chdir resumed>) = 0 [pid 6814] <... symlink resumed>) = 0 [pid 6814] memfd_create("syzkaller", 0) = 3 [pid 6816] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6814] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6816] <... prctl resumed>) = 0 [pid 6814] <... mmap resumed>) = 0x7f716ab16000 [pid 6816] setpgid(0, 0) = 0 [pid 6816] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6816] write(3, "1000", 4 [pid 6716] <... mount resumed>) = 0 [pid 6716] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6716] chdir("./bus") = 0 [pid 6716] ioctl(4, LOOP_CLR_FD) = 0 [pid 6716] close(4 [pid 6816] <... write resumed>) = 4 [pid 6716] <... close resumed>) = 0 [pid 6816] close(3 [pid 6716] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6816] <... close resumed>) = 0 [pid 6816] symlink("/dev/binderfs", "./binderfs" [pid 6716] <... open resumed>) = 4 [pid 6816] <... symlink resumed>) = 0 [pid 6816] memfd_create("syzkaller", 0) = 3 [pid 6816] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 6716] pwrite64(4, "2", 1, 55022) = 1 [pid 6716] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 6716] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 6716] ftruncate(5, 43006) = 0 [pid 6716] exit_group(0) = ? [pid 6716] +++ exited with 0 +++ [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6716, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=28 /* 0.28 s */} --- [pid 5070] umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5070] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5070] umount2("./16/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6799] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6814] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6812] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5070] <... umount2 resumed>) = 0 [pid 5070] umount2("./16/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6796] <... write resumed>) = 16777216 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6796] munmap(0x7f716ab16000, 138412032) = 0 [pid 6816] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5070] newfstatat(AT_FDCWD, "./16/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] umount2("./16/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] openat(AT_FDCWD, "./16/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5070] newfstatat(4, "", [pid 6796] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6796] ioctl(4, LOOP_SET_FD, 3 [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6796] <... ioctl resumed>) = 0 [pid 5070] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5070] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5070] close(4) = 0 [pid 5070] rmdir("./16/bus") = 0 [pid 6796] close(3) = 0 [pid 6796] mkdir("./bus", 0777) = 0 [pid 5070] umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6796] mount("/dev/loop1", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5070] newfstatat(AT_FDCWD, "./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] unlink("./16/binderfs") = 0 [ 110.501956][ T6796] loop1: detected capacity change from 0 to 32768 [ 110.539509][ T6796] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz-executor383 (6796) [pid 5070] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5070] close(3) = 0 [pid 5070] rmdir("./16") = 0 [pid 5070] mkdir("./17", 0777) = 0 [pid 5070] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5070] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5070] close(3) = 0 [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6819 attached [pid 6819] set_robust_list(0x555556d0c660, 24) = 0 [pid 6819] chdir("./17") = 0 [pid 6819] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6819] setpgid(0, 0) = 0 [pid 6819] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5070] <... clone resumed>, child_tidptr=0x555556d0c650) = 6819 [pid 6819] <... openat resumed>) = 3 [pid 6819] write(3, "1000", 4) = 4 [pid 6819] close(3) = 0 [pid 6819] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6819] memfd_create("syzkaller", 0) = 3 [pid 6819] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 6814] <... write resumed>) = 16777216 [pid 6799] <... write resumed>) = 16777216 [pid 6814] munmap(0x7f716ab16000, 138412032 [pid 6799] munmap(0x7f716ab16000, 138412032 [pid 6814] <... munmap resumed>) = 0 [pid 6814] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6799] <... munmap resumed>) = 0 [ 110.895387][ T6796] _btrfs_printk: 51 callbacks suppressed [ 110.895403][ T6796] BTRFS info (device loop1): enabling ssd optimizations [pid 6814] <... openat resumed>) = 4 [pid 6799] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6814] ioctl(4, LOOP_SET_FD, 3 [pid 6799] <... openat resumed>) = 4 [pid 6799] ioctl(4, LOOP_SET_FD, 3 [pid 6814] <... ioctl resumed>) = 0 [pid 6799] <... ioctl resumed>) = 0 [pid 6814] close(3 [pid 6799] close(3 [pid 6814] <... close resumed>) = 0 [pid 6799] <... close resumed>) = 0 [pid 6814] mkdir("./bus", 0777 [pid 6799] mkdir("./bus", 0777 [pid 6814] <... mkdir resumed>) = 0 [pid 6814] mount("/dev/loop0", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 6799] <... mkdir resumed>) = 0 [ 110.949926][ T6796] BTRFS info (device loop1): rebuilding free space tree [ 110.958428][ T6814] loop0: detected capacity change from 0 to 32768 [ 110.965609][ T6799] loop3: detected capacity change from 0 to 32768 [pid 6799] mount("/dev/loop3", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 6819] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6812] <... write resumed>) = 16777216 [ 111.003148][ T6796] BTRFS info (device loop1): disabling free space tree [ 111.004728][ T6814] BTRFS: device /dev/loop0 using temp-fsid 2b533ca8-d9bb-4649-8733-074dbbb21316 [ 111.020747][ T6796] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 111.031221][ T6796] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [pid 6812] munmap(0x7f716ab16000, 138412032) = 0 [pid 6816] <... write resumed>) = 16777216 [pid 6816] munmap(0x7f716ab16000, 138412032 [pid 6812] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6812] ioctl(4, LOOP_SET_FD, 3 [pid 6816] <... munmap resumed>) = 0 [pid 6812] <... ioctl resumed>) = 0 [pid 6812] close(3) = 0 [pid 6812] mkdir("./bus", 0777) = 0 [pid 6812] mount("/dev/loop4", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 6796] <... mount resumed>) = 0 [pid 6796] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 6816] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6796] <... openat resumed>) = 3 [pid 6796] chdir("./bus" [pid 6816] <... openat resumed>) = 4 [pid 6816] ioctl(4, LOOP_SET_FD, 3 [pid 6796] <... chdir resumed>) = 0 [pid 6796] ioctl(4, LOOP_CLR_FD) = 0 [ 111.046846][ T6814] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz-executor383 (6814) [ 111.063028][ T6812] loop4: detected capacity change from 0 to 32768 [ 111.083427][ T6816] loop2: detected capacity change from 0 to 32768 [ 111.087941][ T6814] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm [pid 6796] close(4) = 0 [pid 6816] <... ioctl resumed>) = 0 [pid 6796] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6816] close(3 [pid 6796] <... open resumed>) = 4 [pid 6816] <... close resumed>) = 0 [pid 6816] mkdir("./bus", 0777 [pid 6796] pwrite64(4, "2", 1, 55022 [pid 6816] <... mkdir resumed>) = 0 [pid 6796] <... pwrite64 resumed>) = 1 [pid 6796] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 6796] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 6796] ftruncate(5, 43006) = 0 [pid 6796] exit_group(0 [pid 6816] mount("/dev/loop2", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 6796] <... exit_group resumed>) = ? [pid 6796] +++ exited with 0 +++ [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6796, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=33 /* 0.33 s */} --- [ 111.098738][ T6799] BTRFS: device /dev/loop3 using temp-fsid a2687409-53ca-46bf-b5bc-b3114ef34a16 [ 111.117288][ T6799] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz-executor383 (6799) [ 111.123767][ T6814] BTRFS info (device loop0): enabling auto defrag [pid 5066] umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5066] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5066] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [ 111.148940][ T6812] BTRFS: device /dev/loop4 using temp-fsid 4f66a333-906a-449e-a266-2739b8fbcf20 [ 111.158774][ T6799] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm [ 111.165180][ T6814] BTRFS info (device loop0): enabling disk space caching [ 111.179514][ T6812] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz-executor383 (6812) [ 111.192571][ T6799] BTRFS info (device loop3): enabling auto defrag [ 111.193866][ T6814] BTRFS info (device loop0): max_inline at 0 [ 111.199052][ T6799] BTRFS info (device loop3): enabling disk space caching [ 111.213183][ T6814] BTRFS info (device loop0): force clearing of disk cache [ 111.225992][ T6812] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm [ 111.236100][ T6816] BTRFS: device /dev/loop2 using temp-fsid 0c97a342-c5be-423f-9b4f-4e5e9980b57c [ 111.246471][ T6812] BTRFS info (device loop4): enabling auto defrag [ 111.251419][ T6799] BTRFS info (device loop3): max_inline at 0 [ 111.254460][ T6816] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz-executor383 (6816) [ 111.262142][ T6799] BTRFS info (device loop3): force clearing of disk cache [pid 5066] umount2("./17/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5066] umount2("./17/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 111.296429][ T6814] BTRFS info (device loop0): turning on sync discard [ 111.309133][ T6816] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm [ 111.314342][ T6812] BTRFS info (device loop4): enabling disk space caching [ 111.329669][ T6816] BTRFS info (device loop2): enabling auto defrag [ 111.338658][ T6799] BTRFS info (device loop3): turning on sync discard [pid 5066] newfstatat(AT_FDCWD, "./17/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] umount2("./17/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./17/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5066] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [ 111.365521][ T6814] BTRFS info (device loop0): disk space caching is enabled [ 111.368433][ T6812] BTRFS info (device loop4): max_inline at 0 [ 111.375083][ T6816] BTRFS info (device loop2): enabling disk space caching [ 111.386813][ T6799] BTRFS info (device loop3): disk space caching is enabled [ 111.405054][ T6812] BTRFS info (device loop4): force clearing of disk cache [pid 5066] rmdir("./17/bus") = 0 [pid 5066] umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6819] <... write resumed>) = 16777216 [pid 6819] munmap(0x7f716ab16000, 138412032 [pid 5066] newfstatat(AT_FDCWD, "./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] unlink("./17/binderfs") = 0 [pid 6819] <... munmap resumed>) = 0 [pid 5066] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./17") = 0 [pid 5066] mkdir("./18", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = 0 [pid 5066] close(3) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d0c650) = 6844 ./strace-static-x86_64: Process 6844 attached [pid 6844] set_robust_list(0x555556d0c660, 24 [pid 6819] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 6844] <... set_robust_list resumed>) = 0 [pid 6844] chdir("./18" [pid 6819] <... openat resumed>) = 4 [pid 6844] <... chdir resumed>) = 0 [pid 6819] ioctl(4, LOOP_SET_FD, 3 [pid 6844] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 111.405709][ T6816] BTRFS info (device loop2): max_inline at 0 [ 111.420837][ T6816] BTRFS info (device loop2): force clearing of disk cache [ 111.430378][ T6816] BTRFS info (device loop2): turning on sync discard [ 111.435162][ T6812] BTRFS info (device loop4): turning on sync discard [ 111.438972][ T6816] BTRFS info (device loop2): disk space caching is enabled [ 111.452349][ T6812] BTRFS info (device loop4): disk space caching is enabled [pid 6844] setpgid(0, 0) = 0 [pid 6844] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6844] write(3, "1000", 4) = 4 [pid 6844] close(3) = 0 [pid 6844] symlink("/dev/binderfs", "./binderfs" [pid 6819] <... ioctl resumed>) = 0 [pid 6819] close(3 [pid 6844] <... symlink resumed>) = 0 [pid 6819] <... close resumed>) = 0 [pid 6819] mkdir("./bus", 0777 [pid 6844] memfd_create("syzkaller", 0) = 3 [pid 6819] <... mkdir resumed>) = 0 [pid 6844] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [ 111.468368][ T6819] loop5: detected capacity change from 0 to 32768 [ 111.491298][ T6819] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 scanned by syz-executor383 (6819) [ 111.565929][ T6819] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm [ 111.570631][ T6812] BTRFS info (device loop4): enabling ssd optimizations [ 111.583412][ T6819] BTRFS info (device loop5): enabling auto defrag [ 111.595409][ T6819] BTRFS info (device loop5): enabling disk space caching [ 111.604415][ T6819] BTRFS info (device loop5): max_inline at 0 [ 111.605521][ T6816] BTRFS info (device loop2): enabling ssd optimizations [ 111.610578][ T6799] BTRFS info (device loop3): enabling ssd optimizations [ 111.625472][ T6812] BTRFS info (device loop4): rebuilding free space tree [ 111.630901][ T6799] BTRFS info (device loop3): rebuilding free space tree [ 111.634157][ T6819] BTRFS info (device loop5): force clearing of disk cache [ 111.641327][ T6814] BTRFS info (device loop0): enabling ssd optimizations [ 111.646733][ T6819] BTRFS info (device loop5): turning on sync discard [ 111.661217][ T6816] BTRFS info (device loop2): rebuilding free space tree [ 111.672462][ T6819] BTRFS info (device loop5): disk space caching is enabled [ 111.684703][ T6812] BTRFS info (device loop4): disabling free space tree [ 111.692311][ T6812] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 111.692943][ T6799] BTRFS info (device loop3): disabling free space tree [ 111.702973][ T6812] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 111.713191][ T6816] BTRFS info (device loop2): disabling free space tree [ 111.730330][ T6814] BTRFS info (device loop0): rebuilding free space tree [ 111.738593][ T6799] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [pid 6819] mount("/dev/loop5", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 6844] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6812] <... mount resumed>) = 0 [pid 6812] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6812] chdir("./bus") = 0 [pid 6812] ioctl(4, LOOP_CLR_FD) = 0 [pid 6812] close(4) = 0 [pid 6812] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6812] pwrite64(4, "2", 1, 55022) = 1 [pid 6812] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [ 111.758150][ T6816] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 111.769062][ T6814] BTRFS info (device loop0): disabling free space tree [ 111.782949][ T6799] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 111.787233][ T6816] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 111.802028][ T6814] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [pid 6812] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 6799] <... mount resumed>) = 0 [pid 6812] <... write resumed>) = 65191 [pid 6812] ftruncate(5, 43006 [pid 6799] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6812] <... ftruncate resumed>) = 0 [pid 6812] exit_group(0) = ? [pid 6816] <... mount resumed>) = 0 [pid 6816] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6816] chdir("./bus") = 0 [pid 6816] ioctl(4, LOOP_CLR_FD) = 0 [pid 6816] close(4) = 0 [pid 6816] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6812] +++ exited with 0 +++ [pid 6799] chdir("./bus" [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6812, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=40 /* 0.40 s */} --- [pid 6799] <... chdir resumed>) = 0 [pid 6799] ioctl(4, LOOP_CLR_FD) = 0 [pid 5069] umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6799] close(4 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6816] <... open resumed>) = 4 [pid 6799] <... close resumed>) = 0 [pid 5069] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6799] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] <... openat resumed>) = 3 [pid 6816] pwrite64(4, "2", 1, 55022 [pid 6799] <... open resumed>) = 4 [pid 5069] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 111.844117][ T6814] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [pid 5069] getdents64(3, [pid 6816] <... pwrite64 resumed>) = 1 [pid 6799] pwrite64(4, "2", 1, 55022 [pid 5069] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 6816] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5069] umount2("./17/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6816] <... openat resumed>) = 5 [pid 6816] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 6816] ftruncate(5, 43006 [pid 6799] <... pwrite64 resumed>) = 1 [pid 6814] <... mount resumed>) = 0 [pid 6799] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 6814] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 6799] <... openat resumed>) = 5 [pid 6814] <... openat resumed>) = 3 [pid 6799] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 6814] chdir("./bus" [pid 6799] <... write resumed>) = 65191 [pid 6814] <... chdir resumed>) = 0 [pid 6799] ftruncate(5, 43006 [pid 6814] ioctl(4, LOOP_CLR_FD [pid 6816] <... ftruncate resumed>) = 0 [pid 6814] <... ioctl resumed>) = 0 [pid 6799] <... ftruncate resumed>) = 0 [pid 6816] exit_group(0 [pid 6814] close(4 [pid 6799] exit_group(0 [pid 6816] <... exit_group resumed>) = ? [pid 6814] <... close resumed>) = 0 [pid 6799] <... exit_group resumed>) = ? [pid 6816] +++ exited with 0 +++ [pid 6814] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6799] +++ exited with 0 +++ [ 111.933511][ T6819] BTRFS info (device loop5): enabling ssd optimizations [pid 6814] <... open resumed>) = 4 [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6799, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=33 /* 0.33 s */} --- [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6816, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=36 /* 0.36 s */} --- [pid 6814] pwrite64(4, "2", 1, 55022 [pid 5067] umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] <... openat resumed>) = 3 [pid 5068] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5067] newfstatat(3, "", [pid 5068] <... openat resumed>) = 3 [pid 5067] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] newfstatat(3, "", [pid 5067] getdents64(3, [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5067] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5067] umount2("./17/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5068] umount2("./16/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6814] <... pwrite64 resumed>) = 1 [pid 6814] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 6814] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [ 111.994237][ T6819] BTRFS info (device loop5): rebuilding free space tree [pid 6814] ftruncate(5, 43006) = 0 [pid 6814] exit_group(0) = ? [pid 5069] <... umount2 resumed>) = 0 [pid 5069] umount2("./17/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6844] <... write resumed>) = 16777216 [pid 6814] +++ exited with 0 +++ [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6814, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=37 /* 0.37 s */} --- [pid 5065] umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5065] umount2("./17/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] newfstatat(AT_FDCWD, "./17/bus", [pid 6844] munmap(0x7f716ab16000, 138412032 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] umount2("./17/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./17/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6844] <... munmap resumed>) = 0 [ 112.089802][ T6819] BTRFS info (device loop5): disabling free space tree [pid 5069] newfstatat(4, "", [pid 6844] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6844] <... openat resumed>) = 4 [pid 5069] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, [pid 6844] ioctl(4, LOOP_SET_FD, 3 [pid 5069] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 5069] rmdir("./17/bus" [pid 5067] <... umount2 resumed>) = 0 [pid 5069] <... rmdir resumed>) = 0 [pid 6844] <... ioctl resumed>) = 0 [pid 6844] close(3 [pid 5069] umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] umount2("./17/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6844] <... close resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] newfstatat(AT_FDCWD, "./17/binderfs", [pid 5067] newfstatat(AT_FDCWD, "./17/bus", [ 112.138059][ T6819] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 112.167924][ T6844] loop1: detected capacity change from 0 to 32768 [pid 6844] mkdir("./bus", 0777) = 0 [pid 5069] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5067] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5067] umount2("./17/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6844] mount("/dev/loop1", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5069] unlink("./17/binderfs" [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./17/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] <... unlink resumed>) = 0 [pid 5067] <... openat resumed>) = 4 [pid 5067] newfstatat(4, "", [pid 5069] getdents64(3, [pid 5067] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5067] getdents64(4, [pid 5069] close(3) = 0 [pid 5067] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5069] rmdir("./17") = 0 [pid 5068] <... umount2 resumed>) = 0 [pid 5067] getdents64(4, [pid 5069] mkdir("./18", 0777 [pid 5068] umount2("./16/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] close(4 [pid 5069] <... mkdir resumed>) = 0 [ 112.211681][ T6819] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 112.230932][ T6844] BTRFS: device /dev/loop1 using temp-fsid c70d997e-f06d-4022-bad3-447377a3749d [ 112.239998][ T6844] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz-executor383 (6844) [pid 5067] <... close resumed>) = 0 [pid 5068] newfstatat(AT_FDCWD, "./16/bus", [pid 5069] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5067] rmdir("./17/bus") = 0 [pid 5068] umount2("./16/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... openat resumed>) = 3 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] openat(AT_FDCWD, "./16/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... openat resumed>) = 4 [pid 5067] newfstatat(AT_FDCWD, "./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5068] newfstatat(4, "", [pid 5067] unlink("./17/binderfs" [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5067] <... unlink resumed>) = 0 [pid 5068] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(3, [pid 5068] getdents64(4, [pid 5067] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5068] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5068] close(4 [pid 5067] close(3 [pid 5068] <... close resumed>) = 0 [pid 5067] <... close resumed>) = 0 [pid 5069] <... ioctl resumed>) = 0 [pid 5068] rmdir("./16/bus" [pid 5067] rmdir("./17" [pid 6819] <... mount resumed>) = 0 [pid 6819] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6819] chdir("./bus" [pid 5067] <... rmdir resumed>) = 0 [pid 6819] <... chdir resumed>) = 0 [pid 6819] ioctl(4, LOOP_CLR_FD) = 0 [pid 5068] <... rmdir resumed>) = 0 [pid 5067] mkdir("./18", 0777 [pid 5069] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 6915 attached [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5068] newfstatat(AT_FDCWD, "./16/binderfs", [pid 6819] close(4) = 0 [pid 5067] <... openat resumed>) = 3 [pid 6819] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6915] set_robust_list(0x555556d0c660, 24 [pid 5069] <... clone resumed>, child_tidptr=0x555556d0c650) = 6915 [pid 5068] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5067] ioctl(3, LOOP_CLR_FD [pid 5068] unlink("./16/binderfs" [pid 6819] pwrite64(4, "2", 1, 55022 [pid 6915] <... set_robust_list resumed>) = 0 [pid 5068] <... unlink resumed>) = 0 [pid 5067] <... ioctl resumed>) = 0 [pid 5068] getdents64(3, [pid 5067] close(3 [pid 6915] chdir("./18" [pid 5068] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5067] <... close resumed>) = 0 [pid 5065] <... umount2 resumed>) = 0 [pid 5065] umount2("./17/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] close(3 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6915] <... chdir resumed>) = 0 [pid 5068] <... close resumed>) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] newfstatat(AT_FDCWD, "./17/bus", ./strace-static-x86_64: Process 6916 attached [pid 6915] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5068] rmdir("./16" [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6916] set_robust_list(0x555556d0c660, 24 [pid 6915] <... prctl resumed>) = 0 [pid 5065] umount2("./17/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./17/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] <... rmdir resumed>) = 0 [pid 6916] <... set_robust_list resumed>) = 0 [pid 6915] setpgid(0, 0 [pid 5067] <... clone resumed>, child_tidptr=0x555556d0c650) = 6916 [pid 5065] <... openat resumed>) = 4 [pid 6916] chdir("./18" [pid 6915] <... setpgid resumed>) = 0 [pid 5065] newfstatat(4, "", [pid 6916] <... chdir resumed>) = 0 [pid 6915] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5068] mkdir("./17", 0777 [pid 6915] <... openat resumed>) = 3 [pid 5068] <... mkdir resumed>) = 0 [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6916] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6915] write(3, "1000", 4 [pid 6916] <... prctl resumed>) = 0 [pid 6915] <... write resumed>) = 4 [pid 6916] setpgid(0, 0 [pid 6915] close(3 [pid 5068] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5065] getdents64(4, [pid 6916] <... setpgid resumed>) = 0 [pid 6915] <... close resumed>) = 0 [pid 6916] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6915] symlink("/dev/binderfs", "./binderfs" [pid 5068] <... openat resumed>) = 3 [pid 5065] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5065] getdents64(4, [pid 5068] <... ioctl resumed>) = 0 [pid 5065] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5068] close(3 [pid 5065] close(4 [pid 5068] <... close resumed>) = 0 [pid 5065] <... close resumed>) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5065] rmdir("./17/bus") = 0 [pid 6915] <... symlink resumed>) = 0 [pid 5065] umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6917 attached [pid 6916] <... openat resumed>) = 3 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6819] <... pwrite64 resumed>) = 1 [pid 5068] <... clone resumed>, child_tidptr=0x555556d0c650) = 6917 [pid 5065] newfstatat(AT_FDCWD, "./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6916] write(3, "1000", 4 [pid 5065] unlink("./17/binderfs" [pid 6917] set_robust_list(0x555556d0c660, 24 [pid 6916] <... write resumed>) = 4 [pid 6819] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5065] <... unlink resumed>) = 0 [pid 6916] close(3 [pid 6917] <... set_robust_list resumed>) = 0 [pid 6916] <... close resumed>) = 0 [pid 6915] memfd_create("syzkaller", 0 [pid 6819] <... openat resumed>) = 5 [pid 5065] getdents64(3, [pid 6917] chdir("./17" [pid 6916] symlink("/dev/binderfs", "./binderfs" [pid 6915] <... memfd_create resumed>) = 3 [pid 5065] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 6917] <... chdir resumed>) = 0 [pid 6819] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5065] close(3 [pid 6917] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6916] <... symlink resumed>) = 0 [pid 6915] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5065] <... close resumed>) = 0 [pid 5065] rmdir("./17" [pid 6917] <... prctl resumed>) = 0 [pid 6916] memfd_create("syzkaller", 0 [pid 6915] <... mmap resumed>) = 0x7f716ab16000 [pid 5065] <... rmdir resumed>) = 0 [pid 6917] setpgid(0, 0 [pid 6819] <... write resumed>) = 65191 [pid 5065] mkdir("./18", 0777) = 0 [pid 6917] <... setpgid resumed>) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 112.401646][ T6844] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm [pid 6819] ftruncate(5, 43006 [pid 5065] ioctl(3, LOOP_CLR_FD [pid 6917] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6916] <... memfd_create resumed>) = 3 [pid 5065] <... ioctl resumed>) = 0 [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6918 attached , child_tidptr=0x555556d0c650) = 6918 [pid 6918] set_robust_list(0x555556d0c660, 24) = 0 [pid 6918] chdir("./18") = 0 [pid 6918] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6918] setpgid(0, 0) = 0 [pid 6918] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6918] write(3, "1000", 4) = 4 [pid 6918] close(3) = 0 [pid 6918] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6918] memfd_create("syzkaller", 0) = 3 [pid 6918] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 6917] <... openat resumed>) = 3 [pid 6916] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6819] <... ftruncate resumed>) = 0 [pid 6917] write(3, "1000", 4 [pid 6916] <... mmap resumed>) = 0x7f716ab16000 [pid 6819] exit_group(0 [pid 6917] <... write resumed>) = 4 [pid 6819] <... exit_group resumed>) = ? [pid 6819] +++ exited with 0 +++ [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6819, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=32 /* 0.32 s */} --- [pid 5070] umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5070] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5070] umount2("./17/bus", MNT_DETACH|UMOUNT_NOFOLLOW [ 112.451350][ T6844] BTRFS info (device loop1): enabling auto defrag [ 112.491043][ T6844] BTRFS info (device loop1): enabling disk space caching [pid 6917] close(3) = 0 [pid 6917] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6917] memfd_create("syzkaller", 0) = 3 [ 112.498162][ T6844] BTRFS info (device loop1): max_inline at 0 [pid 6917] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [ 112.561145][ T6844] BTRFS info (device loop1): force clearing of disk cache [ 112.568583][ T6844] BTRFS info (device loop1): turning on sync discard [ 112.613815][ T6844] BTRFS info (device loop1): disk space caching is enabled [pid 5070] <... umount2 resumed>) = 0 [pid 5070] umount2("./17/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] newfstatat(AT_FDCWD, "./17/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6918] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6915] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5070] umount2("./17/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] openat(AT_FDCWD, "./17/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5070] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5070] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 6917] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5070] close(4) = 0 [ 112.920145][ T6844] BTRFS info (device loop1): enabling ssd optimizations [pid 5070] rmdir("./17/bus") = 0 [pid 5070] umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] newfstatat(AT_FDCWD, "./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] unlink("./17/binderfs") = 0 [pid 5070] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5070] close(3) = 0 [pid 5070] rmdir("./17") = 0 [ 113.001076][ T6844] BTRFS info (device loop1): rebuilding free space tree [pid 5070] mkdir("./18", 0777 [pid 6916] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6915] <... write resumed>) = 16777216 [pid 5070] <... mkdir resumed>) = 0 [pid 5070] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5070] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5070] close(3) = 0 [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d0c650) = 6935 ./strace-static-x86_64: Process 6935 attached [pid 6935] set_robust_list(0x555556d0c660, 24 [pid 6915] munmap(0x7f716ab16000, 138412032 [pid 6935] <... set_robust_list resumed>) = 0 [pid 6935] chdir("./18") = 0 [pid 6935] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6935] setpgid(0, 0) = 0 [pid 6935] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6915] <... munmap resumed>) = 0 [pid 6935] write(3, "1000", 4) = 4 [pid 6935] close(3) = 0 [pid 6935] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6935] memfd_create("syzkaller", 0) = 3 [pid 6935] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 6915] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 113.161146][ T6844] BTRFS info (device loop1): disabling free space tree [ 113.161395][ T6915] loop4: detected capacity change from 0 to 32768 [ 113.190601][ T6844] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [pid 6915] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6915] close(3) = 0 [pid 6915] mkdir("./bus", 0777) = 0 [ 113.250646][ T6844] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 113.293157][ T6915] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz-executor383 (6915) [pid 6915] mount("/dev/loop4", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 6844] <... mount resumed>) = 0 [pid 6844] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6844] chdir("./bus") = 0 [pid 6844] ioctl(4, LOOP_CLR_FD) = 0 [pid 6844] close(4) = 0 [ 113.430759][ T6915] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm [ 113.439349][ T6915] BTRFS info (device loop4): enabling auto defrag [pid 6844] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6844] pwrite64(4, "2", 1, 55022) = 1 [ 113.501680][ T6915] BTRFS info (device loop4): enabling disk space caching [pid 6844] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 6844] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 6844] ftruncate(5, 43006) = 0 [pid 6844] exit_group(0) = ? [ 113.555490][ T6915] BTRFS info (device loop4): max_inline at 0 [pid 6844] +++ exited with 0 +++ [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6844, si_uid=0, si_status=0, si_utime=0, si_stime=30 /* 0.30 s */} --- [pid 5066] umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5066] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5066] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [ 113.600598][ T6915] BTRFS info (device loop4): force clearing of disk cache [ 113.607830][ T6915] BTRFS info (device loop4): turning on sync discard [pid 5066] umount2("./18/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6935] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6918] <... write resumed>) = 16777216 [ 113.650671][ T6915] BTRFS info (device loop4): disk space caching is enabled [pid 6918] munmap(0x7f716ab16000, 138412032) = 0 [pid 6917] <... write resumed>) = 16777216 [pid 6918] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6917] munmap(0x7f716ab16000, 138412032 [pid 6918] <... openat resumed>) = 4 [pid 6918] ioctl(4, LOOP_SET_FD, 3 [pid 6917] <... munmap resumed>) = 0 [ 113.722419][ T6918] loop0: detected capacity change from 0 to 32768 [pid 6918] <... ioctl resumed>) = 0 [pid 6918] close(3) = 0 [pid 6917] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6917] ioctl(4, LOOP_SET_FD, 3 [pid 6918] mkdir("./bus", 0777 [pid 5066] <... umount2 resumed>) = 0 [pid 5066] umount2("./18/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] newfstatat(AT_FDCWD, "./18/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] umount2("./18/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./18/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6918] <... mkdir resumed>) = 0 [pid 5066] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5066] close(4 [pid 6918] mount("/dev/loop0", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5066] <... close resumed>) = 0 [pid 5066] rmdir("./18/bus") = 0 [pid 5066] umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6917] <... ioctl resumed>) = 0 [pid 6916] <... write resumed>) = 16777216 [pid 5066] newfstatat(AT_FDCWD, "./18/binderfs", [pid 6917] close(3 [pid 5066] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6917] <... close resumed>) = 0 [pid 5066] unlink("./18/binderfs" [pid 6917] mkdir("./bus", 0777) = 0 [ 113.772942][ T6917] loop3: detected capacity change from 0 to 32768 [pid 5066] <... unlink resumed>) = 0 [pid 6917] mount("/dev/loop3", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 6916] munmap(0x7f716ab16000, 138412032 [pid 5066] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./18") = 0 [pid 5066] mkdir("./19", 0777 [pid 6916] <... munmap resumed>) = 0 [pid 5066] <... mkdir resumed>) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = 0 [pid 5066] close(3) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d0c650) = 6953 ./strace-static-x86_64: Process 6953 attached [pid 6953] set_robust_list(0x555556d0c660, 24) = 0 [pid 6953] chdir("./19") = 0 [pid 6953] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6953] setpgid(0, 0) = 0 [pid 6953] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 113.819260][ T6918] BTRFS: device /dev/loop0 using temp-fsid 9eba2675-5024-4ada-a635-bb038bab1eef [ 113.831848][ T6915] BTRFS info (device loop4): enabling ssd optimizations [pid 6953] write(3, "1000", 4) = 4 [pid 6916] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6953] close(3 [pid 6916] <... openat resumed>) = 4 [pid 6916] ioctl(4, LOOP_SET_FD, 3 [pid 6953] <... close resumed>) = 0 [pid 6953] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6953] memfd_create("syzkaller", 0) = 3 [pid 6953] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 6916] <... ioctl resumed>) = 0 [pid 6916] close(3) = 0 [pid 6916] mkdir("./bus", 0777) = 0 [ 113.883966][ T6916] loop2: detected capacity change from 0 to 32768 [ 113.892401][ T6918] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz-executor383 (6918) [ 113.907796][ T6915] BTRFS info (device loop4): rebuilding free space tree [ 113.935530][ T6917] BTRFS: device /dev/loop3 using temp-fsid e9b3574b-73cd-45d3-b93f-72743255b03e [ 113.963711][ T6918] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm [ 113.971500][ T6915] BTRFS info (device loop4): disabling free space tree [pid 6916] mount("/dev/loop2", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 6935] <... write resumed>) = 16777216 [pid 6935] munmap(0x7f716ab16000, 138412032) = 0 [pid 6935] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [ 113.973178][ T6917] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz-executor383 (6917) [ 113.979039][ T6915] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 114.000835][ T6918] BTRFS info (device loop0): enabling auto defrag [ 114.021325][ T6918] BTRFS info (device loop0): enabling disk space caching [ 114.028419][ T6918] BTRFS info (device loop0): max_inline at 0 [ 114.057625][ T6918] BTRFS info (device loop0): force clearing of disk cache [ 114.067944][ T6916] BTRFS: device /dev/loop2 using temp-fsid ba6ace19-a34e-401b-8afa-4a5e922d9bd2 [ 114.077703][ T6917] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm [ 114.080780][ T6915] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 114.091316][ T6916] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz-executor383 (6916) [ 114.096523][ T6935] loop5: detected capacity change from 0 to 32768 [ 114.110898][ T6917] BTRFS info (device loop3): enabling auto defrag [ 114.125582][ T6918] BTRFS info (device loop0): turning on sync discard [ 114.134305][ T6918] BTRFS info (device loop0): disk space caching is enabled [ 114.143140][ T6917] BTRFS info (device loop3): enabling disk space caching [pid 6935] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6935] close(3) = 0 [pid 6935] mkdir("./bus", 0777) = 0 [pid 6935] mount("/dev/loop5", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 6915] <... mount resumed>) = 0 [pid 6915] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6915] chdir("./bus") = 0 [pid 6915] ioctl(4, LOOP_CLR_FD) = 0 [pid 6915] close(4) = 0 [pid 6915] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6915] pwrite64(4, "2", 1, 55022 [ 114.159287][ T6917] BTRFS info (device loop3): max_inline at 0 [ 114.171759][ T6935] BTRFS: device /dev/loop5 using temp-fsid 234aa404-6a2e-4dc0-bb36-28439a9060cc [ 114.184603][ T6935] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 scanned by syz-executor383 (6935) [pid 6953] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6915] <... pwrite64 resumed>) = 1 [pid 6915] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 6915] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 6915] ftruncate(5, 43006) = 0 [pid 6915] exit_group(0) = ? [pid 6915] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6915, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=29 /* 0.29 s */} --- [pid 5069] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5069] umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5069] umount2("./18/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 6918] <... mount resumed>) = 0 [pid 5069] umount2("./18/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6918] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6918] chdir("./bus") = 0 [pid 5069] newfstatat(AT_FDCWD, "./18/bus", [pid 6918] ioctl(4, LOOP_CLR_FD) = 0 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6918] close(4 [pid 5069] umount2("./18/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6918] <... close resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6918] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] openat(AT_FDCWD, "./18/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, [pid 6918] <... open resumed>) = 4 [pid 5069] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 6916] <... mount resumed>) = 0 [pid 5069] close(4 [pid 6918] pwrite64(4, "2", 1, 55022 [pid 6917] <... mount resumed>) = 0 [pid 6916] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5069] <... close resumed>) = 0 [pid 5069] rmdir("./18/bus") = 0 [pid 6917] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 6916] <... openat resumed>) = 3 [pid 5069] umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6917] <... openat resumed>) = 3 [pid 6916] chdir("./bus" [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6917] chdir("./bus" [pid 6916] <... chdir resumed>) = 0 [pid 6917] <... chdir resumed>) = 0 [pid 6916] ioctl(4, LOOP_CLR_FD [pid 5069] newfstatat(AT_FDCWD, "./18/binderfs", [pid 6917] ioctl(4, LOOP_CLR_FD [pid 6916] <... ioctl resumed>) = 0 [pid 5069] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6917] <... ioctl resumed>) = 0 [pid 6916] close(4 [pid 5069] unlink("./18/binderfs" [pid 6917] close(4 [pid 6916] <... close resumed>) = 0 [pid 5069] <... unlink resumed>) = 0 [pid 6917] <... close resumed>) = 0 [pid 6916] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5069] getdents64(3, [pid 6918] <... pwrite64 resumed>) = 1 [pid 6917] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 6916] <... open resumed>) = 4 [pid 5069] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 6918] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 6917] <... open resumed>) = 4 [pid 5069] close(3 [pid 6918] <... openat resumed>) = 5 [pid 6917] pwrite64(4, "2", 1, 55022 [pid 6916] pwrite64(4, "2", 1, 55022 [pid 5069] <... close resumed>) = 0 [pid 5069] rmdir("./18" [pid 6918] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 5069] <... rmdir resumed>) = 0 [pid 6918] ftruncate(5, 43006 [pid 5069] mkdir("./19", 0777) = 0 [pid 6918] <... ftruncate resumed>) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 6917] <... pwrite64 resumed>) = 1 [pid 5069] close(3 [pid 6917] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5069] <... close resumed>) = 0 [pid 6918] exit_group(0 [pid 6917] <... openat resumed>) = 5 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6918] <... exit_group resumed>) = ? [pid 6916] <... pwrite64 resumed>) = 1 [pid 6918] +++ exited with 0 +++ [pid 6916] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000./strace-static-x86_64: Process 7015 attached ) = 5 [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6918, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=37 /* 0.37 s */} --- [pid 7015] set_robust_list(0x555556d0c660, 24 [pid 6917] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 6916] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5069] <... clone resumed>, child_tidptr=0x555556d0c650) = 7015 [pid 7015] <... set_robust_list resumed>) = 0 [pid 6917] <... write resumed>) = 65191 [pid 6916] <... write resumed>) = 65191 [pid 7015] chdir("./19" [pid 5065] umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7015] <... chdir resumed>) = 0 [pid 6917] ftruncate(5, 43006 [pid 6916] ftruncate(5, 43006 [pid 7015] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6917] <... ftruncate resumed>) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7015] <... prctl resumed>) = 0 [pid 5065] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7015] setpgid(0, 0 [pid 6953] <... write resumed>) = 16777216 [pid 6917] exit_group(0 [pid 6916] <... ftruncate resumed>) = 0 [pid 5065] <... openat resumed>) = 3 [pid 6917] <... exit_group resumed>) = ? [pid 6916] exit_group(0 [pid 6917] +++ exited with 0 +++ [pid 6916] <... exit_group resumed>) = ? [pid 5065] newfstatat(3, "", [pid 7015] <... setpgid resumed>) = 0 [pid 6953] munmap(0x7f716ab16000, 138412032 [pid 6916] +++ exited with 0 +++ [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 7015] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6917, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=33 /* 0.33 s */} --- [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6916, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=26 /* 0.26 s */} --- [pid 5068] umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] getdents64(3, [pid 7015] <... openat resumed>) = 3 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 7015] write(3, "1000", 4 [pid 5068] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] umount2("./18/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7015] <... write resumed>) = 4 [pid 6953] <... munmap resumed>) = 0 [pid 5068] <... openat resumed>) = 3 [pid 7015] close(3 [pid 5068] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 7015] <... close resumed>) = 0 [pid 5067] umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7015] symlink("/dev/binderfs", "./binderfs" [pid 5068] getdents64(3, [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7015] <... symlink resumed>) = 0 [pid 6935] <... mount resumed>) = 0 [pid 6935] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5067] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7015] memfd_create("syzkaller", 0 [pid 6935] <... openat resumed>) = 3 [pid 5068] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5067] <... openat resumed>) = 3 [pid 6935] chdir("./bus" [pid 5067] newfstatat(3, "", [pid 7015] <... memfd_create resumed>) = 3 [pid 6935] <... chdir resumed>) = 0 [pid 5068] umount2("./17/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7015] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6953] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6935] ioctl(4, LOOP_CLR_FD [pid 5067] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 7015] <... mmap resumed>) = 0x7f716ab16000 [pid 6953] <... openat resumed>) = 4 [pid 6935] <... ioctl resumed>) = 0 [pid 5067] getdents64(3, [pid 6935] close(4 [pid 5067] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 6953] ioctl(4, LOOP_SET_FD, 3 [pid 6935] <... close resumed>) = 0 [pid 6935] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 6935] pwrite64(4, "2", 1, 55022 [pid 5067] umount2("./18/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6953] <... ioctl resumed>) = 0 [pid 6953] close(3) = 0 [pid 6953] mkdir("./bus", 0777 [pid 6935] <... pwrite64 resumed>) = 1 [pid 6953] <... mkdir resumed>) = 0 [ 114.607210][ T6953] loop1: detected capacity change from 0 to 32768 [pid 6935] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 6953] mount("/dev/loop1", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 6935] <... openat resumed>) = 5 [pid 6935] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 6935] ftruncate(5, 43006) = 0 [pid 6935] exit_group(0) = ? [pid 6935] +++ exited with 0 +++ [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6935, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=26 /* 0.26 s */} --- [pid 5070] umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 114.650756][ T6953] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz-executor383 (6953) [pid 5070] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5070] umount2("./18/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... umount2 resumed>) = 0 [pid 5065] umount2("./18/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] newfstatat(AT_FDCWD, "./18/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] umount2("./18/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./18/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [pid 5065] rmdir("./18/bus") = 0 [pid 5065] umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] newfstatat(AT_FDCWD, "./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] unlink("./18/binderfs") = 0 [pid 5065] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 5065] rmdir("./18") = 0 [pid 5065] mkdir("./19", 0777) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = 0 [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7035 attached [pid 5068] <... umount2 resumed>) = 0 [pid 5067] <... umount2 resumed>) = 0 [pid 5065] <... clone resumed>, child_tidptr=0x555556d0c650) = 7035 [pid 7035] set_robust_list(0x555556d0c660, 24) = 0 [pid 7035] chdir("./19") = 0 [pid 5070] <... umount2 resumed>) = 0 [pid 5067] umount2("./18/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7035] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7035] setpgid(0, 0) = 0 [pid 7035] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] newfstatat(AT_FDCWD, "./18/bus", [pid 7035] write(3, "1000", 4) = 4 [pid 7035] close(3) = 0 [pid 5070] umount2("./18/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] umount2("./17/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] umount2("./18/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7035] symlink("/dev/binderfs", "./binderfs" [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] newfstatat(AT_FDCWD, "./17/bus", [pid 5067] openat(AT_FDCWD, "./18/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7035] <... symlink resumed>) = 0 [pid 6953] <... mount resumed>) = 0 [pid 5070] newfstatat(AT_FDCWD, "./18/bus", [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5067] <... openat resumed>) = 4 [pid 5067] newfstatat(4, "", [pid 5068] umount2("./17/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6953] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5070] umount2("./18/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] openat(AT_FDCWD, "./17/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5067] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7035] memfd_create("syzkaller", 0 [pid 6953] <... openat resumed>) = 3 [pid 5070] openat(AT_FDCWD, "./18/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] <... openat resumed>) = 4 [pid 5067] getdents64(4, [pid 7035] <... memfd_create resumed>) = 3 [pid 5067] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 7035] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 6953] chdir("./bus" [pid 5070] <... openat resumed>) = 4 [pid 5068] newfstatat(4, "", [pid 5067] getdents64(4, [pid 5070] newfstatat(4, "", [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6953] <... chdir resumed>) = 0 [pid 5067] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 6953] ioctl(4, LOOP_CLR_FD [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] getdents64(4, [pid 5067] close(4 [pid 6953] <... ioctl resumed>) = 0 [pid 5070] getdents64(4, [pid 5068] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5067] <... close resumed>) = 0 [pid 6953] close(4 [pid 5070] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5067] rmdir("./18/bus" [pid 5068] getdents64(4, [pid 6953] <... close resumed>) = 0 [pid 6953] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5070] getdents64(4, [pid 5068] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5067] <... rmdir resumed>) = 0 [pid 6953] <... open resumed>) = 4 [pid 5070] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5068] close(4 [pid 5067] umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6953] pwrite64(4, "2", 1, 55022 [pid 5068] <... close resumed>) = 0 [pid 5070] close(4 [pid 5068] rmdir("./17/bus" [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] <... close resumed>) = 0 [pid 5067] newfstatat(AT_FDCWD, "./18/binderfs", [pid 5070] rmdir("./18/bus") = 0 [pid 5068] <... rmdir resumed>) = 0 [pid 5067] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5067] unlink("./18/binderfs" [pid 6953] <... pwrite64 resumed>) = 1 [pid 5070] umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... unlink resumed>) = 0 [pid 6953] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] getdents64(3, [pid 5068] newfstatat(AT_FDCWD, "./17/binderfs", [pid 5067] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 7015] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 6953] <... openat resumed>) = 5 [pid 5070] newfstatat(AT_FDCWD, "./18/binderfs", [pid 5068] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5067] close(3) = 0 [pid 5068] unlink("./17/binderfs" [pid 5070] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5067] rmdir("./18" [pid 6953] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5070] unlink("./18/binderfs" [pid 5068] <... unlink resumed>) = 0 [pid 5067] <... rmdir resumed>) = 0 [pid 5067] mkdir("./19", 0777 [pid 5070] <... unlink resumed>) = 0 [pid 5068] getdents64(3, [pid 5067] <... mkdir resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6953] <... write resumed>) = 65191 [pid 5070] getdents64(3, [pid 5068] close(3 [pid 5067] <... openat resumed>) = 3 [pid 5070] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 6953] ftruncate(5, 43006 [pid 5070] close(3 [pid 5068] <... close resumed>) = 0 [pid 5067] ioctl(3, LOOP_CLR_FD [pid 5068] rmdir("./17" [pid 5070] <... close resumed>) = 0 [pid 5070] rmdir("./18") = 0 [pid 5067] <... ioctl resumed>) = 0 [pid 5070] mkdir("./19", 0777 [pid 5068] <... rmdir resumed>) = 0 [pid 5067] close(3 [pid 6953] <... ftruncate resumed>) = 0 [pid 5070] <... mkdir resumed>) = 0 [pid 5067] <... close resumed>) = 0 [pid 6953] exit_group(0 [pid 5070] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5068] mkdir("./18", 0777 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] <... mkdir resumed>) = 0 [pid 6953] <... exit_group resumed>) = ? [pid 5070] <... openat resumed>) = 3 ./strace-static-x86_64: Process 7036 attached [pid 7036] set_robust_list(0x555556d0c660, 24) = 0 [pid 7036] chdir("./19" [pid 5070] ioctl(3, LOOP_CLR_FD [pid 5068] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5070] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5067] <... clone resumed>, child_tidptr=0x555556d0c650) = 7036 [pid 5070] close(3 [pid 5068] <... openat resumed>) = 3 [pid 6953] +++ exited with 0 +++ [pid 5070] <... close resumed>) = 0 [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6953, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 5068] <... ioctl resumed>) = 0 [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 7036] <... chdir resumed>) = 0 [pid 7036] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 7037 attached ) = 0 [pid 5068] close(3 [pid 7037] set_robust_list(0x555556d0c660, 24 [pid 7036] setpgid(0, 0) = 0 [pid 7036] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7036] write(3, "1000", 4) = 4 [pid 7036] close(3) = 0 [pid 7036] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7036] memfd_create("syzkaller", 0 [pid 5068] <... close resumed>) = 0 [pid 7037] <... set_robust_list resumed>) = 0 [pid 7036] <... memfd_create resumed>) = 3 [pid 7036] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 7037] chdir("./19" [pid 5070] <... clone resumed>, child_tidptr=0x555556d0c650) = 7037 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5066] umount2("./19", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 7038 attached [pid 7037] <... chdir resumed>) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7038] set_robust_list(0x555556d0c660, 24 [pid 5066] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7037] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5068] <... clone resumed>, child_tidptr=0x555556d0c650) = 7038 [pid 7037] <... prctl resumed>) = 0 [pid 7038] <... set_robust_list resumed>) = 0 [pid 7037] setpgid(0, 0 [pid 5066] <... openat resumed>) = 3 [pid 7037] <... setpgid resumed>) = 0 [pid 5066] newfstatat(3, "", [pid 7038] chdir("./18" [pid 7037] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5066] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 7038] <... chdir resumed>) = 0 [pid 5066] getdents64(3, [pid 7038] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 7037] <... openat resumed>) = 3 [pid 5066] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 7038] <... prctl resumed>) = 0 [pid 7038] setpgid(0, 0 [pid 7037] write(3, "1000", 4 [pid 5066] umount2("./19/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7038] <... setpgid resumed>) = 0 [pid 7037] <... write resumed>) = 4 [pid 7037] close(3 [pid 7038] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 7037] <... close resumed>) = 0 [pid 7037] symlink("/dev/binderfs", "./binderfs" [pid 7038] <... openat resumed>) = 3 [pid 7037] <... symlink resumed>) = 0 [pid 7038] write(3, "1000", 4 [pid 7037] memfd_create("syzkaller", 0 [pid 7038] <... write resumed>) = 4 [pid 7038] close(3 [pid 7037] <... memfd_create resumed>) = 3 [pid 7038] <... close resumed>) = 0 [pid 7037] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 7038] symlink("/dev/binderfs", "./binderfs" [pid 7037] <... mmap resumed>) = 0x7f716ab16000 [pid 7038] <... symlink resumed>) = 0 [pid 7038] memfd_create("syzkaller", 0) = 3 [pid 7038] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 7035] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5066] <... umount2 resumed>) = 0 [pid 5066] umount2("./19/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] newfstatat(AT_FDCWD, "./19/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] umount2("./19/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./19/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5066] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 5066] rmdir("./19/bus") = 0 [pid 5066] umount2("./19/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] newfstatat(AT_FDCWD, "./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] unlink("./19/binderfs") = 0 [pid 5066] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./19") = 0 [pid 5066] mkdir("./20", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = 0 [pid 5066] close(3) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d0c650) = 7040 ./strace-static-x86_64: Process 7040 attached [pid 7040] set_robust_list(0x555556d0c660, 24) = 0 [pid 7040] chdir("./20") = 0 [pid 7040] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7040] setpgid(0, 0) = 0 [pid 7040] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7040] write(3, "1000", 4) = 4 [pid 7040] close(3) = 0 [pid 7040] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7040] memfd_create("syzkaller", 0) = 3 [pid 7040] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 7036] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7038] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7037] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7015] <... write resumed>) = 16777216 [pid 7015] munmap(0x7f716ab16000, 138412032) = 0 [pid 7015] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 7015] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7015] close(3) = 0 [ 115.893273][ T7015] loop4: detected capacity change from 0 to 32768 [pid 7015] mkdir("./bus", 0777) = 0 [ 115.977947][ T7015] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz-executor383 (7015) [pid 7015] mount("/dev/loop4", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 7035] <... write resumed>) = 16777216 [pid 7035] munmap(0x7f716ab16000, 138412032) = 0 [ 116.044402][ T7015] _btrfs_printk: 49 callbacks suppressed [ 116.044415][ T7015] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm [ 116.081866][ T7015] BTRFS info (device loop4): enabling auto defrag [pid 7035] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 116.116290][ T7015] BTRFS info (device loop4): enabling disk space caching [ 116.127935][ T7035] loop0: detected capacity change from 0 to 32768 [pid 7035] ioctl(4, LOOP_SET_FD, 3 [pid 7040] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7035] <... ioctl resumed>) = 0 [pid 7035] close(3) = 0 [pid 7035] mkdir("./bus", 0777) = 0 [ 116.157985][ T7015] BTRFS info (device loop4): max_inline at 0 [ 116.175918][ T7035] BTRFS: device /dev/loop0 using temp-fsid b3ec10c1-3832-4367-a623-a13438c0e00b [ 116.197694][ T7015] BTRFS info (device loop4): force clearing of disk cache [ 116.232010][ T7015] BTRFS info (device loop4): turning on sync discard [ 116.238760][ T7015] BTRFS info (device loop4): disk space caching is enabled [ 116.240646][ T7035] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz-executor383 (7035) [pid 7035] mount("/dev/loop0", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 7038] <... write resumed>) = 16777216 [pid 7037] <... write resumed>) = 16777216 [pid 7038] munmap(0x7f716ab16000, 138412032 [pid 7037] munmap(0x7f716ab16000, 138412032) = 0 [pid 7038] <... munmap resumed>) = 0 [pid 7037] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [ 116.352176][ T7035] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm [ 116.380640][ T7035] BTRFS info (device loop0): enabling auto defrag [ 116.387183][ T7035] BTRFS info (device loop0): enabling disk space caching [pid 7038] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 7037] ioctl(4, LOOP_SET_FD, 3 [pid 7038] ioctl(4, LOOP_SET_FD, 3 [pid 7036] <... write resumed>) = 16777216 [pid 7037] <... ioctl resumed>) = 0 [pid 7036] munmap(0x7f716ab16000, 138412032 [pid 7037] close(3) = 0 [pid 7037] mkdir("./bus", 0777 [pid 7038] <... ioctl resumed>) = 0 [pid 7037] <... mkdir resumed>) = 0 [pid 7038] close(3 [ 116.415025][ T7037] loop5: detected capacity change from 0 to 32768 [ 116.424049][ T7035] BTRFS info (device loop0): max_inline at 0 [ 116.430822][ T7038] loop3: detected capacity change from 0 to 32768 [ 116.437726][ T7035] BTRFS info (device loop0): force clearing of disk cache [ 116.446985][ T7035] BTRFS info (device loop0): turning on sync discard [ 116.454809][ T7035] BTRFS info (device loop0): disk space caching is enabled [pid 7037] mount("/dev/loop5", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 7036] <... munmap resumed>) = 0 [pid 7038] <... close resumed>) = 0 [pid 7036] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 7038] mkdir("./bus", 0777 [pid 7036] <... openat resumed>) = 4 [pid 7038] <... mkdir resumed>) = 0 [pid 7036] ioctl(4, LOOP_SET_FD, 3 [pid 7038] mount("/dev/loop3", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 7036] <... ioctl resumed>) = 0 [pid 7036] close(3) = 0 [pid 7036] mkdir("./bus", 0777) = 0 [ 116.457301][ T7037] BTRFS: device /dev/loop5 using temp-fsid 52f018f2-5c6a-48b8-8471-313c70e1cab2 [ 116.471833][ T7037] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 scanned by syz-executor383 (7037) [ 116.479654][ T7036] loop2: detected capacity change from 0 to 32768 [ 116.497710][ T7015] BTRFS info (device loop4): enabling ssd optimizations [pid 7036] mount("/dev/loop2", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 7040] <... write resumed>) = 16777216 [ 116.520347][ T7038] BTRFS: device /dev/loop3 using temp-fsid 5be0efb6-eeeb-462a-b021-b822dbf3baae [ 116.530072][ T7015] BTRFS info (device loop4): rebuilding free space tree [ 116.544344][ T7038] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz-executor383 (7038) [ 116.560228][ T7037] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm [pid 7040] munmap(0x7f716ab16000, 138412032) = 0 [ 116.564074][ T7015] BTRFS info (device loop4): disabling free space tree [ 116.569492][ T7037] BTRFS info (device loop5): enabling auto defrag [ 116.578125][ T7036] BTRFS: device /dev/loop2 using temp-fsid 22a605ea-bc56-4108-bdef-02798927a9b7 [ 116.590204][ T7015] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 116.591973][ T7038] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm [ 116.602340][ T7037] BTRFS info (device loop5): enabling disk space caching [pid 7040] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 7040] ioctl(4, LOOP_SET_FD, 3) = 0 [ 116.610951][ T7038] BTRFS info (device loop3): enabling auto defrag [ 116.618042][ T7015] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 116.623938][ T7038] BTRFS info (device loop3): enabling disk space caching [ 116.634467][ T7036] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz-executor383 (7036) [ 116.641354][ T7040] loop1: detected capacity change from 0 to 32768 [ 116.660015][ T7037] BTRFS info (device loop5): max_inline at 0 [pid 7040] close(3) = 0 [pid 7040] mkdir("./bus", 0777) = 0 [ 116.661356][ T7038] BTRFS info (device loop3): max_inline at 0 [ 116.677092][ T7037] BTRFS info (device loop5): force clearing of disk cache [ 116.684498][ T7037] BTRFS info (device loop5): turning on sync discard [ 116.691573][ T7037] BTRFS info (device loop5): disk space caching is enabled [ 116.692969][ T7038] BTRFS info (device loop3): force clearing of disk cache [ 116.701390][ T7040] BTRFS: device /dev/loop1 using temp-fsid 02b55eef-8f75-4ec1-817f-9b35bdb34cf7 [ 116.712567][ T7038] BTRFS info (device loop3): turning on sync discard [ 116.716241][ T7036] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm [ 116.729326][ T7038] BTRFS info (device loop3): disk space caching is enabled [ 116.732174][ T7036] BTRFS info (device loop2): enabling auto defrag [ 116.744502][ T7040] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz-executor383 (7040) [ 116.748832][ T7036] BTRFS info (device loop2): enabling disk space caching [ 116.764701][ T7036] BTRFS info (device loop2): max_inline at 0 [pid 7040] mount("/dev/loop1", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 7015] <... mount resumed>) = 0 [pid 7015] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 7015] chdir("./bus") = 0 [pid 7015] ioctl(4, LOOP_CLR_FD) = 0 [pid 7015] close(4) = 0 [pid 7015] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [ 116.770790][ T7036] BTRFS info (device loop2): force clearing of disk cache [ 116.774494][ T7040] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm [ 116.780829][ T7036] BTRFS info (device loop2): turning on sync discard [ 116.793674][ T7036] BTRFS info (device loop2): disk space caching is enabled [ 116.802903][ T7035] BTRFS info (device loop0): enabling ssd optimizations [pid 7015] pwrite64(4, "2", 1, 55022) = 1 [pid 7015] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 7015] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 7015] ftruncate(5, 43006) = 0 [ 116.819410][ T7035] BTRFS info (device loop0): rebuilding free space tree [ 116.825503][ T7040] BTRFS info (device loop1): enabling auto defrag [ 116.860467][ T7040] BTRFS info (device loop1): enabling disk space caching [pid 7015] exit_group(0) = ? [pid 7015] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7015, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=39 /* 0.39 s */} --- [pid 5069] umount2("./19", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [ 116.877050][ T7035] BTRFS info (device loop0): disabling free space tree [ 116.909662][ T7037] BTRFS info (device loop5): enabling ssd optimizations [ 116.917518][ T7040] BTRFS info (device loop1): max_inline at 0 [ 116.924310][ T7038] BTRFS info (device loop3): enabling ssd optimizations [ 116.932616][ T7035] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 116.956224][ T7040] BTRFS info (device loop1): force clearing of disk cache [ 116.970813][ T7037] BTRFS info (device loop5): rebuilding free space tree [ 116.979352][ T7038] BTRFS info (device loop3): rebuilding free space tree [ 116.991583][ T7035] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 116.993660][ T7040] BTRFS info (device loop1): turning on sync discard [ 117.008910][ T7040] BTRFS info (device loop1): disk space caching is enabled [ 117.016361][ T7036] BTRFS info (device loop2): enabling ssd optimizations [ 117.025613][ T7036] BTRFS info (device loop2): rebuilding free space tree [ 117.039542][ T7037] BTRFS info (device loop5): disabling free space tree [ 117.047314][ T7037] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 117.068503][ T7036] BTRFS info (device loop2): disabling free space tree [pid 5069] umount2("./19/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7035] <... mount resumed>) = 0 [pid 7035] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 7035] chdir("./bus") = 0 [pid 7035] ioctl(4, LOOP_CLR_FD) = 0 [ 117.071585][ T7038] BTRFS info (device loop3): disabling free space tree [ 117.076889][ T7036] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 117.085213][ T7037] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 117.098286][ T7038] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 117.110099][ T7036] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [pid 7035] close(4) = 0 [pid 7037] <... mount resumed>) = 0 [pid 7037] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 7035] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 7037] chdir("./bus") = 0 [pid 7037] ioctl(4, LOOP_CLR_FD) = 0 [pid 7037] close(4) = 0 [pid 7037] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 7037] pwrite64(4, "2", 1, 55022 [pid 7035] <... open resumed>) = 4 [pid 7038] <... mount resumed>) = 0 [pid 7037] <... pwrite64 resumed>) = 1 [pid 7038] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 7037] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 7038] <... openat resumed>) = 3 [pid 7037] <... openat resumed>) = 5 [pid 7038] chdir("./bus" [pid 7037] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 7038] <... chdir resumed>) = 0 [pid 7037] <... write resumed>) = 65191 [pid 7038] ioctl(4, LOOP_CLR_FD [pid 7037] ftruncate(5, 43006 [pid 7038] <... ioctl resumed>) = 0 [pid 7038] close(4) = 0 [pid 7035] pwrite64(4, "2", 1, 55022 [pid 7038] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 7037] <... ftruncate resumed>) = 0 [pid 7038] <... open resumed>) = 4 [pid 7037] exit_group(0 [pid 7038] pwrite64(4, "2", 1, 55022 [pid 7037] <... exit_group resumed>) = ? [pid 7037] +++ exited with 0 +++ [ 117.128210][ T7038] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7037, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=45 /* 0.45 s */} --- [pid 7038] <... pwrite64 resumed>) = 1 [pid 7036] <... mount resumed>) = 0 [pid 7035] <... pwrite64 resumed>) = 1 [pid 7038] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 7036] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 7035] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 7038] <... openat resumed>) = 5 [pid 7036] <... openat resumed>) = 3 [pid 7036] chdir("./bus" [pid 7035] <... openat resumed>) = 5 [pid 7038] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 7036] <... chdir resumed>) = 0 [pid 7035] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5070] umount2("./19", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7038] <... write resumed>) = 65191 [pid 7036] ioctl(4, LOOP_CLR_FD [pid 7035] <... write resumed>) = 65191 [pid 7036] <... ioctl resumed>) = 0 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7036] close(4 [pid 5070] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7038] ftruncate(5, 43006 [pid 7036] <... close resumed>) = 0 [pid 7036] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5070] <... openat resumed>) = 3 [pid 7036] <... open resumed>) = 4 [pid 7036] pwrite64(4, "2", 1, 55022 [pid 7035] ftruncate(5, 43006) = 0 [pid 7038] <... ftruncate resumed>) = 0 [pid 5070] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 7035] exit_group(0 [pid 5070] getdents64(3, [pid 7035] <... exit_group resumed>) = ? [pid 7038] exit_group(0) = ? [pid 7035] +++ exited with 0 +++ [pid 5070] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7035, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=35 /* 0.35 s */} --- [pid 5065] umount2("./19", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5065] umount2("./19/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] umount2("./19/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7036] <... pwrite64 resumed>) = 1 [pid 7036] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 7036] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 7038] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7038, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=39 /* 0.39 s */} --- [pid 5068] umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 7036] <... write resumed>) = 65191 [pid 5068] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5068] umount2("./18/bus", MNT_DETACH|UMOUNT_NOFOLLOW [ 117.265017][ T7040] BTRFS info (device loop1): enabling ssd optimizations [ 117.272691][ T7038] syz-executor383 (7038) used greatest stack depth: 22208 bytes left [pid 7036] ftruncate(5, 43006) = 0 [pid 7036] exit_group(0) = ? [pid 7036] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7036, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=43 /* 0.43 s */} --- [pid 5067] umount2("./19", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5067] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [ 117.331410][ T7040] BTRFS info (device loop1): rebuilding free space tree [pid 5067] umount2("./19/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... umount2 resumed>) = 0 [pid 5069] umount2("./19/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] newfstatat(AT_FDCWD, "./19/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] umount2("./19/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] <... umount2 resumed>) = 0 [pid 5069] openat(AT_FDCWD, "./19/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] getdents64(4, [pid 5065] umount2("./19/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5065] newfstatat(AT_FDCWD, "./19/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] umount2("./19/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./19/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] getdents64(4, [pid 5065] <... openat resumed>) = 4 [pid 5069] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5065] newfstatat(4, "", [pid 5069] close(4 [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] <... close resumed>) = 0 [pid 5065] getdents64(4, [pid 5069] rmdir("./19/bus" [pid 5065] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5069] <... rmdir resumed>) = 0 [pid 5065] getdents64(4, [pid 5069] umount2("./19/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [ 117.389745][ T7040] BTRFS info (device loop1): disabling free space tree [ 117.413542][ T7040] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [pid 5065] rmdir("./19/bus" [pid 5069] newfstatat(AT_FDCWD, "./19/binderfs", [pid 5065] <... rmdir resumed>) = 0 [pid 5069] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] unlink("./19/binderfs" [pid 5065] umount2("./19/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] newfstatat(AT_FDCWD, "./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] unlink("./19/binderfs") = 0 [pid 5069] <... unlink resumed>) = 0 [pid 5069] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./19") = 0 [pid 5069] mkdir("./20", 0777) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5065] getdents64(3, [pid 5069] <... openat resumed>) = 3 [pid 5065] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5065] close(3 [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5065] <... close resumed>) = 0 [pid 5069] close(3 [pid 5065] rmdir("./19" [pid 5069] <... close resumed>) = 0 [pid 5065] <... rmdir resumed>) = 0 [pid 5065] mkdir("./20", 0777) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5065] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 7040] <... mount resumed>) = 0 [pid 5065] <... openat resumed>) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = 0 [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 7040] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5069] <... clone resumed>, child_tidptr=0x555556d0c650) = 7136 [pid 5065] <... clone resumed>, child_tidptr=0x555556d0c650) = 7137 [pid 5070] <... umount2 resumed>) = 0 [ 117.469917][ T7040] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) ./strace-static-x86_64: Process 7137 attached [pid 7040] <... openat resumed>) = 3 [pid 5070] umount2("./19/bus", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 7136 attached [pid 7136] set_robust_list(0x555556d0c660, 24) = 0 [pid 7136] chdir("./20" [pid 7040] chdir("./bus" [pid 7137] set_robust_list(0x555556d0c660, 24 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7040] <... chdir resumed>) = 0 [pid 7136] <... chdir resumed>) = 0 [pid 7136] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 7040] ioctl(4, LOOP_CLR_FD [pid 5070] newfstatat(AT_FDCWD, "./19/bus", [pid 7137] <... set_robust_list resumed>) = 0 [pid 7040] <... ioctl resumed>) = 0 [pid 7136] <... prctl resumed>) = 0 [pid 7040] close(4 [pid 7137] chdir("./20" [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 7137] <... chdir resumed>) = 0 [pid 7136] setpgid(0, 0 [pid 7040] <... close resumed>) = 0 [pid 5070] umount2("./19/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... umount2 resumed>) = 0 [pid 7137] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 7136] <... setpgid resumed>) = 0 [pid 7040] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7137] <... prctl resumed>) = 0 [pid 7136] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 7040] <... open resumed>) = 4 [pid 5070] openat(AT_FDCWD, "./19/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] umount2("./18/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7136] <... openat resumed>) = 3 [pid 7136] write(3, "1000", 4) = 4 [pid 7136] close(3) = 0 [pid 7136] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7136] memfd_create("syzkaller", 0) = 3 [pid 7136] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 5070] <... openat resumed>) = 4 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7137] setpgid(0, 0 [pid 7040] pwrite64(4, "2", 1, 55022 [pid 5068] newfstatat(AT_FDCWD, "./18/bus", [pid 7137] <... setpgid resumed>) = 0 [pid 5070] newfstatat(4, "", [pid 7137] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 7137] <... openat resumed>) = 3 [pid 5070] getdents64(4, [pid 5068] umount2("./18/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7137] write(3, "1000", 4 [pid 7040] <... pwrite64 resumed>) = 1 [pid 5070] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7137] <... write resumed>) = 4 [pid 7040] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5070] getdents64(4, [pid 5068] openat(AT_FDCWD, "./18/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7137] close(3) = 0 [pid 7040] <... openat resumed>) = 5 [pid 5070] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5068] <... openat resumed>) = 4 [pid 7137] symlink("/dev/binderfs", "./binderfs" [pid 5070] close(4 [pid 5068] newfstatat(4, "", [pid 7137] <... symlink resumed>) = 0 [pid 5070] <... close resumed>) = 0 [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 7137] memfd_create("syzkaller", 0 [pid 5070] rmdir("./19/bus" [pid 5068] getdents64(4, [pid 7137] <... memfd_create resumed>) = 3 [pid 5070] <... rmdir resumed>) = 0 [pid 7137] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5070] umount2("./19/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 7137] <... mmap resumed>) = 0x7f716ab16000 [pid 7040] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] getdents64(4, [pid 5070] newfstatat(AT_FDCWD, "./19/binderfs", [pid 5068] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5070] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] close(4 [pid 7040] <... write resumed>) = 65191 [pid 5070] unlink("./19/binderfs" [pid 5068] <... close resumed>) = 0 [pid 5070] <... unlink resumed>) = 0 [pid 5068] rmdir("./18/bus" [pid 5070] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5068] <... rmdir resumed>) = 0 [pid 5070] close(3 [pid 5068] umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] <... close resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] rmdir("./19" [pid 5068] newfstatat(AT_FDCWD, "./18/binderfs", [pid 7040] ftruncate(5, 43006 [pid 5070] <... rmdir resumed>) = 0 [pid 5068] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] unlink("./18/binderfs") = 0 [pid 5068] getdents64(3, [pid 5070] mkdir("./20", 0777 [pid 5068] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 7040] <... ftruncate resumed>) = 0 [pid 5070] <... mkdir resumed>) = 0 [pid 5068] rmdir("./18" [pid 7040] exit_group(0 [pid 5070] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5068] <... rmdir resumed>) = 0 [pid 5070] <... openat resumed>) = 3 [pid 5068] mkdir("./19", 0777 [pid 7040] <... exit_group resumed>) = ? [pid 5068] <... mkdir resumed>) = 0 [pid 7040] +++ exited with 0 +++ [pid 5070] ioctl(3, LOOP_CLR_FD [pid 5068] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7040, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=37 /* 0.37 s */} --- [pid 5067] <... umount2 resumed>) = 0 [pid 5066] umount2("./20", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5066] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5066] getdents64(3, [pid 5068] <... openat resumed>) = 3 [pid 5070] <... ioctl resumed>) = 0 [pid 5067] umount2("./19/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5066] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5068] <... ioctl resumed>) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] close(3 [pid 5067] newfstatat(AT_FDCWD, "./19/bus", [pid 5070] close(3 [pid 5068] <... close resumed>) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5066] umount2("./20/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 ./strace-static-x86_64: Process 7138 attached [pid 5070] <... close resumed>) = 0 [pid 5067] umount2("./19/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] <... clone resumed>, child_tidptr=0x555556d0c650) = 7138 [pid 7138] set_robust_list(0x555556d0c660, 24 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./19/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7138] <... set_robust_list resumed>) = 0 [pid 5070] <... clone resumed>, child_tidptr=0x555556d0c650) = 7139 [pid 5067] <... openat resumed>) = 4 [pid 7138] chdir("./19") = 0 [pid 5067] newfstatat(4, "", ./strace-static-x86_64: Process 7139 attached {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 7139] set_robust_list(0x555556d0c660, 24 [pid 7138] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5067] getdents64(4, [pid 7138] <... prctl resumed>) = 0 [pid 7139] <... set_robust_list resumed>) = 0 [pid 5067] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 7139] chdir("./20" [pid 7138] setpgid(0, 0 [pid 5067] getdents64(4, [pid 7139] <... chdir resumed>) = 0 [pid 7138] <... setpgid resumed>) = 0 [pid 5067] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 7139] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 7138] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5067] close(4 [pid 7139] <... prctl resumed>) = 0 [pid 7139] setpgid(0, 0 [pid 5067] <... close resumed>) = 0 [pid 7139] <... setpgid resumed>) = 0 [pid 5067] rmdir("./19/bus" [pid 7139] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5067] <... rmdir resumed>) = 0 [pid 7138] <... openat resumed>) = 3 [pid 7139] write(3, "1000", 4 [pid 5067] umount2("./19/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 7139] <... write resumed>) = 4 [pid 7139] close(3 [pid 7138] write(3, "1000", 4 [pid 5067] newfstatat(AT_FDCWD, "./19/binderfs", [pid 7139] <... close resumed>) = 0 [pid 7138] <... write resumed>) = 4 [pid 5067] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5067] unlink("./19/binderfs" [pid 7138] close(3 [pid 7139] symlink("/dev/binderfs", "./binderfs" [pid 5067] <... unlink resumed>) = 0 [pid 7139] <... symlink resumed>) = 0 [pid 7138] <... close resumed>) = 0 [pid 7138] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7139] memfd_create("syzkaller", 0 [pid 7138] memfd_create("syzkaller", 0 [pid 5067] getdents64(3, [pid 7138] <... memfd_create resumed>) = 3 [pid 5067] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 7138] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5067] close(3) = 0 [pid 7138] <... mmap resumed>) = 0x7f716ab16000 [pid 5067] rmdir("./19") = 0 [pid 7139] <... memfd_create resumed>) = 3 [pid 5067] mkdir("./20", 0777 [pid 7139] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5067] <... mkdir resumed>) = 0 [pid 7139] <... mmap resumed>) = 0x7f716ab16000 [pid 5067] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = 0 [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d0c650) = 7141 ./strace-static-x86_64: Process 7141 attached [pid 7141] set_robust_list(0x555556d0c660, 24) = 0 [pid 7141] chdir("./20") = 0 [pid 7141] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7141] setpgid(0, 0) = 0 [pid 7141] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7141] write(3, "1000", 4) = 4 [pid 7141] close(3) = 0 [pid 7141] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7141] memfd_create("syzkaller", 0) = 3 [pid 7141] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 7136] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7137] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5066] <... umount2 resumed>) = 0 [pid 5066] umount2("./20/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] newfstatat(AT_FDCWD, "./20/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] umount2("./20/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./20/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5066] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 7139] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5066] rmdir("./20/bus") = 0 [pid 5066] umount2("./20/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] newfstatat(AT_FDCWD, "./20/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] unlink("./20/binderfs") = 0 [pid 5066] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./20") = 0 [pid 5066] mkdir("./21", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = 0 [pid 5066] close(3 [pid 7138] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5066] <... close resumed>) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d0c650) = 7142 ./strace-static-x86_64: Process 7142 attached [pid 7142] set_robust_list(0x555556d0c660, 24) = 0 [pid 7142] chdir("./21") = 0 [pid 7142] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7142] setpgid(0, 0) = 0 [pid 7142] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7142] write(3, "1000", 4) = 4 [pid 7142] close(3) = 0 [pid 7141] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7142] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7142] memfd_create("syzkaller", 0) = 3 [pid 7142] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 7137] <... write resumed>) = 16777216 [pid 7136] <... write resumed>) = 16777216 [pid 7136] munmap(0x7f716ab16000, 138412032) = 0 [pid 7138] <... write resumed>) = 16777216 [pid 7137] munmap(0x7f716ab16000, 138412032 [pid 7136] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 7136] ioctl(4, LOOP_SET_FD, 3 [pid 7137] <... munmap resumed>) = 0 [pid 7138] munmap(0x7f716ab16000, 138412032 [pid 7137] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 7137] ioctl(4, LOOP_SET_FD, 3 [pid 7136] <... ioctl resumed>) = 0 [pid 7136] close(3) = 0 [pid 7136] mkdir("./bus", 0777) = 0 [pid 7136] mount("/dev/loop4", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 7138] <... munmap resumed>) = 0 [ 118.765516][ T7136] loop4: detected capacity change from 0 to 32768 [ 118.791800][ T7137] loop0: detected capacity change from 0 to 32768 [pid 7138] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 7137] <... ioctl resumed>) = 0 [pid 7138] ioctl(4, LOOP_SET_FD, 3 [pid 7137] close(3) = 0 [pid 7137] mkdir("./bus", 0777) = 0 [pid 7142] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [ 118.825367][ T7136] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz-executor383 (7136) [ 118.841192][ T7138] loop3: detected capacity change from 0 to 32768 [pid 7137] mount("/dev/loop0", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 7139] <... write resumed>) = 16777216 [pid 7138] <... ioctl resumed>) = 0 [pid 7138] close(3 [pid 7139] munmap(0x7f716ab16000, 138412032) = 0 [pid 7138] <... close resumed>) = 0 [pid 7138] mkdir("./bus", 0777 [pid 7139] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 7138] <... mkdir resumed>) = 0 [pid 7138] mount("/dev/loop3", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 7141] <... write resumed>) = 16777216 [pid 7139] <... openat resumed>) = 4 [ 118.873497][ T7137] BTRFS: device /dev/loop0 using temp-fsid cfc7495c-8bac-4b19-a795-0a00c5a883c7 [ 118.885043][ T7136] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm [ 118.895593][ T7137] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz-executor383 (7137) [ 118.914348][ T7136] BTRFS info (device loop4): enabling auto defrag [pid 7141] munmap(0x7f716ab16000, 138412032 [pid 7139] ioctl(4, LOOP_SET_FD, 3 [pid 7141] <... munmap resumed>) = 0 [pid 7139] <... ioctl resumed>) = 0 [pid 7141] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 7139] close(3 [pid 7141] <... openat resumed>) = 4 [pid 7139] <... close resumed>) = 0 [pid 7141] ioctl(4, LOOP_SET_FD, 3 [pid 7139] mkdir("./bus", 0777) = 0 [ 118.921484][ T7136] BTRFS info (device loop4): enabling disk space caching [ 118.929176][ T7139] loop5: detected capacity change from 0 to 32768 [ 118.932861][ T7136] BTRFS info (device loop4): max_inline at 0 [ 118.944208][ T7136] BTRFS info (device loop4): force clearing of disk cache [ 118.947425][ T7138] BTRFS: device /dev/loop3 using temp-fsid 545cd13f-69ab-440e-9a23-c9b82c0104ec [ 118.963130][ T7141] loop2: detected capacity change from 0 to 32768 [pid 7139] mount("/dev/loop5", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 7141] <... ioctl resumed>) = 0 [pid 7141] close(3) = 0 [pid 7141] mkdir("./bus", 0777) = 0 [ 118.970257][ T7138] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz-executor383 (7138) [ 118.972948][ T7136] BTRFS info (device loop4): turning on sync discard [ 118.983631][ T7137] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm [ 119.000059][ T7137] BTRFS info (device loop0): enabling auto defrag [ 119.006558][ T7136] BTRFS info (device loop4): disk space caching is enabled [ 119.016801][ T7139] BTRFS: device /dev/loop5 using temp-fsid c9736d86-9081-435e-b1c1-f01359406483 [ 119.028664][ T7139] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 scanned by syz-executor383 (7139) [ 119.042048][ T7138] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm [ 119.050985][ T7137] BTRFS info (device loop0): enabling disk space caching [ 119.059522][ T7138] BTRFS info (device loop3): enabling auto defrag [ 119.068500][ T7141] BTRFS: device /dev/loop2 using temp-fsid 35311720-659a-452e-af02-90e936f7436d [ 119.068933][ T7137] BTRFS info (device loop0): max_inline at 0 [ 119.085709][ T7139] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm [ 119.085758][ T7138] BTRFS info (device loop3): enabling disk space caching [ 119.094246][ T7137] BTRFS info (device loop0): force clearing of disk cache [ 119.105911][ T7141] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz-executor383 (7141) [ 119.108475][ T7139] BTRFS info (device loop5): enabling auto defrag [ 119.127589][ T7137] BTRFS info (device loop0): turning on sync discard [ 119.135022][ T7138] BTRFS info (device loop3): max_inline at 0 [ 119.142092][ T7138] BTRFS info (device loop3): force clearing of disk cache [ 119.151340][ T7137] BTRFS info (device loop0): disk space caching is enabled [ 119.160493][ T7141] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm [pid 7141] mount("/dev/loop2", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 7142] <... write resumed>) = 16777216 [pid 7136] <... mount resumed>) = 0 [pid 7142] munmap(0x7f716ab16000, 138412032 [pid 7136] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 7136] chdir("./bus") = 0 [pid 7136] ioctl(4, LOOP_CLR_FD) = 0 [pid 7142] <... munmap resumed>) = 0 [pid 7136] close(4) = 0 [pid 7136] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [ 119.161642][ T7139] BTRFS info (device loop5): enabling disk space caching [ 119.178090][ T7139] BTRFS info (device loop5): max_inline at 0 [ 119.182478][ T7138] BTRFS info (device loop3): turning on sync discard [ 119.185413][ T7139] BTRFS info (device loop5): force clearing of disk cache [ 119.198246][ T7141] BTRFS info (device loop2): enabling auto defrag [ 119.198646][ T7139] BTRFS info (device loop5): turning on sync discard [pid 7136] pwrite64(4, "2", 1, 55022 [pid 7142] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 7142] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7139] <... mount resumed>) = 0 [pid 7136] <... pwrite64 resumed>) = 1 [pid 7142] close(3 [pid 7139] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 7136] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 7142] <... close resumed>) = 0 [pid 7139] <... openat resumed>) = 3 [pid 7136] <... openat resumed>) = 5 [pid 7139] chdir("./bus") = 0 [pid 7136] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 7142] mkdir("./bus", 0777 [pid 7139] ioctl(4, LOOP_CLR_FD) = 0 [pid 7139] close(4 [pid 7136] <... write resumed>) = 65191 [pid 7139] <... close resumed>) = 0 [pid 7139] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 7142] <... mkdir resumed>) = 0 [ 119.264622][ T7142] loop1: detected capacity change from 0 to 32768 [pid 7136] ftruncate(5, 43006 [pid 7142] mount("/dev/loop1", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 7139] <... open resumed>) = 4 [pid 7139] pwrite64(4, "2", 1, 55022 [pid 7136] <... ftruncate resumed>) = 0 [pid 7136] exit_group(0) = ? [pid 7136] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7136, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=30 /* 0.30 s */} --- [pid 5069] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 7138] <... mount resumed>) = 0 [pid 7138] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5069] umount2("./20", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7138] chdir("./bus" [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] getdents64(3, [pid 7139] <... pwrite64 resumed>) = 1 [pid 7138] <... chdir resumed>) = 0 [pid 5069] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 7139] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 7138] ioctl(4, LOOP_CLR_FD [pid 5069] umount2("./20/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7139] <... openat resumed>) = 5 [pid 7138] <... ioctl resumed>) = 0 [pid 7138] close(4 [pid 7139] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 7138] <... close resumed>) = 0 [pid 7139] <... write resumed>) = 65191 [pid 7138] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 7138] pwrite64(4, "2", 1, 55022 [pid 7139] ftruncate(5, 43006) = 0 [ 119.327412][ T7142] BTRFS: device /dev/loop1 using temp-fsid e3d052b4-25e7-40c5-9924-898953edff06 [ 119.352122][ T7142] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz-executor383 (7142) [pid 7139] exit_group(0) = ? [pid 7138] <... pwrite64 resumed>) = 1 [pid 7138] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 7139] +++ exited with 0 +++ [pid 7138] <... openat resumed>) = 5 [pid 7138] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7139, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=32 /* 0.32 s */} --- [pid 7138] <... write resumed>) = 65191 [pid 7138] ftruncate(5, 43006 [pid 7137] <... mount resumed>) = 0 [pid 5070] umount2("./20", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5070] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 7138] <... ftruncate resumed>) = 0 [pid 7137] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5070] umount2("./20/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7141] <... mount resumed>) = 0 [pid 7138] exit_group(0 [pid 7137] <... openat resumed>) = 3 [pid 7138] <... exit_group resumed>) = ? [pid 7141] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 7138] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7138, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=29 /* 0.29 s */} --- [pid 7141] <... openat resumed>) = 3 [pid 7137] chdir("./bus" [pid 7141] chdir("./bus" [pid 7137] <... chdir resumed>) = 0 [pid 5068] umount2("./19", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7141] <... chdir resumed>) = 0 [pid 7137] ioctl(4, LOOP_CLR_FD [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7141] ioctl(4, LOOP_CLR_FD [pid 7137] <... ioctl resumed>) = 0 [pid 7141] <... ioctl resumed>) = 0 [pid 5068] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7141] close(4 [pid 7137] close(4 [pid 5068] <... openat resumed>) = 3 [pid 7141] <... close resumed>) = 0 [pid 7137] <... close resumed>) = 0 [pid 7141] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 7137] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5068] newfstatat(3, "", [pid 7141] <... open resumed>) = 4 [pid 7137] pwrite64(4, "2", 1, 55022 [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5068] umount2("./19/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7141] pwrite64(4, "2", 1, 55022 [pid 7137] <... pwrite64 resumed>) = 1 [pid 7137] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 7137] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 7141] <... pwrite64 resumed>) = 1 [pid 7137] <... write resumed>) = 65191 [pid 7141] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 7137] ftruncate(5, 43006 [pid 7141] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 7141] ftruncate(5, 43006 [pid 7137] <... ftruncate resumed>) = 0 [pid 7141] <... ftruncate resumed>) = 0 [pid 7137] exit_group(0 [pid 7141] exit_group(0) = ? [pid 7137] <... exit_group resumed>) = ? [pid 7137] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7137, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=30 /* 0.30 s */} --- [pid 7141] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7141, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=29 /* 0.29 s */} --- [pid 5067] restart_syscall(<... resuming interrupted clone ...> [pid 5065] umount2("./20", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... restart_syscall resumed>) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] newfstatat(3, "", [pid 5067] umount2("./20", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] <... umount2 resumed>) = 0 [pid 5065] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] umount2("./20/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] umount2("./20/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... openat resumed>) = 3 [pid 5067] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5067] umount2("./20/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] newfstatat(AT_FDCWD, "./20/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] umount2("./20/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./20/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5068] <... umount2 resumed>) = 0 [pid 5069] close(4) = 0 [pid 7142] <... mount resumed>) = 0 [pid 5069] rmdir("./20/bus" [pid 5068] umount2("./19/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7142] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5069] <... rmdir resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] newfstatat(AT_FDCWD, "./19/bus", [pid 5069] umount2("./20/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7142] chdir("./bus" [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] newfstatat(AT_FDCWD, "./20/binderfs", [pid 7142] <... chdir resumed>) = 0 [pid 5070] <... umount2 resumed>) = 0 [pid 5069] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] umount2("./19/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7142] ioctl(4, LOOP_CLR_FD [pid 5069] unlink("./20/binderfs" [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7142] <... ioctl resumed>) = 0 [pid 5070] umount2("./20/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7142] close(4 [pid 5069] <... unlink resumed>) = 0 [pid 5068] openat(AT_FDCWD, "./19/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7142] <... close resumed>) = 0 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7142] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5070] newfstatat(AT_FDCWD, "./20/bus", [pid 5069] getdents64(3, [pid 5068] <... openat resumed>) = 4 [pid 5068] newfstatat(4, "", [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 7142] <... open resumed>) = 4 [pid 5070] umount2("./20/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] close(3 [pid 5068] getdents64(4, [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... close resumed>) = 0 [pid 5070] openat(AT_FDCWD, "./20/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] rmdir("./20" [pid 5068] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5069] <... rmdir resumed>) = 0 [pid 5068] getdents64(4, [pid 7142] pwrite64(4, "2", 1, 55022 [pid 5070] <... openat resumed>) = 4 [pid 5069] mkdir("./21", 0777 [pid 5068] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5070] newfstatat(4, "", [pid 5068] close(4 [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] <... mkdir resumed>) = 0 [pid 5068] <... close resumed>) = 0 [pid 5070] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5068] rmdir("./19/bus" [pid 5070] getdents64(4, [pid 5068] <... rmdir resumed>) = 0 [pid 5070] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5068] umount2("./19/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7142] <... pwrite64 resumed>) = 1 [pid 7142] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 7142] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 5069] <... openat resumed>) = 3 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] close(4) = 0 [pid 5068] newfstatat(AT_FDCWD, "./19/binderfs", [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5069] close(3 [pid 7142] ftruncate(5, 43006 [pid 5068] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] <... close resumed>) = 0 [pid 5070] rmdir("./20/bus" [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] unlink("./19/binderfs" [pid 7142] <... ftruncate resumed>) = 0 [pid 7142] exit_group(0) = ? ./strace-static-x86_64: Process 7237 attached [pid 5070] <... rmdir resumed>) = 0 [pid 5068] <... unlink resumed>) = 0 [pid 5070] umount2("./20/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] getdents64(3, [pid 5069] <... clone resumed>, child_tidptr=0x555556d0c650) = 7237 [pid 7237] set_robust_list(0x555556d0c660, 24 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 7237] <... set_robust_list resumed>) = 0 [pid 5070] newfstatat(AT_FDCWD, "./20/binderfs", [pid 5068] close(3 [pid 5070] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] <... close resumed>) = 0 [pid 7237] chdir("./21" [pid 5070] unlink("./20/binderfs" [pid 5068] rmdir("./19" [pid 7142] +++ exited with 0 +++ [pid 5070] <... unlink resumed>) = 0 [pid 5068] <... rmdir resumed>) = 0 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7142, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=23 /* 0.23 s */} --- [pid 7237] <... chdir resumed>) = 0 [pid 5070] getdents64(3, [pid 5068] mkdir("./20", 0777 [pid 7237] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5070] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5068] <... mkdir resumed>) = 0 [pid 7237] <... prctl resumed>) = 0 [pid 5070] close(3 [pid 5068] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5066] umount2("./21", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] <... close resumed>) = 0 [pid 7237] setpgid(0, 0 [pid 5070] rmdir("./20" [pid 5068] <... openat resumed>) = 3 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7237] <... setpgid resumed>) = 0 [pid 7237] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5070] <... rmdir resumed>) = 0 [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5066] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] <... umount2 resumed>) = 0 [pid 7237] <... openat resumed>) = 3 [pid 5070] mkdir("./21", 0777 [pid 5068] <... ioctl resumed>) = 0 [pid 5066] <... openat resumed>) = 3 [pid 5065] umount2("./20/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7237] write(3, "1000", 4 [pid 5070] <... mkdir resumed>) = 0 [pid 5068] close(3 [pid 5066] newfstatat(3, "", [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7237] <... write resumed>) = 4 [pid 5068] <... close resumed>) = 0 [pid 7237] close(3 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5066] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 ./strace-static-x86_64: Process 7238 attached [pid 7237] <... close resumed>) = 0 [pid 5070] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5066] getdents64(3, [pid 5065] newfstatat(AT_FDCWD, "./20/bus", [pid 5068] <... clone resumed>, child_tidptr=0x555556d0c650) = 7238 [pid 5070] <... openat resumed>) = 3 [pid 7238] set_robust_list(0x555556d0c660, 24 [pid 7237] symlink("/dev/binderfs", "./binderfs" [pid 5070] ioctl(3, LOOP_CLR_FD [pid 5066] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 7238] <... set_robust_list resumed>) = 0 [pid 5065] umount2("./20/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7237] <... symlink resumed>) = 0 [pid 5066] umount2("./21/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7238] chdir("./20" [pid 7237] memfd_create("syzkaller", 0 [pid 5070] <... ioctl resumed>) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7238] <... chdir resumed>) = 0 [pid 7237] <... memfd_create resumed>) = 3 [pid 5070] close(3 [pid 5065] openat(AT_FDCWD, "./20/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7238] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 7237] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 7238] <... prctl resumed>) = 0 [pid 7238] setpgid(0, 0 [pid 7237] <... mmap resumed>) = 0x7f716ab16000 [pid 5067] <... umount2 resumed>) = 0 [pid 5065] <... openat resumed>) = 4 [pid 5065] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [pid 5065] rmdir("./20/bus") = 0 [pid 7238] <... setpgid resumed>) = 0 [pid 5065] umount2("./20/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] newfstatat(AT_FDCWD, "./20/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] unlink("./20/binderfs") = 0 [pid 5065] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 5065] rmdir("./20" [pid 7238] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5067] umount2("./20/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... rmdir resumed>) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] mkdir("./21", 0777 [pid 5067] newfstatat(AT_FDCWD, "./20/bus", [pid 7238] <... openat resumed>) = 3 [pid 5067] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] <... mkdir resumed>) = 0 [pid 5067] umount2("./20/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7238] write(3, "1000", 4) = 4 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7238] close(3 [pid 5067] openat(AT_FDCWD, "./20/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 7238] <... close resumed>) = 0 [pid 7238] symlink("/dev/binderfs", "./binderfs" [pid 5067] <... openat resumed>) = 4 [pid 5065] <... openat resumed>) = 3 [pid 7238] <... symlink resumed>) = 0 [pid 5067] newfstatat(4, "", [pid 5065] ioctl(3, LOOP_CLR_FD [pid 7238] memfd_create("syzkaller", 0 [pid 5067] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] <... ioctl resumed>) = 0 [pid 7238] <... memfd_create resumed>) = 3 [pid 5067] getdents64(4, [pid 5065] close(3 [pid 7238] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5067] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 7238] <... mmap resumed>) = 0x7f716ab16000 [pid 5067] getdents64(4, [pid 5065] <... close resumed>) = 0 [pid 5067] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5067] close(4 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5067] <... close resumed>) = 0 [pid 5067] rmdir("./20/bus") = 0 [pid 5067] umount2("./20/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] <... clone resumed>, child_tidptr=0x555556d0c650) = 7240 [pid 5067] newfstatat(AT_FDCWD, "./20/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 ./strace-static-x86_64: Process 7240 attached [pid 7240] set_robust_list(0x555556d0c660, 24 [pid 5067] unlink("./20/binderfs" [pid 7240] <... set_robust_list resumed>) = 0 [pid 7240] chdir("./21" [pid 5067] <... unlink resumed>) = 0 [pid 7240] <... chdir resumed>) = 0 [pid 5067] getdents64(3, [pid 7240] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5067] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./20") = 0 [pid 5067] mkdir("./21", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = 0 [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 7240] <... prctl resumed>) = 0 [pid 7240] setpgid(0, 0) = 0 [pid 7240] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 7242 attached [pid 7242] set_robust_list(0x555556d0c660, 24 [pid 7240] <... openat resumed>) = 3 [pid 7240] write(3, "1000", 4 [pid 5067] <... clone resumed>, child_tidptr=0x555556d0c650) = 7242 [pid 7240] <... write resumed>) = 4 [pid 7240] close(3) = 0 [pid 7240] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7242] <... set_robust_list resumed>) = 0 [pid 7240] memfd_create("syzkaller", 0 [pid 7242] chdir("./21" [pid 7240] <... memfd_create resumed>) = 3 [pid 7242] <... chdir resumed>) = 0 [pid 7240] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 7242] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 7240] <... mmap resumed>) = 0x7f716ab16000 [pid 7242] <... prctl resumed>) = 0 [pid 7242] setpgid(0, 0) = 0 [pid 7242] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7242] write(3, "1000", 4) = 4 [pid 7242] close(3) = 0 [pid 7242] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7242] memfd_create("syzkaller", 0) = 3 [pid 7242] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 5066] <... umount2 resumed>) = 0 [pid 5066] umount2("./21/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] newfstatat(AT_FDCWD, "./21/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] umount2("./21/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./21/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5066] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 5066] rmdir("./21/bus") = 0 [pid 5066] umount2("./21/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] newfstatat(AT_FDCWD, "./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] unlink("./21/binderfs") = 0 [pid 5066] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./21") = 0 [pid 5066] mkdir("./22", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = 0 [pid 5066] close(3) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7243 attached [pid 7243] set_robust_list(0x555556d0c660, 24) = 0 [pid 7243] chdir("./22") = 0 [pid 7243] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7243] setpgid(0, 0 [pid 5066] <... clone resumed>, child_tidptr=0x555556d0c650) = 7243 [pid 7243] <... setpgid resumed>) = 0 [pid 7243] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7243] write(3, "1000", 4) = 4 [pid 7243] close(3) = 0 [pid 7243] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7243] memfd_create("syzkaller", 0) = 3 [pid 7243] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 7237] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7238] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5070] <... close resumed>) = 0 [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7244 attached , child_tidptr=0x555556d0c650) = 7244 [pid 7244] set_robust_list(0x555556d0c660, 24) = 0 [pid 7244] chdir("./21") = 0 [pid 7244] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7244] setpgid(0, 0) = 0 [pid 7244] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7240] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7244] write(3, "1000", 4) = 4 [pid 7244] close(3) = 0 [pid 7244] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7242] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7244] memfd_create("syzkaller", 0) = 3 [pid 7244] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 7243] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7237] <... write resumed>) = 16777216 [pid 7237] munmap(0x7f716ab16000, 138412032) = 0 [pid 7244] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7237] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 7237] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7237] close(3 [pid 7238] <... write resumed>) = 16777216 [pid 7237] <... close resumed>) = 0 [ 121.096850][ T7237] loop4: detected capacity change from 0 to 32768 [pid 7237] mkdir("./bus", 0777) = 0 [pid 7238] munmap(0x7f716ab16000, 138412032) = 0 [pid 7237] mount("/dev/loop4", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 7238] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 7238] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7240] <... write resumed>) = 16777216 [pid 7240] munmap(0x7f716ab16000, 138412032) = 0 [pid 7242] <... write resumed>) = 16777216 [pid 7242] munmap(0x7f716ab16000, 138412032 [pid 7238] close(3) = 0 [pid 7238] mkdir("./bus", 0777 [ 121.161394][ T7237] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz-executor383 (7237) [ 121.200467][ T7238] loop3: detected capacity change from 0 to 32768 [ 121.231583][ T7240] loop0: detected capacity change from 0 to 32768 [ 121.244429][ T7237] _btrfs_printk: 44 callbacks suppressed [ 121.244440][ T7237] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm [ 121.245771][ T7238] BTRFS: device /dev/loop3 using temp-fsid 94097fd6-fb56-40e7-83ae-a1b6a36e7463 [ 121.250198][ T7237] BTRFS info (device loop4): enabling auto defrag [ 121.250219][ T7237] BTRFS info (device loop4): enabling disk space caching [pid 7240] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 7240] ioctl(4, LOOP_SET_FD, 3 [pid 7238] <... mkdir resumed>) = 0 [pid 7238] mount("/dev/loop3", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 7242] <... munmap resumed>) = 0 [pid 7240] <... ioctl resumed>) = 0 [pid 7240] close(3 [pid 7242] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 7240] <... close resumed>) = 0 [pid 7240] mkdir("./bus", 0777 [pid 7242] <... openat resumed>) = 4 [pid 7242] ioctl(4, LOOP_SET_FD, 3 [pid 7240] <... mkdir resumed>) = 0 [pid 7240] mount("/dev/loop0", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 7242] <... ioctl resumed>) = 0 [pid 7242] close(3) = 0 [pid 7243] <... write resumed>) = 16777216 [ 121.250264][ T7237] BTRFS info (device loop4): max_inline at 0 [ 121.281588][ T7238] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz-executor383 (7238) [ 121.310835][ T7242] loop2: detected capacity change from 0 to 32768 [ 121.320122][ T7237] BTRFS info (device loop4): force clearing of disk cache [pid 7243] munmap(0x7f716ab16000, 138412032 [pid 7242] mkdir("./bus", 0777) = 0 [pid 7243] <... munmap resumed>) = 0 [pid 7242] mount("/dev/loop2", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 7243] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 7243] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7243] close(3) = 0 [ 121.327755][ T7237] BTRFS info (device loop4): turning on sync discard [ 121.340377][ T7237] BTRFS info (device loop4): disk space caching is enabled [ 121.352092][ T7243] loop1: detected capacity change from 0 to 32768 [ 121.364268][ T7240] BTRFS: device /dev/loop0 using temp-fsid c4f181f1-6382-4172-bac8-d3bc4119d555 [pid 7243] mkdir("./bus", 0777) = 0 [ 121.375552][ T7240] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz-executor383 (7240) [ 121.388504][ T7238] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm [ 121.399200][ T7238] BTRFS info (device loop3): enabling auto defrag [ 121.399813][ T7242] BTRFS: device /dev/loop2 using temp-fsid e5b16a06-cb4a-4da9-b9a1-b1f060c73796 [ 121.405694][ T7238] BTRFS info (device loop3): enabling disk space caching [ 121.422925][ T7238] BTRFS info (device loop3): max_inline at 0 [ 121.432207][ T7240] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm [ 121.436076][ T7242] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz-executor383 (7242) [ 121.443120][ T7240] BTRFS info (device loop0): enabling auto defrag [ 121.460026][ T7238] BTRFS info (device loop3): force clearing of disk cache [ 121.467266][ T7238] BTRFS info (device loop3): turning on sync discard [ 121.474034][ T7240] BTRFS info (device loop0): enabling disk space caching [ 121.481173][ T7238] BTRFS info (device loop3): disk space caching is enabled [ 121.488474][ T7240] BTRFS info (device loop0): max_inline at 0 [ 121.494885][ T7240] BTRFS info (device loop0): force clearing of disk cache [ 121.503545][ T7240] BTRFS info (device loop0): turning on sync discard [ 121.511241][ T7240] BTRFS info (device loop0): disk space caching is enabled [pid 7243] mount("/dev/loop1", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 7244] <... write resumed>) = 16777216 [ 121.525868][ T7243] BTRFS: device /dev/loop1 using temp-fsid 4060ad76-7c88-478a-96cd-924cf4757394 [ 121.536305][ T7243] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz-executor383 (7243) [ 121.536894][ T7242] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm [ 121.562140][ T7243] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm [ 121.568882][ T7242] BTRFS info (device loop2): enabling auto defrag [pid 7244] munmap(0x7f716ab16000, 138412032) = 0 [pid 7244] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [ 121.577285][ T7243] BTRFS info (device loop1): enabling auto defrag [ 121.579419][ T7242] BTRFS info (device loop2): enabling disk space caching [ 121.585399][ T7243] BTRFS info (device loop1): enabling disk space caching [ 121.598891][ T7242] BTRFS info (device loop2): max_inline at 0 [ 121.599476][ T7243] BTRFS info (device loop1): max_inline at 0 [ 121.608859][ T7242] BTRFS info (device loop2): force clearing of disk cache [ 121.611678][ T7243] BTRFS info (device loop1): force clearing of disk cache [ 121.623807][ T7237] BTRFS info (device loop4): enabling ssd optimizations [pid 7244] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7244] close(3) = 0 [pid 7244] mkdir("./bus", 0777) = 0 [ 121.626005][ T7243] BTRFS info (device loop1): turning on sync discard [ 121.633746][ T7244] loop5: detected capacity change from 0 to 32768 [ 121.640302][ T7243] BTRFS info (device loop1): disk space caching is enabled [ 121.647122][ T7242] BTRFS info (device loop2): turning on sync discard [ 121.660287][ T7242] BTRFS info (device loop2): disk space caching is enabled [ 121.663537][ T7237] BTRFS info (device loop4): rebuilding free space tree [ 121.672523][ T7240] BTRFS info (device loop0): enabling ssd optimizations [ 121.680251][ T7237] BTRFS info (device loop4): disabling free space tree [ 121.689136][ T7237] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 121.692784][ T7238] BTRFS info (device loop3): enabling ssd optimizations [ 121.705747][ T7237] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 121.717249][ T7244] BTRFS: device /dev/loop5 using temp-fsid f380b004-cb62-4846-81e7-733102205690 [ 121.732197][ T7240] BTRFS info (device loop0): rebuilding free space tree [ 121.732719][ T7244] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 scanned by syz-executor383 (7244) [ 121.751593][ T7240] BTRFS info (device loop0): disabling free space tree [ 121.759228][ T7240] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 121.763140][ T7244] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm [pid 7244] mount("/dev/loop5", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 7237] <... mount resumed>) = 0 [pid 7237] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 7237] chdir("./bus") = 0 [pid 7237] ioctl(4, LOOP_CLR_FD) = 0 [pid 7237] close(4) = 0 [pid 7237] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 7237] pwrite64(4, "2", 1, 55022) = 1 [pid 7237] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 7237] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [ 121.770687][ T7240] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 121.778277][ T7238] BTRFS info (device loop3): rebuilding free space tree [ 121.787601][ T7244] BTRFS info (device loop5): enabling auto defrag [ 121.802367][ T7244] BTRFS info (device loop5): enabling disk space caching [ 121.809452][ T7244] BTRFS info (device loop5): max_inline at 0 [ 121.817252][ T7244] BTRFS info (device loop5): force clearing of disk cache [ 121.827003][ T7244] BTRFS info (device loop5): turning on sync discard [pid 7237] ftruncate(5, 43006) = 0 [pid 7237] exit_group(0) = ? [pid 7237] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7237, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=41 /* 0.41 s */} --- [pid 5069] restart_syscall(<... resuming interrupted clone ...>) = 0 [ 121.849668][ T7244] BTRFS info (device loop5): disk space caching is enabled [ 121.857735][ T7242] BTRFS info (device loop2): enabling ssd optimizations [ 121.865361][ T7243] BTRFS info (device loop1): enabling ssd optimizations [ 121.873381][ T7242] BTRFS info (device loop2): rebuilding free space tree [ 121.883025][ T7238] BTRFS info (device loop3): disabling free space tree [ 121.883305][ T7243] BTRFS info (device loop1): rebuilding free space tree [pid 5069] umount2("./21", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 7240] <... mount resumed>) = 0 [pid 5069] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 7240] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5069] umount2("./21/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7240] <... openat resumed>) = 3 [pid 7240] chdir("./bus") = 0 [pid 7240] ioctl(4, LOOP_CLR_FD) = 0 [pid 7240] close(4) = 0 [pid 7240] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [ 121.889912][ T7238] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 121.902129][ T7242] BTRFS info (device loop2): disabling free space tree [ 121.918868][ T7242] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 121.929038][ T7242] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 121.941513][ T7243] BTRFS info (device loop1): disabling free space tree [pid 7240] pwrite64(4, "2", 1, 55022) = 1 [pid 7240] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 7242] <... mount resumed>) = 0 [pid 7242] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 7242] chdir("./bus") = 0 [pid 7242] ioctl(4, LOOP_CLR_FD) = 0 [pid 7242] close(4 [pid 7240] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 7238] <... mount resumed>) = 0 [pid 7242] <... close resumed>) = 0 [pid 7240] <... write resumed>) = 65191 [pid 7238] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 7242] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 7238] <... openat resumed>) = 3 [pid 7242] <... open resumed>) = 4 [pid 7238] chdir("./bus" [pid 7242] pwrite64(4, "2", 1, 55022 [pid 7240] ftruncate(5, 43006 [pid 7238] <... chdir resumed>) = 0 [pid 7238] ioctl(4, LOOP_CLR_FD) = 0 [ 121.942747][ T7238] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [pid 7238] close(4) = 0 [pid 7238] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 7240] <... ftruncate resumed>) = 0 [pid 7238] <... open resumed>) = 4 [pid 7240] exit_group(0) = ? [pid 7238] pwrite64(4, "2", 1, 55022 [pid 7240] +++ exited with 0 +++ [pid 7242] <... pwrite64 resumed>) = 1 [pid 7242] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7240, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=34 /* 0.34 s */} --- [pid 7242] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 7238] <... pwrite64 resumed>) = 1 [pid 5065] umount2("./21", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7242] <... write resumed>) = 65191 [pid 7238] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 7242] ftruncate(5, 43006 [pid 7238] <... openat resumed>) = 5 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7238] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 5065] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7238] ftruncate(5, 43006 [pid 5065] <... openat resumed>) = 3 [pid 7242] <... ftruncate resumed>) = 0 [pid 7238] <... ftruncate resumed>) = 0 [pid 7242] exit_group(0 [pid 5065] newfstatat(3, "", [pid 7242] <... exit_group resumed>) = ? [pid 7238] exit_group(0 [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5065] umount2("./21/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7242] +++ exited with 0 +++ [pid 7238] <... exit_group resumed>) = ? [ 122.023653][ T7244] BTRFS info (device loop5): enabling ssd optimizations [ 122.024464][ T7243] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 122.042693][ T7244] BTRFS info (device loop5): rebuilding free space tree [pid 7238] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7242, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=42 /* 0.42 s */} --- [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7238, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=37 /* 0.37 s */} --- [pid 5068] umount2("./20", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] umount2("./21", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5067] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] <... openat resumed>) = 3 [pid 5067] <... openat resumed>) = 3 [pid 5068] newfstatat(3, "", [pid 5067] newfstatat(3, "", [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5067] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] getdents64(3, [pid 5067] getdents64(3, [pid 5068] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5067] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5068] umount2("./20/bus", MNT_DETACH|UMOUNT_NOFOLLOW [ 122.100267][ T7243] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 122.119322][ T7244] BTRFS info (device loop5): disabling free space tree [pid 5067] umount2("./21/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7243] <... mount resumed>) = 0 [pid 7243] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5068] <... umount2 resumed>) = 0 [pid 7243] chdir("./bus") = 0 [pid 7243] ioctl(4, LOOP_CLR_FD) = 0 [pid 7243] close(4 [pid 5065] <... umount2 resumed>) = 0 [pid 5068] umount2("./20/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7243] <... close resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 122.180031][ T7244] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 122.218291][ T7244] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [pid 7243] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] newfstatat(AT_FDCWD, "./20/bus", [pid 7243] <... open resumed>) = 4 [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] umount2("./20/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] umount2("./21/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./20/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] newfstatat(AT_FDCWD, "./21/bus", [pid 5068] <... openat resumed>) = 4 [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] umount2("./21/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] getdents64(4, [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5065] openat(AT_FDCWD, "./21/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7243] pwrite64(4, "2", 1, 55022 [pid 5068] getdents64(4, [pid 5065] <... openat resumed>) = 4 [pid 5065] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5065] getdents64(4, [pid 5068] close(4 [pid 5065] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5068] <... close resumed>) = 0 [pid 5065] getdents64(4, [pid 5068] rmdir("./20/bus" [pid 5065] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [pid 5065] rmdir("./21/bus" [pid 5068] <... rmdir resumed>) = 0 [pid 5065] <... rmdir resumed>) = 0 [pid 5068] umount2("./20/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] umount2("./21/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] newfstatat(AT_FDCWD, "./20/binderfs", [pid 5065] newfstatat(AT_FDCWD, "./21/binderfs", [pid 5068] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] unlink("./20/binderfs" [pid 5065] unlink("./21/binderfs") = 0 [pid 5065] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5068] <... unlink resumed>) = 0 [pid 5065] close(3 [pid 5068] getdents64(3, [pid 5065] <... close resumed>) = 0 [pid 5065] rmdir("./21") = 0 [pid 5065] mkdir("./22", 0777 [pid 5068] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5065] <... mkdir resumed>) = 0 [pid 5068] close(3 [pid 5065] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5068] <... close resumed>) = 0 [pid 5065] <... openat resumed>) = 3 [pid 7243] <... pwrite64 resumed>) = 1 [pid 5068] rmdir("./20" [pid 5067] <... umount2 resumed>) = 0 [pid 5065] ioctl(3, LOOP_CLR_FD [pid 7243] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5068] <... rmdir resumed>) = 0 [pid 5065] <... ioctl resumed>) = 0 [pid 5068] mkdir("./21", 0777 [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 7243] <... openat resumed>) = 5 [pid 5068] <... mkdir resumed>) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 7243] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5068] <... openat resumed>) = 3 [pid 5065] <... clone resumed>, child_tidptr=0x555556d0c650) = 7338 [pid 5068] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 7338 attached [pid 7243] <... write resumed>) = 65191 [pid 5068] <... ioctl resumed>) = 0 [pid 5067] umount2("./21/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] close(3 [pid 7338] set_robust_list(0x555556d0c660, 24 [pid 5068] <... close resumed>) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 7243] ftruncate(5, 43006 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7338] <... set_robust_list resumed>) = 0 [pid 7338] chdir("./22") = 0 [pid 7338] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7338] setpgid(0, 0) = 0 [pid 7338] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7338] write(3, "1000", 4) = 4 [pid 7338] close(3) = 0 [pid 5067] newfstatat(AT_FDCWD, "./21/bus", [pid 7338] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7338] memfd_create("syzkaller", 0 [pid 5067] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 ./strace-static-x86_64: Process 7340 attached [pid 7338] <... memfd_create resumed>) = 3 [pid 7244] <... mount resumed>) = 0 [pid 5068] <... clone resumed>, child_tidptr=0x555556d0c650) = 7340 [pid 7244] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 7338] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 7244] chdir("./bus" [pid 7340] set_robust_list(0x555556d0c660, 24 [pid 7338] <... mmap resumed>) = 0x7f716ab16000 [pid 7243] <... ftruncate resumed>) = 0 [pid 5067] umount2("./21/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7340] <... set_robust_list resumed>) = 0 [pid 7244] <... chdir resumed>) = 0 [pid 7243] exit_group(0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./21/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 7243] <... exit_group resumed>) = ? [pid 7244] ioctl(4, LOOP_CLR_FD) = 0 [pid 7244] close(4) = 0 [pid 7244] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 7340] chdir("./21" [pid 7244] <... open resumed>) = 4 [pid 7243] +++ exited with 0 +++ [pid 5067] newfstatat(4, "", [pid 7340] <... chdir resumed>) = 0 [pid 7340] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5067] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7243, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=37 /* 0.37 s */} --- [pid 7340] <... prctl resumed>) = 0 [pid 5067] getdents64(4, [pid 7340] setpgid(0, 0 [pid 5067] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5066] umount2("./22", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] getdents64(4, [pid 7340] <... setpgid resumed>) = 0 [pid 7340] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5067] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] close(4 [pid 7244] pwrite64(4, "2", 1, 55022 [pid 5066] openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5067] <... close resumed>) = 0 [pid 7340] <... openat resumed>) = 3 [pid 5067] rmdir("./21/bus" [pid 5066] <... openat resumed>) = 3 [pid 7340] write(3, "1000", 4) = 4 [pid 5067] <... rmdir resumed>) = 0 [pid 5066] newfstatat(3, "", [pid 7340] close(3 [pid 5067] umount2("./21/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 7340] <... close resumed>) = 0 [pid 5066] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 7340] symlink("/dev/binderfs", "./binderfs" [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] umount2("./22/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7340] <... symlink resumed>) = 0 [pid 5067] newfstatat(AT_FDCWD, "./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 7340] memfd_create("syzkaller", 0 [pid 5067] unlink("./21/binderfs") = 0 [pid 5067] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 7340] <... memfd_create resumed>) = 3 [pid 5067] close(3) = 0 [pid 5067] rmdir("./21") = 0 [pid 5067] mkdir("./22", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 7340] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5067] <... openat resumed>) = 3 [pid 7340] <... mmap resumed>) = 0x7f716ab16000 [pid 7244] <... pwrite64 resumed>) = 1 [pid 5067] ioctl(3, LOOP_CLR_FD [pid 7244] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 7244] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 7244] ftruncate(5, 43006) = 0 [pid 5067] <... ioctl resumed>) = 0 [pid 7244] exit_group(0 [pid 5067] close(3 [pid 7244] <... exit_group resumed>) = ? [pid 5067] <... close resumed>) = 0 [pid 7244] +++ exited with 0 +++ [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d0c650) = 7342 ./strace-static-x86_64: Process 7342 attached [pid 7342] set_robust_list(0x555556d0c660, 24) = 0 [pid 7342] chdir("./22") = 0 [pid 7342] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7342] setpgid(0, 0) = 0 [pid 7342] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7342] write(3, "1000", 4) = 4 [pid 7342] close(3) = 0 [pid 7342] symlink("/dev/binderfs", "./binderfs" [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7244, si_uid=0, si_status=0, si_utime=0, si_stime=38 /* 0.38 s */} --- [pid 7342] <... symlink resumed>) = 0 [pid 7342] memfd_create("syzkaller", 0) = 3 [pid 7342] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 5070] umount2("./21", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5070] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5070] umount2("./21/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... umount2 resumed>) = 0 [pid 5069] umount2("./21/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] newfstatat(AT_FDCWD, "./21/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] umount2("./21/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 7338] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5069] openat(AT_FDCWD, "./21/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 5069] rmdir("./21/bus") = 0 [pid 5069] umount2("./21/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] newfstatat(AT_FDCWD, "./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] unlink("./21/binderfs") = 0 [pid 5069] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./21") = 0 [pid 5066] <... umount2 resumed>) = 0 [pid 5069] mkdir("./22", 0777 [pid 5070] <... umount2 resumed>) = 0 [pid 5066] umount2("./22/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... mkdir resumed>) = 0 [pid 5070] umount2("./21/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... openat resumed>) = 3 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5070] newfstatat(AT_FDCWD, "./21/bus", [pid 5066] newfstatat(AT_FDCWD, "./22/bus", [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] umount2("./22/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./22/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] newfstatat(4, "", [pid 5070] umount2("./21/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] openat(AT_FDCWD, "./21/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 5066] rmdir("./22/bus" [pid 5070] <... openat resumed>) = 4 [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5066] <... rmdir resumed>) = 0 [pid 5069] close(3 [pid 5066] umount2("./22/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] newfstatat(AT_FDCWD, "./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] unlink("./22/binderfs") = 0 [pid 5069] <... close resumed>) = 0 [pid 5066] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./22") = 0 [pid 5066] mkdir("./23", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = 0 [pid 5066] close(3) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5070] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5066] <... clone resumed>, child_tidptr=0x555556d0c650) = 7344 ./strace-static-x86_64: Process 7344 attached [pid 5070] getdents64(4, ./strace-static-x86_64: Process 7345 attached [pid 7345] set_robust_list(0x555556d0c660, 24) = 0 [pid 7345] chdir("./22") = 0 [pid 7340] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5069] <... clone resumed>, child_tidptr=0x555556d0c650) = 7345 [pid 7345] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5070] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 7345] <... prctl resumed>) = 0 [pid 7345] setpgid(0, 0 [pid 5070] getdents64(4, [pid 7345] <... setpgid resumed>) = 0 [pid 7345] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7344] set_robust_list(0x555556d0c660, 24) = 0 [pid 7344] chdir("./23" [pid 7345] write(3, "1000", 4 [pid 7344] <... chdir resumed>) = 0 [pid 7345] <... write resumed>) = 4 [pid 7344] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 7345] close(3 [pid 7344] <... prctl resumed>) = 0 [pid 7345] <... close resumed>) = 0 [pid 7344] setpgid(0, 0 [pid 7345] symlink("/dev/binderfs", "./binderfs" [pid 7344] <... setpgid resumed>) = 0 [pid 7345] <... symlink resumed>) = 0 [pid 7344] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5070] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 7345] memfd_create("syzkaller", 0 [pid 7344] <... openat resumed>) = 3 [pid 5070] close(4) = 0 [pid 7345] <... memfd_create resumed>) = 3 [pid 7344] write(3, "1000", 4 [pid 7342] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7345] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 7344] <... write resumed>) = 4 [pid 7345] <... mmap resumed>) = 0x7f716ab16000 [pid 7344] close(3 [pid 5070] rmdir("./21/bus" [pid 7344] <... close resumed>) = 0 [pid 7344] symlink("/dev/binderfs", "./binderfs" [pid 5070] <... rmdir resumed>) = 0 [pid 7344] <... symlink resumed>) = 0 [pid 7344] memfd_create("syzkaller", 0 [pid 5070] umount2("./21/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7344] <... memfd_create resumed>) = 3 [pid 7344] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] newfstatat(AT_FDCWD, "./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] unlink("./21/binderfs") = 0 [pid 5070] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5070] close(3) = 0 [pid 5070] rmdir("./21") = 0 [pid 5070] mkdir("./22", 0777) = 0 [pid 5070] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5070] ioctl(3, LOOP_CLR_FD) = 0 [pid 5070] close(3) = 0 [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7346 attached [pid 7346] set_robust_list(0x555556d0c660, 24) = 0 [pid 5070] <... clone resumed>, child_tidptr=0x555556d0c650) = 7346 [pid 7346] chdir("./22") = 0 [pid 7346] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7346] setpgid(0, 0) = 0 [pid 7346] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7346] write(3, "1000", 4) = 4 [pid 7346] close(3) = 0 [pid 7346] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7346] memfd_create("syzkaller", 0) = 3 [pid 7346] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 7338] <... write resumed>) = 16777216 [pid 7345] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7338] munmap(0x7f716ab16000, 138412032) = 0 [pid 7344] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7338] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 7338] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7338] close(3) = 0 [pid 7338] mkdir("./bus", 0777) = 0 [ 123.544544][ T7338] loop0: detected capacity change from 0 to 32768 [ 123.600642][ T7338] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz-executor383 (7338) [pid 7338] mount("/dev/loop0", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 7340] <... write resumed>) = 16777216 [pid 7340] munmap(0x7f716ab16000, 138412032) = 0 [pid 7340] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [ 123.690038][ T7338] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm [ 123.710889][ T7338] BTRFS info (device loop0): enabling auto defrag [ 123.722129][ T7340] loop3: detected capacity change from 0 to 32768 [pid 7340] ioctl(4, LOOP_SET_FD, 3 [pid 7342] <... write resumed>) = 16777216 [pid 7340] <... ioctl resumed>) = 0 [pid 7340] close(3 [pid 7342] munmap(0x7f716ab16000, 138412032) = 0 [pid 7340] <... close resumed>) = 0 [pid 7340] mkdir("./bus", 0777) = 0 [pid 7340] mount("/dev/loop3", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 7342] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 123.742537][ T7338] BTRFS info (device loop0): enabling disk space caching [ 123.750880][ T7338] BTRFS info (device loop0): max_inline at 0 [ 123.775013][ T7340] BTRFS: device /dev/loop3 using temp-fsid 94658f7b-dfcc-4ee0-9184-c0348043d3fe [pid 7342] ioctl(4, LOOP_SET_FD, 3 [pid 7346] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7342] <... ioctl resumed>) = 0 [pid 7342] close(3) = 0 [pid 7342] mkdir("./bus", 0777) = 0 [ 123.787679][ T7342] loop2: detected capacity change from 0 to 32768 [ 123.794273][ T7338] BTRFS info (device loop0): force clearing of disk cache [ 123.804245][ T7340] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz-executor383 (7340) [ 123.827432][ T7342] BTRFS: device /dev/loop2 using temp-fsid 38cd0eeb-7912-4e3c-af70-c0617d18a767 [ 123.837407][ T7340] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm [ 123.877662][ T7342] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz-executor383 (7342) [ 123.891648][ T7340] BTRFS info (device loop3): enabling auto defrag [ 123.898755][ T7340] BTRFS info (device loop3): enabling disk space caching [ 123.906541][ T7338] BTRFS info (device loop0): turning on sync discard [ 123.920064][ T7338] BTRFS info (device loop0): disk space caching is enabled [ 123.926066][ T7342] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm [ 123.928602][ T7340] BTRFS info (device loop3): max_inline at 0 [ 123.960568][ T7340] BTRFS info (device loop3): force clearing of disk cache [ 123.961865][ T7342] BTRFS info (device loop2): enabling auto defrag [ 123.968938][ T7340] BTRFS info (device loop3): turning on sync discard [ 123.993941][ T7340] BTRFS info (device loop3): disk space caching is enabled [ 124.005500][ T7342] BTRFS info (device loop2): enabling disk space caching [ 124.016506][ T7342] BTRFS info (device loop2): max_inline at 0 [ 124.025443][ T7342] BTRFS info (device loop2): force clearing of disk cache [ 124.032633][ T7342] BTRFS info (device loop2): turning on sync discard [ 124.041259][ T7338] BTRFS info (device loop0): enabling ssd optimizations [ 124.041616][ T7342] BTRFS info (device loop2): disk space caching is enabled [ 124.061936][ T7338] BTRFS info (device loop0): rebuilding free space tree [pid 7342] mount("/dev/loop2", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 7345] <... write resumed>) = 16777216 [pid 7345] munmap(0x7f716ab16000, 138412032) = 0 [pid 7344] <... write resumed>) = 16777216 [ 124.077018][ T7340] BTRFS info (device loop3): enabling ssd optimizations [ 124.091309][ T7340] BTRFS info (device loop3): rebuilding free space tree [ 124.102570][ T7338] BTRFS info (device loop0): disabling free space tree [ 124.109493][ T7338] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [pid 7345] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 7345] ioctl(4, LOOP_SET_FD, 3 [pid 7340] <... mount resumed>) = 0 [pid 7340] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 7344] munmap(0x7f716ab16000, 138412032 [pid 7340] <... openat resumed>) = 3 [pid 7345] <... ioctl resumed>) = 0 [pid 7345] close(3 [pid 7340] chdir("./bus" [pid 7345] <... close resumed>) = 0 [pid 7340] <... chdir resumed>) = 0 [pid 7345] mkdir("./bus", 0777 [pid 7340] ioctl(4, LOOP_CLR_FD [pid 7345] <... mkdir resumed>) = 0 [pid 7340] <... ioctl resumed>) = 0 [ 124.127015][ T7340] BTRFS info (device loop3): disabling free space tree [ 124.130681][ T7345] loop4: detected capacity change from 0 to 32768 [pid 7345] mount("/dev/loop4", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 7344] <... munmap resumed>) = 0 [pid 7340] close(4) = 0 [pid 7344] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 7344] ioctl(4, LOOP_SET_FD, 3 [pid 7340] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 7338] <... mount resumed>) = 0 [pid 7338] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 7338] chdir("./bus" [pid 7340] <... open resumed>) = 4 [pid 7338] <... chdir resumed>) = 0 [pid 7338] ioctl(4, LOOP_CLR_FD [pid 7340] pwrite64(4, "2", 1, 55022 [pid 7338] <... ioctl resumed>) = 0 [pid 7338] close(4 [pid 7346] <... write resumed>) = 16777216 [pid 7344] <... ioctl resumed>) = 0 [pid 7342] <... mount resumed>) = 0 [pid 7340] <... pwrite64 resumed>) = 1 [pid 7338] <... close resumed>) = 0 [pid 7342] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 7340] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 7342] <... openat resumed>) = 3 [pid 7340] <... openat resumed>) = 5 [pid 7342] chdir("./bus" [pid 7340] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 7342] <... chdir resumed>) = 0 [pid 7340] <... write resumed>) = 65191 [pid 7342] ioctl(4, LOOP_CLR_FD [pid 7340] ftruncate(5, 43006 [pid 7342] <... ioctl resumed>) = 0 [pid 7340] <... ftruncate resumed>) = 0 [pid 7342] close(4) = 0 [pid 7340] exit_group(0 [pid 7342] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 7340] <... exit_group resumed>) = ? [pid 7342] <... open resumed>) = 4 [pid 7346] munmap(0x7f716ab16000, 138412032 [pid 7344] close(3 [pid 7342] pwrite64(4, "2", 1, 55022 [pid 7340] +++ exited with 0 +++ [pid 7338] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 7344] <... close resumed>) = 0 [pid 7344] mkdir("./bus", 0777 [pid 7338] <... open resumed>) = 4 [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7340, si_uid=0, si_status=0, si_utime=0, si_stime=41 /* 0.41 s */} --- [pid 7344] <... mkdir resumed>) = 0 [pid 5068] umount2("./21", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7344] mount("/dev/loop1", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 7338] pwrite64(4, "2", 1, 55022 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 124.172964][ T7344] loop1: detected capacity change from 0 to 32768 [ 124.183131][ T7345] BTRFS: device /dev/loop4 using temp-fsid f98b6acf-2c01-4806-aff0-c76641d0ac5c [ 124.208189][ T7345] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz-executor383 (7345) [pid 7342] <... pwrite64 resumed>) = 1 [pid 5068] newfstatat(3, "", [pid 7342] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 7342] <... openat resumed>) = 5 [pid 7342] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5068] getdents64(3, [pid 7342] <... write resumed>) = 65191 [pid 5068] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 7342] ftruncate(5, 43006 [pid 5068] umount2("./21/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7346] <... munmap resumed>) = 0 [pid 7346] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 7346] ioctl(4, LOOP_SET_FD, 3 [pid 7342] <... ftruncate resumed>) = 0 [pid 7338] <... pwrite64 resumed>) = 1 [pid 7338] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 7342] exit_group(0) = ? [pid 7342] +++ exited with 0 +++ [pid 7338] <... openat resumed>) = 5 [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7342, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=29 /* 0.29 s */} --- [pid 7338] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5067] umount2("./22", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7338] <... write resumed>) = 65191 [pid 5067] <... openat resumed>) = 3 [pid 5067] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 7346] <... ioctl resumed>) = 0 [ 124.245796][ T7344] BTRFS: device /dev/loop1 using temp-fsid 1c4c5589-54c8-4535-86c1-f01e2e515205 [ 124.261594][ T7346] loop5: detected capacity change from 0 to 32768 [pid 7346] close(3 [pid 7338] ftruncate(5, 43006 [pid 5067] getdents64(3, [pid 7346] <... close resumed>) = 0 [pid 7346] mkdir("./bus", 0777) = 0 [pid 7346] mount("/dev/loop5", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5067] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 7338] <... ftruncate resumed>) = 0 [pid 5067] umount2("./22/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7338] exit_group(0) = ? [pid 7338] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7338, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=29 /* 0.29 s */} --- [pid 5065] umount2("./22", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 124.285788][ T7344] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz-executor383 (7344) [ 124.311636][ T7346] BTRFS: device /dev/loop5 using temp-fsid 1ed9e05e-5b3c-4f71-ac46-5669ab45f979 [ 124.327633][ T7346] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 scanned by syz-executor383 (7346) [pid 5065] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5065] umount2("./22/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... umount2 resumed>) = 0 [pid 5068] umount2("./21/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 7345] <... mount resumed>) = 0 [pid 5068] newfstatat(AT_FDCWD, "./21/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] umount2("./21/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./21/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 7345] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5068] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 7345] <... openat resumed>) = 3 [pid 5068] getdents64(4, [pid 7345] chdir("./bus" [pid 5068] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 7345] <... chdir resumed>) = 0 [pid 7345] ioctl(4, LOOP_CLR_FD) = 0 [pid 5068] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 7345] close(4 [pid 5068] close(4) = 0 [pid 5068] rmdir("./21/bus") = 0 [pid 5068] umount2("./21/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 7345] <... close resumed>) = 0 [pid 5068] newfstatat(AT_FDCWD, "./21/binderfs", [pid 7345] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] unlink("./21/binderfs") = 0 [pid 5068] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5068] rmdir("./21" [pid 7345] <... open resumed>) = 4 [pid 5068] <... rmdir resumed>) = 0 [pid 7345] pwrite64(4, "2", 1, 55022 [pid 5068] mkdir("./22", 0777) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD) = 0 [pid 5068] close(3) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7436 attached [pid 7345] <... pwrite64 resumed>) = 1 [pid 7345] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 7436] set_robust_list(0x555556d0c660, 24 [pid 7345] <... openat resumed>) = 5 [pid 5068] <... clone resumed>, child_tidptr=0x555556d0c650) = 7436 [pid 7436] <... set_robust_list resumed>) = 0 [pid 7345] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 7436] chdir("./22" [pid 7345] <... write resumed>) = 65191 [pid 7436] <... chdir resumed>) = 0 [pid 7345] ftruncate(5, 43006 [pid 7436] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5065] <... umount2 resumed>) = 0 [pid 7436] <... prctl resumed>) = 0 [pid 7436] setpgid(0, 0) = 0 [pid 5065] umount2("./22/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7345] <... ftruncate resumed>) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7345] exit_group(0 [pid 5065] newfstatat(AT_FDCWD, "./22/bus", [pid 7436] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] umount2("./22/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7436] <... openat resumed>) = 3 [pid 7345] <... exit_group resumed>) = ? [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7345] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7345, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=23 /* 0.23 s */} --- [pid 7436] write(3, "1000", 4 [pid 5069] restart_syscall(<... resuming interrupted clone ...> [pid 5065] openat(AT_FDCWD, "./22/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] <... restart_syscall resumed>) = 0 [pid 5065] <... openat resumed>) = 4 [pid 5069] umount2("./22", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] newfstatat(4, "", [pid 7436] <... write resumed>) = 4 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7436] close(3 [pid 5069] openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 7436] <... close resumed>) = 0 [pid 5069] <... openat resumed>) = 3 [pid 7436] symlink("/dev/binderfs", "./binderfs" [pid 5069] newfstatat(3, "", [pid 5065] getdents64(4, [pid 7436] <... symlink resumed>) = 0 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] getdents64(3, [pid 5065] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 7436] memfd_create("syzkaller", 0 [pid 5069] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 7436] <... memfd_create resumed>) = 3 [pid 5069] umount2("./22/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] getdents64(4, [pid 7436] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 5065] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5065] close(4) = 0 [pid 5065] rmdir("./22/bus") = 0 [pid 5065] umount2("./22/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] newfstatat(AT_FDCWD, "./22/binderfs", [pid 5067] <... umount2 resumed>) = 0 [pid 5065] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] unlink("./22/binderfs" [pid 5067] umount2("./22/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... unlink resumed>) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5067] newfstatat(AT_FDCWD, "./22/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] close(3 [pid 5067] umount2("./22/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... close resumed>) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] rmdir("./22" [pid 5067] openat(AT_FDCWD, "./22/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5065] <... rmdir resumed>) = 0 [pid 5067] newfstatat(4, "", [pid 5065] mkdir("./23", 0777 [pid 5067] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] <... mkdir resumed>) = 0 [pid 5067] getdents64(4, [pid 5065] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5067] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5065] ioctl(3, LOOP_CLR_FD [pid 5067] getdents64(4, [pid 5065] <... ioctl resumed>) = 0 [pid 7344] <... mount resumed>) = 0 [pid 5067] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5065] close(3 [pid 5067] close(4 [pid 5065] <... close resumed>) = 0 [pid 5067] <... close resumed>) = 0 [pid 5067] rmdir("./22/bus" [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5067] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 7439 attached [pid 7344] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5067] umount2("./22/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... clone resumed>, child_tidptr=0x555556d0c650) = 7439 [pid 7439] set_robust_list(0x555556d0c660, 24 [pid 7344] <... openat resumed>) = 3 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7439] <... set_robust_list resumed>) = 0 [pid 7439] chdir("./23") = 0 [pid 5067] newfstatat(AT_FDCWD, "./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 7439] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7439] setpgid(0, 0) = 0 [pid 7439] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 7344] chdir("./bus" [pid 5067] unlink("./22/binderfs" [pid 7344] <... chdir resumed>) = 0 [pid 7439] <... openat resumed>) = 3 [pid 7344] ioctl(4, LOOP_CLR_FD [pid 5067] <... unlink resumed>) = 0 [pid 7439] write(3, "1000", 4 [pid 7344] <... ioctl resumed>) = 0 [pid 5067] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 7344] close(4 [pid 7439] <... write resumed>) = 4 [pid 7344] <... close resumed>) = 0 [pid 5067] close(3 [pid 7439] close(3) = 0 [pid 7439] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7344] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5067] <... close resumed>) = 0 [pid 7439] memfd_create("syzkaller", 0) = 3 [pid 7439] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 5067] rmdir("./22" [pid 7344] <... open resumed>) = 4 [pid 5067] <... rmdir resumed>) = 0 [pid 5067] mkdir("./23", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 7344] pwrite64(4, "2", 1, 55022 [pid 5067] ioctl(3, LOOP_CLR_FD) = 0 [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d0c650) = 7443 ./strace-static-x86_64: Process 7443 attached [pid 7443] set_robust_list(0x555556d0c660, 24) = 0 [pid 7344] <... pwrite64 resumed>) = 1 [pid 5069] <... umount2 resumed>) = 0 [pid 7443] chdir("./23" [pid 7344] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5069] umount2("./22/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7443] <... chdir resumed>) = 0 [pid 7443] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] newfstatat(AT_FDCWD, "./22/bus", [pid 7443] <... prctl resumed>) = 0 [pid 7346] <... mount resumed>) = 0 [pid 7344] <... openat resumed>) = 5 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 7346] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 7443] setpgid(0, 0 [pid 7344] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5069] umount2("./22/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./22/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7443] <... setpgid resumed>) = 0 [pid 7443] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 7346] <... openat resumed>) = 3 [pid 5069] <... openat resumed>) = 4 [pid 7346] chdir("./bus" [pid 5069] newfstatat(4, "", [pid 7443] <... openat resumed>) = 3 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 7443] write(3, "1000", 4 [pid 5069] getdents64(4, [pid 7443] <... write resumed>) = 4 [pid 7346] <... chdir resumed>) = 0 [pid 7344] <... write resumed>) = 65191 [pid 5069] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 7346] ioctl(4, LOOP_CLR_FD) = 0 [pid 7346] close(4) = 0 [pid 7346] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 7346] pwrite64(4, "2", 1, 55022 [pid 7443] close(3 [pid 7344] ftruncate(5, 43006 [pid 5069] getdents64(4, [pid 7443] <... close resumed>) = 0 [pid 7344] <... ftruncate resumed>) = 0 [pid 5069] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 7443] symlink("/dev/binderfs", "./binderfs" [pid 5069] close(4 [pid 7344] exit_group(0 [pid 5069] <... close resumed>) = 0 [pid 7443] <... symlink resumed>) = 0 [pid 7436] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7344] <... exit_group resumed>) = ? [pid 5069] rmdir("./22/bus") = 0 [pid 7344] +++ exited with 0 +++ [pid 7443] memfd_create("syzkaller", 0 [pid 5069] umount2("./22/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7344, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=25 /* 0.25 s */} --- [pid 7443] <... memfd_create resumed>) = 3 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] restart_syscall(<... resuming interrupted clone ...> [pid 7443] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 7346] <... pwrite64 resumed>) = 1 [pid 5069] newfstatat(AT_FDCWD, "./22/binderfs", [pid 5066] <... restart_syscall resumed>) = 0 [pid 7346] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5069] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 7443] <... mmap resumed>) = 0x7f716ab16000 [pid 7346] <... openat resumed>) = 5 [pid 5069] unlink("./22/binderfs" [pid 7346] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5069] <... unlink resumed>) = 0 [pid 5066] umount2("./23", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5066] openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] close(3) = 0 [pid 5066] <... openat resumed>) = 3 [pid 5069] rmdir("./22" [pid 5066] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5066] getdents64(3, [pid 7346] <... write resumed>) = 65191 [pid 5069] <... rmdir resumed>) = 0 [pid 5069] mkdir("./23", 0777 [pid 5066] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5066] umount2("./23/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7346] ftruncate(5, 43006 [pid 5069] <... mkdir resumed>) = 0 [pid 7346] <... ftruncate resumed>) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD [pid 7346] exit_group(0) = ? [pid 5069] <... ioctl resumed>) = 0 [pid 7346] +++ exited with 0 +++ [pid 5069] close(3) = 0 [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7346, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=25 /* 0.25 s */} --- [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5070] umount2("./22", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] <... clone resumed>, child_tidptr=0x555556d0c650) = 7445 [pid 5070] <... openat resumed>) = 3 [pid 5070] newfstatat(3, "", ./strace-static-x86_64: Process 7445 attached {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] getdents64(3, [pid 7445] set_robust_list(0x555556d0c660, 24) = 0 [pid 7445] chdir("./23" [pid 5070] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 7445] <... chdir resumed>) = 0 [pid 5070] umount2("./22/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7445] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7445] setpgid(0, 0) = 0 [pid 7445] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7445] write(3, "1000", 4) = 4 [pid 7445] close(3) = 0 [pid 7445] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7445] memfd_create("syzkaller", 0) = 3 [pid 7445] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 7439] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5066] <... umount2 resumed>) = 0 [pid 5066] umount2("./23/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] newfstatat(AT_FDCWD, "./23/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] umount2("./23/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./23/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5066] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 5066] rmdir("./23/bus") = 0 [pid 5066] umount2("./23/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] newfstatat(AT_FDCWD, "./23/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] unlink("./23/binderfs") = 0 [pid 5066] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./23") = 0 [pid 5066] mkdir("./24", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = 0 [pid 5066] close(3) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5070] <... umount2 resumed>) = 0 [pid 5066] <... clone resumed>, child_tidptr=0x555556d0c650) = 7447 ./strace-static-x86_64: Process 7447 attached [pid 7447] set_robust_list(0x555556d0c660, 24) = 0 [pid 7447] chdir("./24") = 0 [pid 7447] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5070] umount2("./22/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7447] setpgid(0, 0) = 0 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7447] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 7443] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5070] newfstatat(AT_FDCWD, "./22/bus", [pid 7447] <... openat resumed>) = 3 [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 7447] write(3, "1000", 4) = 4 [pid 7447] close(3) = 0 [pid 7447] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7447] memfd_create("syzkaller", 0) = 3 [pid 7447] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 5070] umount2("./22/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] openat(AT_FDCWD, "./22/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5070] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5070] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5070] close(4) = 0 [pid 5070] rmdir("./22/bus") = 0 [pid 5070] umount2("./22/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] newfstatat(AT_FDCWD, "./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] unlink("./22/binderfs") = 0 [pid 5070] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5070] close(3) = 0 [pid 5070] rmdir("./22") = 0 [pid 5070] mkdir("./23", 0777) = 0 [pid 5070] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5070] ioctl(3, LOOP_CLR_FD) = 0 [pid 5070] close(3) = 0 [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d0c650) = 7448 ./strace-static-x86_64: Process 7448 attached [pid 7445] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7448] set_robust_list(0x555556d0c660, 24) = 0 [pid 7448] chdir("./23") = 0 [pid 7448] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7448] setpgid(0, 0) = 0 [pid 7448] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7448] write(3, "1000", 4) = 4 [pid 7448] close(3) = 0 [pid 7448] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7448] memfd_create("syzkaller", 0) = 3 [pid 7448] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 7436] <... write resumed>) = 16777216 [pid 7436] munmap(0x7f716ab16000, 138412032) = 0 [pid 7436] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 7436] ioctl(4, LOOP_SET_FD, 3 [pid 7447] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7436] <... ioctl resumed>) = 0 [pid 7436] close(3) = 0 [ 125.835607][ T7436] loop3: detected capacity change from 0 to 32768 [pid 7436] mkdir("./bus", 0777) = 0 [pid 7439] <... write resumed>) = 16777216 [pid 7436] mount("/dev/loop3", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [ 125.938467][ T7436] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz-executor383 (7436) [pid 7439] munmap(0x7f716ab16000, 138412032 [pid 7448] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7439] <... munmap resumed>) = 0 [pid 7439] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 7439] ioctl(4, LOOP_SET_FD, 3 [pid 7443] <... write resumed>) = 16777216 [pid 7439] <... ioctl resumed>) = 0 [pid 7439] close(3) = 0 [pid 7439] mkdir("./bus", 0777) = 0 [pid 7439] mount("/dev/loop0", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 7443] munmap(0x7f716ab16000, 138412032) = 0 [ 126.003764][ T7439] loop0: detected capacity change from 0 to 32768 [ 126.037859][ T7439] BTRFS: device /dev/loop0 using temp-fsid 4191f7ca-7484-486d-9f09-9a31484c2d39 [pid 7443] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 7443] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7443] close(3) = 0 [ 126.060612][ T7439] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz-executor383 (7439) [ 126.086644][ T7443] loop2: detected capacity change from 0 to 32768 [pid 7443] mkdir("./bus", 0777 [pid 7445] <... write resumed>) = 16777216 [pid 7443] <... mkdir resumed>) = 0 [pid 7445] munmap(0x7f716ab16000, 138412032 [pid 7443] mount("/dev/loop2", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 7436] <... mount resumed>) = 0 [pid 7436] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 7436] chdir("./bus") = 0 [pid 7436] ioctl(4, LOOP_CLR_FD) = 0 [pid 7436] close(4) = 0 [pid 7436] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 7436] pwrite64(4, "2", 1, 55022) = 1 [pid 7436] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 7436] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 7436] ftruncate(5, 43006 [pid 7445] <... munmap resumed>) = 0 [pid 7436] <... ftruncate resumed>) = 0 [pid 7436] exit_group(0) = ? [ 126.184669][ T7443] BTRFS: device /dev/loop2 using temp-fsid 6ad76bbc-6c3a-4fa4-b78c-89e7416d696d [pid 7445] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 7436] +++ exited with 0 +++ [pid 7445] <... openat resumed>) = 4 [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7436, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=30 /* 0.30 s */} --- [pid 7445] ioctl(4, LOOP_SET_FD, 3 [pid 5068] umount2("./22", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5068] umount2("./22/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7445] <... ioctl resumed>) = 0 [pid 7445] close(3) = 0 [pid 7445] mkdir("./bus", 0777) = 0 [ 126.229412][ T7445] loop4: detected capacity change from 0 to 32768 [ 126.241774][ T7443] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz-executor383 (7443) [ 126.262296][ T7443] _btrfs_printk: 63 callbacks suppressed [ 126.262307][ T7443] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm [pid 7445] mount("/dev/loop4", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 7447] <... write resumed>) = 16777216 [pid 7447] munmap(0x7f716ab16000, 138412032) = 0 [ 126.300892][ T7445] BTRFS: device /dev/loop4 using temp-fsid ab975ca7-a196-4146-a595-24c5a24e3d19 [ 126.319710][ T7443] BTRFS info (device loop2): enabling auto defrag [ 126.332179][ T7443] BTRFS info (device loop2): enabling disk space caching [ 126.339688][ T7443] BTRFS info (device loop2): max_inline at 0 [pid 7447] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 7447] ioctl(4, LOOP_SET_FD, 3) = 0 [ 126.345821][ T7443] BTRFS info (device loop2): force clearing of disk cache [ 126.353933][ T7443] BTRFS info (device loop2): turning on sync discard [ 126.358725][ T7447] loop1: detected capacity change from 0 to 32768 [ 126.360865][ T7443] BTRFS info (device loop2): disk space caching is enabled [ 126.369928][ T7445] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz-executor383 (7445) [pid 7447] close(3) = 0 [pid 7447] mkdir("./bus", 0777 [pid 5068] <... umount2 resumed>) = 0 [pid 7447] <... mkdir resumed>) = 0 [pid 5068] umount2("./22/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 7447] mount("/dev/loop1", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5068] newfstatat(AT_FDCWD, "./22/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 126.402700][ T7445] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm [ 126.426503][ T7445] BTRFS info (device loop4): enabling auto defrag [ 126.436482][ T7445] BTRFS info (device loop4): enabling disk space caching [ 126.446859][ T7445] BTRFS info (device loop4): max_inline at 0 [pid 5068] umount2("./22/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./22/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 7448] <... write resumed>) = 16777216 [pid 5068] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] getdents64(4, [pid 7448] munmap(0x7f716ab16000, 138412032 [pid 5068] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 7448] <... munmap resumed>) = 0 [ 126.455723][ T7447] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz-executor383 (7447) [ 126.456270][ T7439] BTRFS info (device loop0): enabling ssd optimizations [ 126.468624][ T7445] BTRFS info (device loop4): force clearing of disk cache [ 126.488815][ T7447] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm [pid 5068] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5068] rmdir("./22/bus") = 0 [pid 5068] umount2("./22/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] newfstatat(AT_FDCWD, "./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] unlink("./22/binderfs") = 0 [pid 5068] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5068] rmdir("./22") = 0 [pid 5068] mkdir("./23", 0777) = 0 [pid 7448] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5068] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD) = 0 [pid 5068] close(3) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 7448] <... openat resumed>) = 4 [pid 5068] <... clone resumed>, child_tidptr=0x555556d0c650) = 7494 [pid 7448] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 7494 attached [pid 7494] set_robust_list(0x555556d0c660, 24) = 0 [pid 7448] <... ioctl resumed>) = 0 [pid 7494] chdir("./23" [pid 7448] close(3 [pid 7494] <... chdir resumed>) = 0 [pid 7448] <... close resumed>) = 0 [pid 7494] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 7448] mkdir("./bus", 0777 [pid 7494] <... prctl resumed>) = 0 [pid 7448] <... mkdir resumed>) = 0 [pid 7494] setpgid(0, 0 [ 126.499702][ T7445] BTRFS info (device loop4): turning on sync discard [ 126.507902][ T7445] BTRFS info (device loop4): disk space caching is enabled [ 126.516454][ T7447] BTRFS info (device loop1): enabling auto defrag [ 126.523900][ T7439] BTRFS info (device loop0): rebuilding free space tree [ 126.528479][ T7448] loop5: detected capacity change from 0 to 32768 [ 126.543057][ T7443] BTRFS info (device loop2): enabling ssd optimizations [pid 7448] mount("/dev/loop5", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 7494] <... setpgid resumed>) = 0 [pid 7494] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7494] write(3, "1000", 4) = 4 [pid 7494] close(3) = 0 [pid 7494] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7494] memfd_create("syzkaller", 0) = 3 [pid 7494] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [ 126.559902][ T7448] BTRFS: device /dev/loop5 using temp-fsid 56b18b85-66fc-4c8d-85b9-5f65ebe7eda8 [ 126.569867][ T7447] BTRFS info (device loop1): enabling disk space caching [ 126.578571][ T7443] BTRFS info (device loop2): rebuilding free space tree [ 126.616063][ T7447] BTRFS info (device loop1): max_inline at 0 [ 126.622391][ T7448] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 scanned by syz-executor383 (7448) [ 126.622461][ T7439] BTRFS info (device loop0): disabling free space tree [ 126.644403][ T7447] BTRFS info (device loop1): force clearing of disk cache [ 126.654973][ T7447] BTRFS info (device loop1): turning on sync discard [ 126.661972][ T7447] BTRFS info (device loop1): disk space caching is enabled [ 126.669566][ T7439] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 126.674882][ T7443] BTRFS info (device loop2): disabling free space tree [ 126.679952][ T7439] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 126.701449][ T7443] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [pid 7439] <... mount resumed>) = 0 [pid 7443] <... mount resumed>) = 0 [pid 7443] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 7443] chdir("./bus") = 0 [pid 7439] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 7443] ioctl(4, LOOP_CLR_FD) = 0 [pid 7443] close(4) = 0 [pid 7443] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 7443] pwrite64(4, "2", 1, 55022 [pid 7439] <... openat resumed>) = 3 [pid 7443] <... pwrite64 resumed>) = 1 [ 126.711633][ T7443] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 126.711654][ T7448] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm [ 126.747782][ T7445] BTRFS info (device loop4): enabling ssd optimizations [pid 7443] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 7439] chdir("./bus" [pid 7443] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 7443] ftruncate(5, 43006 [pid 7439] <... chdir resumed>) = 0 [pid 7439] ioctl(4, LOOP_CLR_FD) = 0 [pid 7443] <... ftruncate resumed>) = 0 [pid 7443] exit_group(0) = ? [pid 7439] close(4) = 0 [pid 7443] +++ exited with 0 +++ [pid 7439] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7443, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=33 /* 0.33 s */} --- [pid 5067] umount2("./23", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5067] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5067] umount2("./23/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7439] pwrite64(4, "2", 1, 55022 [ 126.771122][ T7448] BTRFS info (device loop5): enabling auto defrag [ 126.777585][ T7448] BTRFS info (device loop5): enabling disk space caching [ 126.797038][ T7445] BTRFS info (device loop4): rebuilding free space tree [pid 7494] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7439] <... pwrite64 resumed>) = 1 [pid 7439] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 7439] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 7439] ftruncate(5, 43006) = 0 [pid 7439] exit_group(0) = ? [pid 7439] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7439, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=35 /* 0.35 s */} --- [pid 5065] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5065] umount2("./23", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [ 126.880685][ T7448] BTRFS info (device loop5): max_inline at 0 [ 126.886705][ T7448] BTRFS info (device loop5): force clearing of disk cache [ 126.919594][ T7445] BTRFS info (device loop4): disabling free space tree [ 126.920868][ T7448] BTRFS info (device loop5): turning on sync discard [ 126.933791][ T7448] BTRFS info (device loop5): disk space caching is enabled [ 126.942212][ T7445] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 126.952878][ T7447] BTRFS info (device loop1): enabling ssd optimizations [ 126.956014][ T7445] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [pid 5065] umount2("./23/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7445] <... mount resumed>) = 0 [pid 7445] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 7445] chdir("./bus") = 0 [pid 7445] ioctl(4, LOOP_CLR_FD) = 0 [pid 7445] close(4) = 0 [pid 7445] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5067] <... umount2 resumed>) = 0 [pid 5067] umount2("./23/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] newfstatat(AT_FDCWD, "./23/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5067] umount2("./23/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./23/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7445] pwrite64(4, "2", 1, 55022 [pid 5067] <... openat resumed>) = 4 [pid 5067] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 127.023146][ T7447] BTRFS info (device loop1): rebuilding free space tree [pid 5067] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./23/bus") = 0 [pid 5067] umount2("./23/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] newfstatat(AT_FDCWD, "./23/binderfs", [pid 7445] <... pwrite64 resumed>) = 1 [pid 7445] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5067] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5067] unlink("./23/binderfs" [pid 7445] <... openat resumed>) = 5 [pid 5067] <... unlink resumed>) = 0 [pid 5067] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 7445] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5067] rmdir("./23") = 0 [pid 5067] mkdir("./24", 0777 [pid 7445] <... write resumed>) = 65191 [pid 5067] <... mkdir resumed>) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 7445] ftruncate(5, 43006 [pid 5067] <... openat resumed>) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD [pid 7445] <... ftruncate resumed>) = 0 [pid 5067] <... ioctl resumed>) = 0 [pid 7445] exit_group(0 [pid 5067] close(3 [pid 7445] <... exit_group resumed>) = ? [pid 7445] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7445, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=37 /* 0.37 s */} --- [pid 5067] <... close resumed>) = 0 [ 127.117381][ T7447] BTRFS info (device loop1): disabling free space tree [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5065] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 7542 attached [pid 5069] umount2("./23", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 7542] set_robust_list(0x555556d0c660, 24 [pid 5067] <... clone resumed>, child_tidptr=0x555556d0c650) = 7542 [pid 5065] umount2("./23/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7542] <... set_robust_list resumed>) = 0 [pid 5069] <... openat resumed>) = 3 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] newfstatat(3, "", [pid 7542] chdir("./24" [pid 5065] newfstatat(AT_FDCWD, "./23/bus", [pid 7542] <... chdir resumed>) = 0 [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] umount2("./23/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./23/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] getdents64(3, [pid 5065] <... openat resumed>) = 4 [pid 7542] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5069] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5069] umount2("./23/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7542] <... prctl resumed>) = 0 [pid 5065] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 7542] setpgid(0, 0 [pid 5065] getdents64(4, [pid 7542] <... setpgid resumed>) = 0 [pid 5065] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 7542] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5065] getdents64(4, [pid 7542] <... openat resumed>) = 3 [pid 5065] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 7542] write(3, "1000", 4 [pid 5065] close(4 [pid 7542] <... write resumed>) = 4 [pid 5065] <... close resumed>) = 0 [pid 7542] close(3 [ 127.164000][ T7447] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 127.186126][ T7448] BTRFS info (device loop5): enabling ssd optimizations [pid 5065] rmdir("./23/bus" [pid 7542] <... close resumed>) = 0 [pid 5065] <... rmdir resumed>) = 0 [pid 5065] umount2("./23/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] newfstatat(AT_FDCWD, "./23/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] unlink("./23/binderfs" [pid 7542] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7542] memfd_create("syzkaller", 0 [pid 5065] <... unlink resumed>) = 0 [pid 5065] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 7542] <... memfd_create resumed>) = 3 [pid 5065] rmdir("./23") = 0 [pid 5065] mkdir("./24", 0777 [pid 7542] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5065] <... mkdir resumed>) = 0 [pid 7542] <... mmap resumed>) = 0x7f716ab16000 [pid 5065] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = 0 [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7545 attached , child_tidptr=0x555556d0c650) = 7545 [pid 7545] set_robust_list(0x555556d0c660, 24) = 0 [pid 7545] chdir("./24") = 0 [pid 7545] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7545] setpgid(0, 0) = 0 [ 127.229761][ T7447] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 127.260783][ T7448] BTRFS info (device loop5): rebuilding free space tree [pid 7545] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7545] write(3, "1000", 4) = 4 [pid 7545] close(3) = 0 [pid 7447] <... mount resumed>) = 0 [pid 7545] symlink("/dev/binderfs", "./binderfs" [pid 7447] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 7545] <... symlink resumed>) = 0 [pid 7447] chdir("./bus") = 0 [pid 7447] ioctl(4, LOOP_CLR_FD) = 0 [pid 7447] close(4) = 0 [pid 7447] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 7545] memfd_create("syzkaller", 0 [pid 7447] <... open resumed>) = 4 [pid 7545] <... memfd_create resumed>) = 3 [pid 7447] pwrite64(4, "2", 1, 55022 [pid 7545] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [ 127.361251][ T7448] BTRFS info (device loop5): disabling free space tree [ 127.368331][ T7448] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [pid 7447] <... pwrite64 resumed>) = 1 [pid 5069] <... umount2 resumed>) = 0 [pid 7447] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 5069] umount2("./23/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] newfstatat(AT_FDCWD, "./23/bus", [pid 7494] <... write resumed>) = 16777216 [pid 7447] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 7447] ftruncate(5, 43006 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] umount2("./23/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 7447] <... ftruncate resumed>) = 0 [pid 5069] openat(AT_FDCWD, "./23/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7447] exit_group(0 [pid 5069] <... openat resumed>) = 4 [pid 5069] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 7447] <... exit_group resumed>) = ? [pid 5069] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 7447] +++ exited with 0 +++ [pid 5069] close(4 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7447, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=30 /* 0.30 s */} --- [pid 5069] <... close resumed>) = 0 [ 127.460572][ T7448] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [pid 7494] munmap(0x7f716ab16000, 138412032 [pid 5069] rmdir("./23/bus") = 0 [pid 5066] umount2("./24", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7494] <... munmap resumed>) = 0 [pid 5069] umount2("./23/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] newfstatat(AT_FDCWD, "./23/binderfs", [pid 7494] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5066] <... openat resumed>) = 3 [pid 5069] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] newfstatat(3, "", [pid 7494] <... openat resumed>) = 4 [pid 5066] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 7494] ioctl(4, LOOP_SET_FD, 3 [pid 5069] unlink("./23/binderfs" [pid 5066] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5066] umount2("./24/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... unlink resumed>) = 0 [pid 5069] getdents64(3, [pid 7494] <... ioctl resumed>) = 0 [pid 5069] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./23" [pid 7448] <... mount resumed>) = 0 [pid 5069] <... rmdir resumed>) = 0 [pid 7448] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 7494] close(3 [pid 7448] <... openat resumed>) = 3 [pid 7494] <... close resumed>) = 0 [pid 7494] mkdir("./bus", 0777) = 0 [pid 7448] chdir("./bus") = 0 [pid 7494] mount("/dev/loop3", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5069] mkdir("./24", 0777 [pid 7448] ioctl(4, LOOP_CLR_FD) = 0 [pid 7448] close(4 [pid 5069] <... mkdir resumed>) = 0 [pid 7448] <... close resumed>) = 0 [ 127.562179][ T7494] loop3: detected capacity change from 0 to 32768 [pid 7448] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 5069] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 7448] pwrite64(4, "2", 1, 55022) = 1 [pid 7448] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 7448] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 7448] ftruncate(5, 43006 [pid 5069] ioctl(3, LOOP_CLR_FD [pid 7448] <... ftruncate resumed>) = 0 [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5069] close(3 [pid 7448] exit_group(0 [pid 5069] <... close resumed>) = 0 [pid 7448] <... exit_group resumed>) = ? [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7547 attached [pid 7448] +++ exited with 0 +++ [pid 7547] set_robust_list(0x555556d0c660, 24 [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7448, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=34 /* 0.34 s */} --- [pid 5069] <... clone resumed>, child_tidptr=0x555556d0c650) = 7547 [pid 7547] <... set_robust_list resumed>) = 0 [pid 7547] chdir("./24") = 0 [pid 7547] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 127.618316][ T7494] BTRFS: device /dev/loop3 using temp-fsid a2cff779-8173-49d8-9297-a5bdcc7e2098 [pid 7547] setpgid(0, 0) = 0 [pid 7547] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7547] write(3, "1000", 4) = 4 [pid 7547] close(3 [pid 5070] umount2("./23", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7547] <... close resumed>) = 0 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7547] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5070] openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7547] memfd_create("syzkaller", 0 [pid 5070] <... openat resumed>) = 3 [pid 5070] newfstatat(3, "", [pid 7547] <... memfd_create resumed>) = 3 [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 7547] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5070] getdents64(3, [pid 7547] <... mmap resumed>) = 0x7f716ab16000 [pid 5070] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 7542] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [ 127.683101][ T7494] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz-executor383 (7494) [ 127.781215][ T7494] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm [pid 5070] umount2("./23/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7545] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5066] <... umount2 resumed>) = 0 [pid 5066] umount2("./24/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] newfstatat(AT_FDCWD, "./24/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] umount2("./24/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./24/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 127.844392][ T7494] BTRFS info (device loop3): enabling auto defrag [ 127.884004][ T7494] BTRFS info (device loop3): enabling disk space caching [pid 5066] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5066] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5066] close(4) = 0 [pid 5066] rmdir("./24/bus") = 0 [pid 5066] umount2("./24/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] newfstatat(AT_FDCWD, "./24/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] unlink("./24/binderfs") = 0 [pid 5066] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [pid 5066] rmdir("./24") = 0 [pid 5066] mkdir("./25", 0777) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = 0 [pid 5066] close(3) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7549 attached , child_tidptr=0x555556d0c650) = 7549 [pid 7549] set_robust_list(0x555556d0c660, 24) = 0 [pid 5070] <... umount2 resumed>) = 0 [pid 7549] chdir("./25") = 0 [pid 5070] umount2("./23/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7549] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7549] <... prctl resumed>) = 0 [pid 5070] newfstatat(AT_FDCWD, "./23/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 7549] setpgid(0, 0) = 0 [pid 5070] umount2("./23/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7549] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7549] <... openat resumed>) = 3 [pid 5070] openat(AT_FDCWD, "./23/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 7549] write(3, "1000", 4 [pid 5070] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 7549] <... write resumed>) = 4 [pid 7549] close(3 [pid 5070] getdents64(4, [pid 7549] <... close resumed>) = 0 [pid 5070] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 7549] symlink("/dev/binderfs", "./binderfs" [ 127.945525][ T7494] BTRFS info (device loop3): max_inline at 0 [ 127.982386][ T7494] BTRFS info (device loop3): force clearing of disk cache [pid 5070] getdents64(4, [pid 7549] <... symlink resumed>) = 0 [pid 5070] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 7549] memfd_create("syzkaller", 0 [pid 5070] close(4) = 0 [pid 7549] <... memfd_create resumed>) = 3 [pid 5070] rmdir("./23/bus" [pid 7549] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 5070] <... rmdir resumed>) = 0 [pid 5070] umount2("./23/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] newfstatat(AT_FDCWD, "./23/binderfs", [pid 7547] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5070] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 128.025909][ T7494] BTRFS info (device loop3): turning on sync discard [ 128.063991][ T7494] BTRFS info (device loop3): disk space caching is enabled [pid 5070] unlink("./23/binderfs") = 0 [pid 5070] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5070] close(3) = 0 [pid 5070] rmdir("./23") = 0 [pid 5070] mkdir("./24", 0777) = 0 [pid 5070] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5070] ioctl(3, LOOP_CLR_FD) = 0 [pid 5070] close(3) = 0 [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7554 attached [pid 7554] set_robust_list(0x555556d0c660, 24 [pid 5070] <... clone resumed>, child_tidptr=0x555556d0c650) = 7554 [pid 7554] <... set_robust_list resumed>) = 0 [pid 7554] chdir("./24") = 0 [pid 7554] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7554] setpgid(0, 0) = 0 [pid 7549] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7554] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7554] write(3, "1000", 4) = 4 [pid 7554] close(3) = 0 [pid 7554] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7554] memfd_create("syzkaller", 0) = 3 [pid 7554] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [ 128.356195][ T7494] BTRFS info (device loop3): enabling ssd optimizations [pid 7545] <... write resumed>) = 16777216 [pid 7545] munmap(0x7f716ab16000, 138412032) = 0 [pid 7542] <... write resumed>) = 16777216 [pid 7545] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 7542] munmap(0x7f716ab16000, 138412032 [pid 7545] <... openat resumed>) = 4 [pid 7545] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7545] close(3) = 0 [ 128.471681][ T7494] BTRFS info (device loop3): rebuilding free space tree [ 128.511244][ T7545] loop0: detected capacity change from 0 to 32768 [pid 7545] mkdir("./bus", 0777) = 0 [pid 7542] <... munmap resumed>) = 0 [pid 7542] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 7545] mount("/dev/loop0", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 7542] <... openat resumed>) = 4 [ 128.531609][ T7494] BTRFS info (device loop3): disabling free space tree [ 128.538530][ T7494] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 128.556746][ T7545] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz-executor383 (7545) [pid 7542] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7542] close(3) = 0 [pid 7542] mkdir("./bus", 0777) = 0 [pid 7542] mount("/dev/loop2", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [ 128.597099][ T7542] loop2: detected capacity change from 0 to 32768 [ 128.605454][ T7494] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 128.653057][ T7545] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm [ 128.660666][ T7542] BTRFS: device /dev/loop2 using temp-fsid 9845df96-2db8-452f-af7f-300925ed6b82 [ 128.668977][ T7545] BTRFS info (device loop0): enabling auto defrag [ 128.682891][ T7542] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz-executor383 (7542) [ 128.687420][ T7545] BTRFS info (device loop0): enabling disk space caching [pid 7554] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7549] <... write resumed>) = 16777216 [pid 7494] <... mount resumed>) = 0 [pid 7494] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 7494] chdir("./bus") = 0 [pid 7494] ioctl(4, LOOP_CLR_FD) = 0 [pid 7494] close(4 [pid 7549] munmap(0x7f716ab16000, 138412032 [pid 7494] <... close resumed>) = 0 [ 128.741239][ T7545] BTRFS info (device loop0): max_inline at 0 [ 128.747381][ T7545] BTRFS info (device loop0): force clearing of disk cache [ 128.754270][ T7542] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm [ 128.754796][ T7545] BTRFS info (device loop0): turning on sync discard [ 128.769702][ T7545] BTRFS info (device loop0): disk space caching is enabled [ 128.779179][ T7542] BTRFS info (device loop2): enabling auto defrag [pid 7494] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 7549] <... munmap resumed>) = 0 [pid 7547] <... write resumed>) = 16777216 [pid 7494] pwrite64(4, "2", 1, 55022 [pid 7547] munmap(0x7f716ab16000, 138412032 [pid 7549] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 7494] <... pwrite64 resumed>) = 1 [pid 7494] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 7549] ioctl(4, LOOP_SET_FD, 3 [pid 7494] <... openat resumed>) = 5 [pid 7549] <... ioctl resumed>) = 0 [pid 7549] close(3) = 0 [pid 7549] mkdir("./bus", 0777 [pid 7494] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 7549] <... mkdir resumed>) = 0 [pid 7547] <... munmap resumed>) = 0 [pid 7549] mount("/dev/loop1", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 7494] <... write resumed>) = 65191 [pid 7494] ftruncate(5, 43006) = 0 [ 128.785669][ T7542] BTRFS info (device loop2): enabling disk space caching [ 128.801969][ T7542] BTRFS info (device loop2): max_inline at 0 [ 128.807962][ T7542] BTRFS info (device loop2): force clearing of disk cache [ 128.816319][ T7542] BTRFS info (device loop2): turning on sync discard [ 128.823344][ T7542] BTRFS info (device loop2): disk space caching is enabled [ 128.831386][ T7549] loop1: detected capacity change from 0 to 32768 [pid 7494] exit_group(0) = ? [pid 7494] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7494, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=32 /* 0.32 s */} --- [pid 7547] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5068] umount2("./23", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7547] <... openat resumed>) = 4 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7547] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5068] openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [ 128.857465][ T7549] BTRFS: device /dev/loop1 using temp-fsid 544bda10-53d1-467b-b8c6-991c57f5b898 [ 128.873686][ T7547] loop4: detected capacity change from 0 to 32768 [pid 5068] umount2("./23/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7547] close(3) = 0 [pid 7547] mkdir("./bus", 0777) = 0 [ 128.910319][ T7549] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz-executor383 (7549) [ 128.949322][ T7549] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm [pid 7547] mount("/dev/loop4", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 7554] <... write resumed>) = 16777216 [ 128.950131][ T7547] BTRFS: device /dev/loop4 using temp-fsid 642882fd-3baf-4fed-8cc3-dbfd93939344 [ 128.967469][ T7542] BTRFS info (device loop2): enabling ssd optimizations [ 128.975063][ T7545] BTRFS info (device loop0): enabling ssd optimizations [ 128.982946][ T7542] BTRFS info (device loop2): rebuilding free space tree [ 128.986167][ T7549] BTRFS info (device loop1): enabling auto defrag [pid 7554] munmap(0x7f716ab16000, 138412032) = 0 [pid 7554] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 7554] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 7554] close(3) = 0 [pid 7554] mkdir("./bus", 0777) = 0 [ 129.000468][ T7547] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz-executor383 (7547) [ 129.016749][ T7542] BTRFS info (device loop2): disabling free space tree [ 129.016776][ T7545] BTRFS info (device loop0): rebuilding free space tree [ 129.031234][ T7542] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 129.038765][ T7554] loop5: detected capacity change from 0 to 32768 [ 129.053053][ T7549] BTRFS info (device loop1): enabling disk space caching [ 129.059835][ T7542] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 129.062646][ T7547] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm [ 129.081273][ T7554] BTRFS: device /dev/loop5 using temp-fsid 7b3b6237-7d88-4230-ba40-ee1f54aeafbc [ 129.090337][ T7554] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 scanned by syz-executor383 (7554) [ 129.103760][ T7549] BTRFS info (device loop1): max_inline at 0 [pid 7554] mount("/dev/loop5", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5068] <... umount2 resumed>) = 0 [pid 5068] umount2("./23/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 129.107223][ T7547] BTRFS info (device loop4): enabling auto defrag [ 129.114892][ T7549] BTRFS info (device loop1): force clearing of disk cache [ 129.120603][ T7547] BTRFS info (device loop4): enabling disk space caching [ 129.130862][ T7549] BTRFS info (device loop1): turning on sync discard [ 129.132639][ T7545] BTRFS info (device loop0): disabling free space tree [ 129.146344][ T7549] BTRFS info (device loop1): disk space caching is enabled [pid 7542] <... mount resumed>) = 0 [pid 5068] newfstatat(AT_FDCWD, "./23/bus", [pid 7542] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 7542] <... openat resumed>) = 3 [pid 5068] umount2("./23/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7542] chdir("./bus" [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./23/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5068] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5068] rmdir("./23/bus") = 0 [pid 5068] umount2("./23/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7542] <... chdir resumed>) = 0 [pid 7542] ioctl(4, LOOP_CLR_FD) = 0 [pid 7542] close(4) = 0 [pid 7542] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [ 129.149133][ T7545] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 129.163428][ T7554] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm [ 129.174931][ T7554] BTRFS info (device loop5): enabling auto defrag [pid 7542] pwrite64(4, "2", 1, 55022 [pid 7545] <... mount resumed>) = 0 [pid 7545] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 7545] chdir("./bus") = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7545] ioctl(4, LOOP_CLR_FD) = 0 [pid 7545] close(4) = 0 [pid 7545] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 7545] pwrite64(4, "2", 1, 55022 [pid 5068] newfstatat(AT_FDCWD, "./23/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] unlink("./23/binderfs") = 0 [pid 5068] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5068] rmdir("./23") = 0 [pid 5068] mkdir("./24", 0777 [pid 7542] <... pwrite64 resumed>) = 1 [pid 7542] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5068] <... mkdir resumed>) = 0 [pid 7542] <... openat resumed>) = 5 [pid 5068] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 7542] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5068] ioctl(3, LOOP_CLR_FD [pid 7542] <... write resumed>) = 65191 [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5068] close(3) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7615 attached [pid 7615] set_robust_list(0x555556d0c660, 24 [pid 7542] ftruncate(5, 43006 [pid 5068] <... clone resumed>, child_tidptr=0x555556d0c650) = 7615 [pid 7615] <... set_robust_list resumed>) = 0 [pid 7545] <... pwrite64 resumed>) = 1 [pid 7615] chdir("./24" [pid 7545] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 7542] <... ftruncate resumed>) = 0 [pid 7615] <... chdir resumed>) = 0 [pid 7545] <... openat resumed>) = 5 [pid 7542] exit_group(0 [pid 7615] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 7545] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 7542] <... exit_group resumed>) = ? [pid 7545] <... write resumed>) = 65191 [pid 7542] +++ exited with 0 +++ [pid 7545] ftruncate(5, 43006 [pid 7615] <... prctl resumed>) = 0 [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7542, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=38 /* 0.38 s */} --- [pid 7615] setpgid(0, 0 [pid 7545] <... ftruncate resumed>) = 0 [pid 7545] exit_group(0) = ? [pid 7615] <... setpgid resumed>) = 0 [pid 7545] +++ exited with 0 +++ [pid 5067] umount2("./24", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7545, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=38 /* 0.38 s */} --- [pid 7615] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] umount2("./24", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] <... openat resumed>) = 3 [pid 5065] openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5067] newfstatat(3, "", [pid 5065] <... openat resumed>) = 3 [pid 5067] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] newfstatat(3, "", [pid 5067] getdents64(3, [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5067] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5065] getdents64(3, [pid 5067] umount2("./24/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5065] umount2("./24/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7615] <... openat resumed>) = 3 [pid 7615] write(3, "1000", 4) = 4 [pid 7615] close(3) = 0 [pid 7615] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7615] memfd_create("syzkaller", 0) = 3 [pid 7615] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 7549] <... mount resumed>) = 0 [pid 7549] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 7549] chdir("./bus" [pid 7554] <... mount resumed>) = 0 [pid 7549] <... chdir resumed>) = 0 [pid 7554] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 7549] ioctl(4, LOOP_CLR_FD) = 0 [pid 7554] <... openat resumed>) = 3 [pid 7549] close(4 [pid 7554] chdir("./bus" [pid 7549] <... close resumed>) = 0 [pid 7554] <... chdir resumed>) = 0 [pid 7549] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 7554] ioctl(4, LOOP_CLR_FD [pid 7549] <... open resumed>) = 4 [pid 7554] <... ioctl resumed>) = 0 [pid 7554] close(4) = 0 [pid 7554] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 7549] pwrite64(4, "2", 1, 55022 [pid 7554] <... open resumed>) = 4 [pid 5065] <... umount2 resumed>) = 0 [pid 7554] pwrite64(4, "2", 1, 55022 [pid 5065] umount2("./24/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7547] <... mount resumed>) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] newfstatat(AT_FDCWD, "./24/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] umount2("./24/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 7547] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5065] openat(AT_FDCWD, "./24/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7547] <... openat resumed>) = 3 [pid 7547] chdir("./bus" [pid 5065] <... openat resumed>) = 4 [pid 7547] <... chdir resumed>) = 0 [pid 5065] newfstatat(4, "", [pid 7547] ioctl(4, LOOP_CLR_FD [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 7547] <... ioctl resumed>) = 0 [pid 7547] close(4) = 0 [pid 7547] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 7549] <... pwrite64 resumed>) = 1 [pid 7549] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 7549] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 5065] getdents64(4, [pid 7549] ftruncate(5, 43006 [pid 5065] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5065] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 7547] pwrite64(4, "2", 1, 55022 [pid 5065] close(4) = 0 [pid 7549] <... ftruncate resumed>) = 0 [pid 5065] rmdir("./24/bus" [pid 7549] exit_group(0) = ? [pid 7549] +++ exited with 0 +++ [pid 5065] <... rmdir resumed>) = 0 [pid 7554] <... pwrite64 resumed>) = 1 [pid 5065] umount2("./24/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7554] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] newfstatat(AT_FDCWD, "./24/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] unlink("./24/binderfs" [pid 7554] <... openat resumed>) = 5 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7549, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=28 /* 0.28 s */} --- [pid 5065] <... unlink resumed>) = 0 [pid 7554] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5065] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5066] umount2("./25", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] close(3 [pid 7554] <... write resumed>) = 65191 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5065] <... close resumed>) = 0 [pid 7554] ftruncate(5, 43006 [pid 5066] openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5065] rmdir("./24" [pid 5066] <... openat resumed>) = 3 [pid 5065] <... rmdir resumed>) = 0 [pid 5066] newfstatat(3, "", [pid 7554] <... ftruncate resumed>) = 0 [pid 7547] <... pwrite64 resumed>) = 1 [pid 5066] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] mkdir("./25", 0777 [pid 7547] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 7554] exit_group(0) = ? [pid 7547] <... openat resumed>) = 5 [pid 5066] getdents64(3, [pid 5065] <... mkdir resumed>) = 0 [pid 7547] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 5066] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5065] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 7547] <... write resumed>) = 65191 [pid 5066] umount2("./25/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5065] <... openat resumed>) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = 0 [pid 7547] ftruncate(5, 43006 [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 7554] +++ exited with 0 +++ [pid 7547] <... ftruncate resumed>) = 0 [pid 7547] exit_group(0 [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7554, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=26 /* 0.26 s */} --- [pid 5065] <... clone resumed>, child_tidptr=0x555556d0c650) = 7645 [pid 7547] <... exit_group resumed>) = ? ./strace-static-x86_64: Process 7645 attached [pid 5070] restart_syscall(<... resuming interrupted clone ...> [pid 7645] set_robust_list(0x555556d0c660, 24 [pid 5070] <... restart_syscall resumed>) = 0 [pid 5067] <... umount2 resumed>) = 0 [pid 5067] umount2("./24/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7645] <... set_robust_list resumed>) = 0 [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7645] chdir("./25" [pid 7615] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5067] newfstatat(AT_FDCWD, "./24/bus", [pid 7645] <... chdir resumed>) = 0 [pid 5070] umount2("./24", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 7645] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7645] <... prctl resumed>) = 0 [pid 5070] openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7645] setpgid(0, 0 [pid 5070] <... openat resumed>) = 3 [pid 5067] umount2("./24/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7645] <... setpgid resumed>) = 0 [pid 5070] newfstatat(3, "", [pid 5067] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7645] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 7547] +++ exited with 0 +++ [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5067] openat(AT_FDCWD, "./24/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7645] <... openat resumed>) = 3 [pid 5070] getdents64(3, [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7547, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=27 /* 0.27 s */} --- [pid 5067] <... openat resumed>) = 4 [pid 5070] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5067] newfstatat(4, "", [pid 5070] umount2("./24/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 7645] write(3, "1000", 4 [pid 5069] umount2("./24", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] getdents64(4, [pid 7645] <... write resumed>) = 4 [pid 5069] openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7645] close(3 [pid 5069] <... openat resumed>) = 3 [pid 5067] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 7645] <... close resumed>) = 0 [pid 7645] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5069] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 7645] memfd_create("syzkaller", 0 [pid 5069] umount2("./24/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] getdents64(4, [pid 7645] <... memfd_create resumed>) = 3 [pid 7645] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 5067] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./24/bus") = 0 [pid 5067] umount2("./24/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] newfstatat(AT_FDCWD, "./24/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5067] unlink("./24/binderfs") = 0 [pid 5067] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./24") = 0 [pid 5067] mkdir("./25", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d0c650) = 7647 ./strace-static-x86_64: Process 7647 attached [pid 7647] set_robust_list(0x555556d0c660, 24) = 0 [pid 7647] chdir("./25") = 0 [pid 7647] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7647] setpgid(0, 0) = 0 [pid 7647] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7647] write(3, "1000", 4) = 4 [pid 7647] close(3) = 0 [pid 7647] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7647] memfd_create("syzkaller", 0) = 3 [pid 7647] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5070] <... umount2 resumed>) = 0 [pid 5070] umount2("./24/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] <... umount2 resumed>) = 0 [pid 7647] <... mmap resumed>) = 0x7f716ab16000 [pid 5070] newfstatat(AT_FDCWD, "./24/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] umount2("./25/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] umount2("./24/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] newfstatat(AT_FDCWD, "./25/bus", [pid 5070] openat(AT_FDCWD, "./24/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] <... openat resumed>) = 4 [pid 5066] umount2("./25/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] newfstatat(4, "", [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5066] openat(AT_FDCWD, "./25/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5070] getdents64(4, [pid 5066] <... openat resumed>) = 4 [pid 7645] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5070] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5066] newfstatat(4, "", [pid 5070] getdents64(4, [pid 5066] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5066] getdents64(4, [pid 5070] close(4 [pid 5066] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5070] <... close resumed>) = 0 [pid 5066] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5070] rmdir("./24/bus") = 0 [pid 5066] close(4 [pid 5070] umount2("./24/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... close resumed>) = 0 [pid 5066] rmdir("./25/bus" [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... rmdir resumed>) = 0 [pid 5070] newfstatat(AT_FDCWD, "./24/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] umount2("./25/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] unlink("./24/binderfs" [pid 5069] <... umount2 resumed>) = 0 [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] <... unlink resumed>) = 0 [pid 5069] umount2("./24/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] newfstatat(AT_FDCWD, "./25/binderfs", [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] getdents64(3, [pid 5069] newfstatat(AT_FDCWD, "./24/bus", [pid 5066] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] unlink("./25/binderfs" [pid 5070] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5070] close(3 [pid 5069] umount2("./24/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... unlink resumed>) = 0 [pid 5066] getdents64(3, [pid 5070] <... close resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5070] rmdir("./24" [pid 5069] openat(AT_FDCWD, "./24/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] close(3 [pid 5070] <... rmdir resumed>) = 0 [pid 5069] <... openat resumed>) = 4 [pid 5066] <... close resumed>) = 0 [pid 5066] rmdir("./25" [pid 5070] mkdir("./25", 0777 [pid 5069] newfstatat(4, "", [pid 5066] <... rmdir resumed>) = 0 [pid 5070] <... mkdir resumed>) = 0 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5066] mkdir("./26", 0777 [pid 5070] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5069] getdents64(4, [pid 5066] <... mkdir resumed>) = 0 [pid 5070] ioctl(3, LOOP_CLR_FD [pid 5069] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5070] <... ioctl resumed>) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5070] close(3) = 0 [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5066] <... openat resumed>) = 3 ./strace-static-x86_64: Process 7650 attached [pid 5066] ioctl(3, LOOP_CLR_FD [pid 7650] set_robust_list(0x555556d0c660, 24 [pid 5066] <... ioctl resumed>) = 0 [pid 7650] <... set_robust_list resumed>) = 0 [pid 5070] <... clone resumed>, child_tidptr=0x555556d0c650) = 7650 [pid 5069] getdents64(4, [pid 5066] close(3) = 0 [pid 5069] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5069] close(4 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 7650] chdir("./25" [pid 5069] <... close resumed>) = 0 [pid 5069] rmdir("./24/bus" [pid 5066] <... clone resumed>, child_tidptr=0x555556d0c650) = 7651 ./strace-static-x86_64: Process 7651 attached [pid 7650] <... chdir resumed>) = 0 [pid 5069] <... rmdir resumed>) = 0 [pid 7650] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5069] umount2("./24/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7650] <... prctl resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7651] set_robust_list(0x555556d0c660, 24 [pid 7650] setpgid(0, 0 [pid 7651] <... set_robust_list resumed>) = 0 [pid 7651] chdir("./26") = 0 [pid 7650] <... setpgid resumed>) = 0 [pid 7651] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7651] setpgid(0, 0 [pid 7650] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 7651] <... setpgid resumed>) = 0 [pid 7651] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7651] write(3, "1000", 4 [pid 5069] newfstatat(AT_FDCWD, "./24/binderfs", [pid 7651] <... write resumed>) = 4 [pid 7651] close(3) = 0 [pid 7651] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7650] <... openat resumed>) = 3 [pid 5069] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] unlink("./24/binderfs" [pid 7651] memfd_create("syzkaller", 0 [pid 5069] <... unlink resumed>) = 0 [pid 7650] write(3, "1000", 4 [pid 5069] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 7650] <... write resumed>) = 4 [pid 5069] close(3 [pid 7651] <... memfd_create resumed>) = 3 [pid 7650] close(3 [pid 7651] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 7650] <... close resumed>) = 0 [pid 5069] <... close resumed>) = 0 [pid 5069] rmdir("./24" [pid 7650] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7647] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5069] <... rmdir resumed>) = 0 [pid 7650] memfd_create("syzkaller", 0) = 3 [pid 5069] mkdir("./25", 0777 [pid 7650] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5069] <... mkdir resumed>) = 0 [pid 7650] <... mmap resumed>) = 0x7f716ab16000 [pid 5069] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = 0 [pid 5069] close(3) = 0 [pid 7615] <... write resumed>) = 16777216 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d0c650) = 7652 ./strace-static-x86_64: Process 7652 attached [pid 7652] set_robust_list(0x555556d0c660, 24) = 0 [pid 7615] munmap(0x7f716ab16000, 138412032 [pid 7652] chdir("./25" [pid 7615] <... munmap resumed>) = 0 [pid 7652] <... chdir resumed>) = 0 [pid 7652] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7615] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 7615] ioctl(4, LOOP_SET_FD, 3 [pid 7652] setpgid(0, 0) = 0 [pid 7652] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 7615] <... ioctl resumed>) = 0 [pid 7615] close(3 [pid 7652] <... openat resumed>) = 3 [ 130.431883][ T7615] loop3: detected capacity change from 0 to 32768 [pid 7615] <... close resumed>) = 0 [pid 7652] write(3, "1000", 4 [pid 7615] mkdir("./bus", 0777 [pid 7652] <... write resumed>) = 4 [pid 7615] <... mkdir resumed>) = 0 [pid 7652] close(3) = 0 [pid 7615] mount("/dev/loop3", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 7652] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7652] memfd_create("syzkaller", 0) = 3 [pid 7652] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [ 130.488347][ T7615] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz-executor383 (7615) [pid 7651] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7647] <... write resumed>) = 16777216 [pid 7647] munmap(0x7f716ab16000, 138412032) = 0 [pid 7647] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 7647] ioctl(4, LOOP_SET_FD, 3 [pid 7650] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7647] <... ioctl resumed>) = 0 [pid 7645] <... write resumed>) = 16777216 [ 130.718430][ T7647] loop2: detected capacity change from 0 to 32768 [pid 7647] close(3) = 0 [pid 7647] mkdir("./bus", 0777) = 0 [pid 7647] mount("/dev/loop2", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 7652] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7645] munmap(0x7f716ab16000, 138412032) = 0 [ 130.816966][ T7647] BTRFS: device /dev/loop2 using temp-fsid d175c3ec-de9b-4d1d-9ab9-f1ba02fc418e [pid 7645] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 7645] ioctl(4, LOOP_SET_FD, 3 [pid 7615] <... mount resumed>) = 0 [pid 7615] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 7615] chdir("./bus") = 0 [pid 7615] ioctl(4, LOOP_CLR_FD) = 0 [pid 7615] close(4) = 0 [pid 7615] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [ 130.862121][ T7647] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz-executor383 (7647) [ 130.882012][ T7645] loop0: detected capacity change from 0 to 32768 [pid 7645] <... ioctl resumed>) = 0 [pid 7645] close(3) = 0 [pid 7645] mkdir("./bus", 0777) = 0 [pid 7645] mount("/dev/loop0", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 7615] pwrite64(4, "2", 1, 55022) = 1 [pid 7615] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 7615] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 7615] ftruncate(5, 43006) = 0 [pid 7615] exit_group(0) = ? [pid 7615] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7615, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=27 /* 0.27 s */} --- [ 130.960207][ T7645] BTRFS: device /dev/loop0 using temp-fsid ba5c0ddd-377c-461b-b8ca-4191ade200a4 [pid 5068] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5068] umount2("./24", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [ 131.015866][ T7645] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz-executor383 (7645) [pid 5068] umount2("./24/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7652] <... write resumed>) = 16777216 [pid 7652] munmap(0x7f716ab16000, 138412032) = 0 [pid 5068] <... umount2 resumed>) = 0 [pid 7647] <... mount resumed>) = 0 [pid 5068] umount2("./24/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] newfstatat(AT_FDCWD, "./24/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] umount2("./24/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 7652] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 7647] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5068] openat(AT_FDCWD, "./24/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7652] <... openat resumed>) = 4 [pid 7647] <... openat resumed>) = 3 [pid 5068] <... openat resumed>) = 4 [pid 7647] chdir("./bus" [pid 5068] newfstatat(4, "", [pid 7647] <... chdir resumed>) = 0 [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 7652] ioctl(4, LOOP_SET_FD, 3 [pid 7647] ioctl(4, LOOP_CLR_FD [pid 5068] getdents64(4, [pid 7647] <... ioctl resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 7647] close(4 [pid 5068] close(4) = 0 [pid 7647] <... close resumed>) = 0 [pid 7647] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5068] rmdir("./24/bus" [pid 7647] <... open resumed>) = 4 [pid 5068] <... rmdir resumed>) = 0 [pid 7647] pwrite64(4, "2", 1, 55022 [pid 5068] umount2("./24/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] newfstatat(AT_FDCWD, "./24/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] unlink("./24/binderfs") = 0 [pid 5068] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5068] rmdir("./24") = 0 [pid 5068] mkdir("./25", 0777) = 0 [ 131.279637][ T7652] loop4: detected capacity change from 0 to 32768 [pid 7647] <... pwrite64 resumed>) = 1 [pid 5068] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 7652] <... ioctl resumed>) = 0 [pid 5068] <... openat resumed>) = 3 [pid 7652] close(3 [pid 5068] ioctl(3, LOOP_CLR_FD [pid 7652] <... close resumed>) = 0 [pid 5068] <... ioctl resumed>) = 0 [pid 7652] mkdir("./bus", 0777 [pid 5068] close(3 [pid 7652] <... mkdir resumed>) = 0 [pid 5068] <... close resumed>) = 0 [pid 7652] mount("/dev/loop4", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 7647] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000./strace-static-x86_64: Process 7699 attached [pid 7651] <... write resumed>) = 16777216 [pid 7647] <... openat resumed>) = 5 [ 131.321644][ T7645] _btrfs_printk: 56 callbacks suppressed [ 131.321657][ T7645] BTRFS info (device loop0): enabling ssd optimizations [ 131.328949][ T7652] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz-executor383 (7652) [pid 7699] set_robust_list(0x555556d0c660, 24 [pid 7651] munmap(0x7f716ab16000, 138412032 [pid 7647] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 7699] <... set_robust_list resumed>) = 0 [pid 5068] <... clone resumed>, child_tidptr=0x555556d0c650) = 7699 [pid 7699] chdir("./25") = 0 [pid 7699] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 7647] <... write resumed>) = 65191 [pid 7699] <... prctl resumed>) = 0 [pid 7699] setpgid(0, 0) = 0 [pid 7699] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7699] write(3, "1000", 4 [pid 7647] ftruncate(5, 43006 [pid 7699] <... write resumed>) = 4 [pid 7699] close(3) = 0 [pid 7699] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7699] memfd_create("syzkaller", 0 [pid 7651] <... munmap resumed>) = 0 [pid 7647] <... ftruncate resumed>) = 0 [pid 7699] <... memfd_create resumed>) = 3 [pid 7699] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 7647] exit_group(0 [pid 7651] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 7647] <... exit_group resumed>) = ? [pid 7651] <... openat resumed>) = 4 [pid 7647] +++ exited with 0 +++ [ 131.366192][ T7645] BTRFS info (device loop0): rebuilding free space tree [ 131.388039][ T7645] BTRFS info (device loop0): disabling free space tree [ 131.401653][ T7645] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 131.411607][ T7652] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm [pid 7651] ioctl(4, LOOP_SET_FD, 3 [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7647, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=21 /* 0.21 s */} --- [pid 5067] umount2("./25", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7651] <... ioctl resumed>) = 0 [pid 5067] <... openat resumed>) = 3 [pid 7651] close(3 [pid 5067] newfstatat(3, "", [pid 7651] <... close resumed>) = 0 [pid 7651] mkdir("./bus", 0777 [pid 5067] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 7651] <... mkdir resumed>) = 0 [pid 5067] getdents64(3, [pid 7651] mount("/dev/loop1", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5067] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5067] umount2("./25/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7650] <... write resumed>) = 16777216 [ 131.420042][ T7652] BTRFS info (device loop4): enabling auto defrag [ 131.427262][ T7651] loop1: detected capacity change from 0 to 32768 [ 131.434827][ T7645] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 131.446294][ T7652] BTRFS info (device loop4): enabling disk space caching [ 131.458831][ T7651] BTRFS: device /dev/loop1 using temp-fsid e56c1188-6c54-4fa8-ae56-81cc6cf389e9 [pid 7650] munmap(0x7f716ab16000, 138412032) = 0 [pid 7650] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 7650] ioctl(4, LOOP_SET_FD, 3 [pid 7645] <... mount resumed>) = 0 [ 131.458920][ T7652] BTRFS info (device loop4): max_inline at 0 [ 131.474796][ T7651] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz-executor383 (7651) [ 131.491917][ T7652] BTRFS info (device loop4): force clearing of disk cache [ 131.499162][ T7652] BTRFS info (device loop4): turning on sync discard [ 131.507626][ T7650] loop5: detected capacity change from 0 to 32768 [pid 7645] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 7650] <... ioctl resumed>) = 0 [pid 7650] close(3 [pid 7645] chdir("./bus" [pid 7650] <... close resumed>) = 0 [pid 7650] mkdir("./bus", 0777 [pid 7645] <... chdir resumed>) = 0 [pid 7650] <... mkdir resumed>) = 0 [ 131.517197][ T7651] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm [ 131.529120][ T7651] BTRFS info (device loop1): enabling auto defrag [ 131.543284][ T7651] BTRFS info (device loop1): enabling disk space caching [ 131.551355][ T7651] BTRFS info (device loop1): max_inline at 0 [ 131.558286][ T7652] BTRFS info (device loop4): disk space caching is enabled [pid 7650] mount("/dev/loop5", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 7645] ioctl(4, LOOP_CLR_FD) = 0 [pid 7645] close(4) = 0 [pid 7645] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [ 131.558601][ T7650] BTRFS: device /dev/loop5 using temp-fsid 00f215a5-3408-4bad-b809-d6f0aac47afc [ 131.565618][ T7651] BTRFS info (device loop1): force clearing of disk cache [ 131.586521][ T7651] BTRFS info (device loop1): turning on sync discard [ 131.593772][ T7651] BTRFS info (device loop1): disk space caching is enabled [pid 7645] pwrite64(4, "2", 1, 55022) = 1 [pid 7645] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 7645] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 7645] ftruncate(5, 43006) = 0 [pid 7645] exit_group(0) = ? [ 131.643770][ T7650] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 scanned by syz-executor383 (7650) [pid 7645] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7645, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=34 /* 0.34 s */} --- [pid 5065] umount2("./25", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 7699] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5065] openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5065] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5065] umount2("./25/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... umount2 resumed>) = 0 [pid 5067] umount2("./25/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 131.749904][ T7650] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm [ 131.789399][ T7650] BTRFS info (device loop5): enabling auto defrag [pid 5067] newfstatat(AT_FDCWD, "./25/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5067] umount2("./25/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./25/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5067] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [ 131.811334][ T7650] BTRFS info (device loop5): enabling disk space caching [ 131.818727][ T7650] BTRFS info (device loop5): max_inline at 0 [ 131.824659][ T7652] BTRFS info (device loop4): enabling ssd optimizations [ 131.825458][ T7650] BTRFS info (device loop5): force clearing of disk cache [ 131.840945][ T7650] BTRFS info (device loop5): turning on sync discard [ 131.848830][ T7651] BTRFS info (device loop1): enabling ssd optimizations [pid 5067] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5067] close(4) = 0 [pid 5067] rmdir("./25/bus") = 0 [pid 5067] umount2("./25/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] newfstatat(AT_FDCWD, "./25/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5067] unlink("./25/binderfs") = 0 [pid 5067] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5067] rmdir("./25") = 0 [ 131.849055][ T7650] BTRFS info (device loop5): disk space caching is enabled [ 131.861639][ T7652] BTRFS info (device loop4): rebuilding free space tree [pid 5067] mkdir("./26", 0777) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD) = 0 [pid 5067] close(3) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7741 attached , child_tidptr=0x555556d0c650) = 7741 [pid 7741] set_robust_list(0x555556d0c660, 24) = 0 [ 131.904700][ T7651] BTRFS info (device loop1): rebuilding free space tree [ 131.933536][ T7652] BTRFS info (device loop4): disabling free space tree [ 131.940443][ T7652] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [pid 7741] chdir("./26" [pid 5065] <... umount2 resumed>) = 0 [pid 5065] umount2("./25/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] newfstatat(AT_FDCWD, "./25/bus", [pid 7741] <... chdir resumed>) = 0 [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 7741] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5065] umount2("./25/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7741] setpgid(0, 0) = 0 [pid 5065] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7741] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5065] openat(AT_FDCWD, "./25/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 7741] <... openat resumed>) = 3 [pid 5065] <... openat resumed>) = 4 [pid 7741] write(3, "1000", 4) = 4 [pid 5065] newfstatat(4, "", [pid 7741] close(3) = 0 [ 131.987451][ T7651] BTRFS info (device loop1): disabling free space tree [ 132.023165][ T7652] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [pid 5065] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 7741] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5065] getdents64(4, [pid 7741] memfd_create("syzkaller", 0 [pid 5065] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 7741] <... memfd_create resumed>) = 3 [pid 5065] getdents64(4, [pid 7741] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5065] <... getdents64 resumed>0x555556d15730 /* 0 entries */, 32768) = 0 [pid 7741] <... mmap resumed>) = 0x7f716ab16000 [pid 5065] close(4) = 0 [pid 5065] rmdir("./25/bus") = 0 [pid 5065] umount2("./25/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] newfstatat(AT_FDCWD, "./25/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5065] unlink("./25/binderfs") = 0 [pid 5065] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5065] close(3) = 0 [pid 5065] rmdir("./25") = 0 [pid 5065] mkdir("./26", 0777) = 0 [pid 7699] <... write resumed>) = 16777216 [pid 5065] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5065] ioctl(3, LOOP_CLR_FD) = 0 [pid 5065] close(3) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7748 attached [pid 7699] munmap(0x7f716ab16000, 138412032 [pid 7748] set_robust_list(0x555556d0c660, 24 [pid 5065] <... clone resumed>, child_tidptr=0x555556d0c650) = 7748 [pid 7748] <... set_robust_list resumed>) = 0 [pid 7748] chdir("./26") = 0 [ 132.040928][ T7651] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [pid 7748] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7699] <... munmap resumed>) = 0 [pid 7748] setpgid(0, 0) = 0 [pid 7748] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7699] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 7699] ioctl(4, LOOP_SET_FD, 3 [pid 7748] write(3, "1000", 4 [pid 7699] <... ioctl resumed>) = 0 [pid 7748] <... write resumed>) = 4 [pid 7748] close(3) = 0 [pid 7699] close(3) = 0 [pid 7748] symlink("/dev/binderfs", "./binderfs" [pid 7699] mkdir("./bus", 0777 [pid 7748] <... symlink resumed>) = 0 [pid 7748] memfd_create("syzkaller", 0 [pid 7699] <... mkdir resumed>) = 0 [pid 7699] mount("/dev/loop3", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 7748] <... memfd_create resumed>) = 3 [pid 7748] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [ 132.097384][ T7651] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 132.107660][ T7650] BTRFS info (device loop5): enabling ssd optimizations [ 132.122254][ T7699] loop3: detected capacity change from 0 to 32768 [pid 7652] <... mount resumed>) = 0 [pid 7652] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 7652] chdir("./bus") = 0 [pid 7651] <... mount resumed>) = 0 [pid 7652] ioctl(4, LOOP_CLR_FD [pid 7651] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 7652] <... ioctl resumed>) = 0 [pid 7651] <... openat resumed>) = 3 [pid 7652] close(4 [pid 7651] chdir("./bus" [pid 7652] <... close resumed>) = 0 [pid 7651] <... chdir resumed>) = 0 [pid 7652] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 7651] ioctl(4, LOOP_CLR_FD [pid 7652] <... open resumed>) = 4 [pid 7651] <... ioctl resumed>) = 0 [pid 7652] pwrite64(4, "2", 1, 55022 [pid 7651] close(4) = 0 [ 132.145755][ T7699] BTRFS: device /dev/loop3 using temp-fsid 39837f12-d1ae-4ab2-80ae-e25d6277e78f [ 132.158321][ T7650] BTRFS info (device loop5): rebuilding free space tree [ 132.166502][ T7699] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz-executor383 (7699) [pid 7651] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 7651] pwrite64(4, "2", 1, 55022 [pid 7652] <... pwrite64 resumed>) = 1 [pid 7652] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 7651] <... pwrite64 resumed>) = 1 [pid 7651] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 7652] <... openat resumed>) = 5 [pid 7651] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 7651] ftruncate(5, 43006) = 0 [pid 7652] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 7651] exit_group(0) = ? [pid 7652] <... write resumed>) = 65191 [pid 7651] +++ exited with 0 +++ [pid 7652] ftruncate(5, 43006 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7651, si_uid=0, si_status=0, si_utime=0, si_stime=42 /* 0.42 s */} --- [pid 5066] restart_syscall(<... resuming interrupted clone ...> [pid 7652] <... ftruncate resumed>) = 0 [pid 5066] <... restart_syscall resumed>) = 0 [ 132.248581][ T7650] BTRFS info (device loop5): disabling free space tree [ 132.272946][ T7699] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm [pid 5066] umount2("./26", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5066] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5066] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5066] umount2("./26/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7652] exit_group(0) = ? [pid 7652] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7652, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=35 /* 0.35 s */} --- [pid 5069] umount2("./25", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [ 132.296939][ T7650] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 132.309547][ T7699] BTRFS info (device loop3): enabling auto defrag [ 132.350635][ T7650] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 132.352242][ T7699] BTRFS info (device loop3): enabling disk space caching [pid 5069] umount2("./25/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7741] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7650] <... mount resumed>) = 0 [pid 7650] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 7650] chdir("./bus") = 0 [pid 7650] ioctl(4, LOOP_CLR_FD) = 0 [pid 7650] close(4) = 0 [pid 7650] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [ 132.445174][ T7699] BTRFS info (device loop3): max_inline at 0 [pid 7650] pwrite64(4, "2", 1, 55022) = 1 [pid 7650] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 7650] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 7650] ftruncate(5, 43006) = 0 [pid 7650] exit_group(0) = ? [pid 7650] +++ exited with 0 +++ [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7650, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=40 /* 0.40 s */} --- [pid 5070] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5070] umount2("./25", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 132.492115][ T7699] BTRFS info (device loop3): force clearing of disk cache [ 132.499272][ T7699] BTRFS info (device loop3): turning on sync discard [pid 5070] openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] <... umount2 resumed>) = 0 [pid 5070] <... openat resumed>) = 3 [pid 5069] umount2("./25/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] newfstatat(3, "", [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] newfstatat(AT_FDCWD, "./25/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] umount2("./25/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] getdents64(3, [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 5069] openat(AT_FDCWD, "./25/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 5069] rmdir("./25/bus") = 0 [pid 5066] <... umount2 resumed>) = 0 [pid 5070] umount2("./25/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] umount2("./25/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] umount2("./26/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] newfstatat(AT_FDCWD, "./25/binderfs", [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] unlink("./25/binderfs" [pid 5066] newfstatat(AT_FDCWD, "./26/bus", [pid 5069] <... unlink resumed>) = 0 [pid 5066] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5066] umount2("./26/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] getdents64(3, [pid 5066] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./25") = 0 [pid 5066] openat(AT_FDCWD, "./26/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5066] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] mkdir("./26", 0777 [pid 5066] getdents64(4, [pid 5069] <... mkdir resumed>) = 0 [pid 5066] <... getdents64 resumed>0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5066] close(4) = 0 [pid 5069] ioctl(3, LOOP_CLR_FD) = 0 [pid 5069] close(3) = 0 [pid 5066] rmdir("./26/bus" [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5066] <... rmdir resumed>) = 0 [ 132.571208][ T7699] BTRFS info (device loop3): disk space caching is enabled [pid 5066] umount2("./26/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] newfstatat(AT_FDCWD, "./26/binderfs", [pid 5069] <... clone resumed>, child_tidptr=0x555556d0c650) = 7755 [pid 5066] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 ./strace-static-x86_64: Process 7755 attached [pid 5066] unlink("./26/binderfs" [pid 7755] set_robust_list(0x555556d0c660, 24) = 0 [pid 7755] chdir("./26" [pid 5066] <... unlink resumed>) = 0 [pid 7755] <... chdir resumed>) = 0 [pid 7755] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7755] setpgid(0, 0) = 0 [pid 7755] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5066] getdents64(3, [pid 7755] <... openat resumed>) = 3 [pid 5066] <... getdents64 resumed>0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 7755] write(3, "1000", 4 [pid 5066] close(3 [pid 7755] <... write resumed>) = 4 [pid 5066] <... close resumed>) = 0 [pid 7755] close(3) = 0 [pid 7748] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5066] rmdir("./26" [pid 7755] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5066] <... rmdir resumed>) = 0 [pid 7755] memfd_create("syzkaller", 0 [pid 5066] mkdir("./27", 0777 [pid 7755] <... memfd_create resumed>) = 3 [pid 5066] <... mkdir resumed>) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 7755] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5066] ioctl(3, LOOP_CLR_FD [pid 7755] <... mmap resumed>) = 0x7f716ab16000 [pid 5066] <... ioctl resumed>) = 0 [pid 5066] close(3) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7763 attached , child_tidptr=0x555556d0c650) = 7763 [pid 7763] set_robust_list(0x555556d0c660, 24) = 0 [pid 7763] chdir("./27") = 0 [pid 7763] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7763] setpgid(0, 0) = 0 [pid 7763] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7763] write(3, "1000", 4) = 4 [pid 7763] close(3) = 0 [pid 7763] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7763] memfd_create("syzkaller", 0) = 3 [pid 7763] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 7755] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5070] <... umount2 resumed>) = 0 [pid 5070] umount2("./25/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] newfstatat(AT_FDCWD, "./25/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] umount2("./25/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] openat(AT_FDCWD, "./25/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5070] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 5070] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [ 132.840778][ T7699] BTRFS info (device loop3): enabling ssd optimizations [ 132.871456][ T7699] BTRFS info (device loop3): rebuilding free space tree [pid 5070] close(4) = 0 [pid 5070] rmdir("./25/bus") = 0 [ 132.915243][ T7699] BTRFS info (device loop3): disabling free space tree [pid 5070] umount2("./25/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] newfstatat(AT_FDCWD, "./25/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] unlink("./25/binderfs") = 0 [pid 5070] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5070] close(3) = 0 [pid 5070] rmdir("./25") = 0 [pid 5070] mkdir("./26", 0777) = 0 [ 132.960619][ T7699] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 132.971474][ T7699] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [pid 5070] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5070] ioctl(3, LOOP_CLR_FD) = 0 [pid 5070] close(3) = 0 [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d0c650) = 7769 ./strace-static-x86_64: Process 7769 attached [pid 7699] <... mount resumed>) = 0 [pid 7769] set_robust_list(0x555556d0c660, 24) = 0 [pid 7699] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 7769] chdir("./26" [pid 7699] <... openat resumed>) = 3 [pid 7769] <... chdir resumed>) = 0 [pid 7769] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 7699] chdir("./bus" [pid 7769] <... prctl resumed>) = 0 [pid 7769] setpgid(0, 0 [pid 7699] <... chdir resumed>) = 0 [pid 7769] <... setpgid resumed>) = 0 [pid 7699] ioctl(4, LOOP_CLR_FD) = 0 [pid 7769] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7699] close(4 [pid 7741] <... write resumed>) = 16777216 [pid 7769] write(3, "1000", 4 [pid 7699] <... close resumed>) = 0 [pid 7741] munmap(0x7f716ab16000, 138412032) = 0 [pid 7769] <... write resumed>) = 4 [pid 7699] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 7769] close(3 [pid 7741] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 7741] ioctl(4, LOOP_SET_FD, 3 [pid 7769] <... close resumed>) = 0 [pid 7699] <... open resumed>) = 4 [pid 7769] symlink("/dev/binderfs", "./binderfs" [pid 7699] pwrite64(4, "2", 1, 55022 [pid 7769] <... symlink resumed>) = 0 [pid 7699] <... pwrite64 resumed>) = 1 [pid 7769] memfd_create("syzkaller", 0 [pid 7699] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 7741] <... ioctl resumed>) = 0 [pid 7741] close(3) = 0 [pid 7699] <... openat resumed>) = 5 [pid 7741] mkdir("./bus", 0777 [pid 7699] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191 [pid 7741] <... mkdir resumed>) = 0 [ 133.150731][ T7741] loop2: detected capacity change from 0 to 32768 [pid 7769] <... memfd_create resumed>) = 3 [pid 7741] mount("/dev/loop2", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 7699] <... write resumed>) = 65191 [pid 7769] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [pid 7763] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7699] ftruncate(5, 43006) = 0 [pid 7699] exit_group(0) = ? [ 133.233492][ T7741] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz-executor383 (7741) [pid 7699] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7699, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=26 /* 0.26 s */} --- [pid 5068] umount2("./25", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [ 133.308197][ T7741] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm [pid 5068] umount2("./25/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7755] <... write resumed>) = 16777216 [ 133.355505][ T7741] BTRFS info (device loop2): enabling auto defrag [ 133.392926][ T7741] BTRFS info (device loop2): enabling disk space caching [pid 7755] munmap(0x7f716ab16000, 138412032) = 0 [pid 7748] <... write resumed>) = 16777216 [pid 7755] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 7748] munmap(0x7f716ab16000, 138412032) = 0 [pid 7755] ioctl(4, LOOP_SET_FD, 3 [pid 7748] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 7755] <... ioctl resumed>) = 0 [pid 7748] <... openat resumed>) = 4 [ 133.416934][ T7741] BTRFS info (device loop2): max_inline at 0 [ 133.423116][ T7741] BTRFS info (device loop2): force clearing of disk cache [ 133.430266][ T7741] BTRFS info (device loop2): turning on sync discard [ 133.437573][ T7741] BTRFS info (device loop2): disk space caching is enabled [ 133.458556][ T7755] loop4: detected capacity change from 0 to 32768 [pid 7755] close(3 [pid 7748] ioctl(4, LOOP_SET_FD, 3 [pid 7755] <... close resumed>) = 0 [pid 7755] mkdir("./bus", 0777 [pid 7748] <... ioctl resumed>) = 0 [pid 7755] <... mkdir resumed>) = 0 [pid 5068] <... umount2 resumed>) = 0 [pid 7755] mount("/dev/loop4", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5068] umount2("./25/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] newfstatat(AT_FDCWD, "./25/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 7748] close(3 [ 133.511571][ T7748] loop0: detected capacity change from 0 to 32768 [ 133.535478][ T7755] BTRFS: device /dev/loop4 using temp-fsid 542085f8-e02d-40a3-a3af-dad860451c23 [pid 5068] umount2("./25/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7748] <... close resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7748] mkdir("./bus", 0777 [pid 5068] openat(AT_FDCWD, "./25/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5068] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 7748] <... mkdir resumed>) = 0 [pid 5068] getdents64(4, 0x555556d15730 /* 2 entries */, 32768) = 48 [pid 7748] mount("/dev/loop0", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5068] getdents64(4, 0x555556d15730 /* 0 entries */, 32768) = 0 [ 133.560986][ T7755] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz-executor383 (7755) [ 133.601430][ T7755] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm [pid 5068] close(4) = 0 [pid 5068] rmdir("./25/bus") = 0 [pid 5068] umount2("./25/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] newfstatat(AT_FDCWD, "./25/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] unlink("./25/binderfs") = 0 [pid 5068] getdents64(3, 0x555556d0d6f0 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5068] rmdir("./25") = 0 [pid 5068] mkdir("./26", 0777) = 0 [ 133.612227][ T7748] BTRFS: device /dev/loop0 using temp-fsid 6db1961a-94da-4f4a-b127-2d25d8c7e585 [pid 5068] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD) = 0 [pid 5068] close(3) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 7785 attached , child_tidptr=0x555556d0c650) = 7785 [pid 7785] set_robust_list(0x555556d0c660, 24) = 0 [pid 7785] chdir("./26") = 0 [pid 7785] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 7785] setpgid(0, 0) = 0 [pid 7785] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 7785] write(3, "1000", 4) = 4 [ 133.673380][ T7755] BTRFS info (device loop4): enabling auto defrag [ 133.674141][ T7748] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz-executor383 (7748) [ 133.685843][ T7755] BTRFS info (device loop4): enabling disk space caching [ 133.706742][ T7755] BTRFS info (device loop4): max_inline at 0 [ 133.713785][ T7755] BTRFS info (device loop4): force clearing of disk cache [pid 7785] close(3) = 0 [pid 7769] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7785] symlink("/dev/binderfs", "./binderfs") = 0 [pid 7785] memfd_create("syzkaller", 0) = 3 [pid 7785] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f716ab16000 [ 133.729429][ T7755] BTRFS info (device loop4): turning on sync discard [ 133.755548][ T7755] BTRFS info (device loop4): disk space caching is enabled [ 133.806534][ T7748] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm [ 133.841040][ T7741] BTRFS info (device loop2): enabling ssd optimizations [ 133.850600][ T7748] BTRFS info (device loop0): enabling auto defrag [ 133.857111][ T7748] BTRFS info (device loop0): enabling disk space caching [ 133.864863][ T7748] BTRFS info (device loop0): max_inline at 0 [ 133.871168][ T7748] BTRFS info (device loop0): force clearing of disk cache [ 133.878406][ T7748] BTRFS info (device loop0): turning on sync discard [ 133.896368][ T7741] BTRFS info (device loop2): rebuilding free space tree [pid 7763] <... write resumed>) = 16777216 [pid 7763] munmap(0x7f716ab16000, 138412032) = 0 [pid 7763] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 7763] ioctl(4, LOOP_SET_FD, 3) = 0 [ 133.913498][ T7748] BTRFS info (device loop0): disk space caching is enabled [ 133.933588][ T7741] BTRFS info (device loop2): disabling free space tree [ 133.945738][ T7741] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 133.955751][ T7763] loop1: detected capacity change from 0 to 32768 [pid 7763] close(3) = 0 [pid 7763] mkdir("./bus", 0777) = 0 [ 133.974286][ T7741] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 133.988959][ T7763] BTRFS: device /dev/loop1 using temp-fsid 739fc6cb-efc9-4c4e-9798-c8b72770f8bc [ 134.011327][ T7763] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz-executor383 (7763) [pid 7763] mount("/dev/loop1", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 7741] <... mount resumed>) = 0 [pid 7741] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 7741] chdir("./bus") = 0 [pid 7741] ioctl(4, LOOP_CLR_FD) = 0 [ 134.048629][ T7755] BTRFS info (device loop4): enabling ssd optimizations [ 134.063524][ T7755] BTRFS info (device loop4): rebuilding free space tree [ 134.077717][ T7763] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm [pid 7741] close(4) = 0 [pid 7741] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 7741] pwrite64(4, "2", 1, 55022) = 1 [ 134.101966][ T7755] BTRFS info (device loop4): disabling free space tree [ 134.108884][ T7755] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 134.124957][ T7763] BTRFS info (device loop1): enabling auto defrag [ 134.136561][ T7748] BTRFS info (device loop0): enabling ssd optimizations [pid 7741] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 7785] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 7741] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [ 134.158212][ T7763] BTRFS info (device loop1): enabling disk space caching [ 134.164809][ T7755] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 134.171443][ T7748] BTRFS info (device loop0): rebuilding free space tree [ 134.184111][ T7763] BTRFS info (device loop1): max_inline at 0 [ 134.190141][ T7763] BTRFS info (device loop1): force clearing of disk cache [pid 7741] ftruncate(5, 43006) = 0 [pid 7741] exit_group(0) = ? [pid 7741] +++ exited with 0 +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7741, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=43 /* 0.43 s */} --- [pid 5067] umount2("./26", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 134.204979][ T7748] BTRFS info (device loop0): disabling free space tree [ 134.214325][ T7748] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 134.224301][ T7763] BTRFS info (device loop1): turning on sync discard [ 134.242790][ T7748] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [pid 7755] <... mount resumed>) = 0 [pid 5067] getdents64(3, [pid 7755] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5067] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 7755] chdir("./bus" [pid 5067] umount2("./26/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7755] <... chdir resumed>) = 0 [pid 7769] <... write resumed>) = 16777216 [pid 7755] ioctl(4, LOOP_CLR_FD) = 0 [pid 7769] munmap(0x7f716ab16000, 138412032 [pid 7755] close(4 [pid 7769] <... munmap resumed>) = 0 [pid 7755] <... close resumed>) = 0 [pid 7755] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [ 134.243340][ T7763] BTRFS info (device loop1): disk space caching is enabled [pid 7755] pwrite64(4, "2", 1, 55022) = 1 [pid 7755] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 7755] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [pid 7769] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 7755] ftruncate(5, 43006 [pid 7769] <... openat resumed>) = 4 [pid 7769] ioctl(4, LOOP_SET_FD, 3 [pid 7748] <... mount resumed>) = 0 [pid 7755] <... ftruncate resumed>) = 0 [pid 7755] exit_group(0) = ? [pid 7755] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7755, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=32 /* 0.32 s */} --- [pid 7748] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5069] umount2("./26", MNT_DETACH|UMOUNT_NOFOLLOW [pid 7748] <... openat resumed>) = 3 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 7748] chdir("./bus") = 0 [pid 7748] ioctl(4, LOOP_CLR_FD) = 0 [pid 7748] close(4) = 0 [pid 7748] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4 [pid 7748] pwrite64(4, "2", 1, 55022 [pid 5069] openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 134.303726][ T5067] BTRFS info (device loop2): at unmount dio bytes count 45056 [ 134.316584][ T7769] loop5: detected capacity change from 0 to 32768 [ 134.352224][ T5067] ------------[ cut here ]------------ [ 134.357746][ T5067] WARNING: CPU: 0 PID: 5067 at fs/btrfs/block-group.c:159 btrfs_put_block_group+0x2c9/0x330 [ 134.367890][ T5067] Modules linked in: [ 134.371843][ T5067] CPU: 0 PID: 5067 Comm: syz-executor383 Not tainted 6.6.0-syzkaller-15029-gbe3ca57cfb77 #0 [ 134.381943][ T5067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023 [ 134.392073][ T5067] RIP: 0010:btrfs_put_block_group+0x2c9/0x330 [ 134.398164][ T5067] Code: 48 8d b8 e0 15 00 00 e8 f5 70 01 00 e9 b8 fe ff ff e8 db ca 43 fe e9 1f fe ff ff e8 d1 ca 43 fe e9 d7 fd ff ff e8 07 da ec fd <0f> 0b e9 61 fe ff ff e8 bb ca 43 fe e9 b5 fe ff ff e8 b1 ca 43 fe [ 134.417858][ T5067] RSP: 0018:ffffc90003a1fb48 EFLAGS: 00010293 [ 134.424029][ T5067] RAX: 0000000000000000 RBX: ffff888026356000 RCX: ffffffff839bc0d8 [ 134.432048][ T5067] RDX: ffff888061868000 RSI: ffffffff839bc279 RDI: 0000000000000007 [ 134.440035][ T5067] RBP: 000000000000b000 R08: 0000000000000007 R09: 0000000000000000 [ 134.448044][ T5067] R10: 000000000000b000 R11: 1ffff11004f89c32 R12: ffff888060c28000 [ 134.456089][ T5067] R13: 0000000000000001 R14: ffff888026356160 R15: ffff888026356000 [ 134.464108][ T5067] FS: 0000555556d0c380(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 [ 134.473080][ T5067] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 134.479672][ T5067] CR2: 00007f7172fd2100 CR3: 000000007ef04000 CR4: 0000000000350ef0 [ 134.488185][ T5067] Call Trace: [ 134.491494][ T5067] [ 134.494425][ T5067] ? show_regs+0x8f/0xa0 [ 134.498671][ T5067] ? __warn+0xe6/0x380 [ 134.502772][ T5067] ? btrfs_put_block_group+0x2c9/0x330 [ 134.508264][ T5067] ? report_bug+0x3bc/0x580 [ 134.512835][ T5067] ? handle_bug+0x3c/0x70 [ 134.517178][ T5067] ? exc_invalid_op+0x17/0x40 [ 134.521932][ T5067] ? asm_exc_invalid_op+0x1a/0x20 [ 134.526989][ T5067] ? btrfs_put_block_group+0x128/0x330 [ 134.532532][ T5067] ? btrfs_put_block_group+0x2c9/0x330 [ 134.538016][ T5067] ? btrfs_put_block_group+0x2c9/0x330 [ 134.543539][ T5067] ? btrfs_put_block_group+0x2c9/0x330 [pid 7769] <... ioctl resumed>) = 0 [pid 5069] newfstatat(3, "", [pid 7769] close(3 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 7769] <... close resumed>) = 0 [pid 5069] getdents64(3, [pid 7769] mkdir("./bus", 0777 [pid 5069] <... getdents64 resumed>0x555556d0d6f0 /* 4 entries */, 32768) = 104 [pid 7769] <... mkdir resumed>) = 0 [pid 5069] umount2("./26/bus", MNT_DETACH|UMOUNT_NOFOLLOW [ 134.549024][ T5067] btrfs_free_block_groups+0x9f5/0x13d0 [ 134.554621][ T5067] ? free_root_pointers+0x7cd/0xa90 [ 134.559829][ T5067] close_ctree+0x8c4/0xdd0 [ 134.564309][ T5067] ? btrfs_cleanup_transaction.isra.0+0x1200/0x1200 [ 134.570965][ T5067] ? collect_domain_accesses+0x290/0x290 [ 134.576617][ T5067] ? __fsnotify_vfsmount_delete+0x20/0x20 [ 134.582621][ T5067] ? dispose_list+0x1e0/0x1e0 [ 134.588878][ T5067] ? fscrypt_destroy_keyring+0x1e/0x3d0 [ 134.589910][ T7769] BTRFS: device /dev/loop5 using temp-fsid eddf0fb0-2989-4dea-bdce-15f4bc0adaf5 [pid 7769] mount("/dev/loop5", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 7785] <... write resumed>) = 16777216 [pid 7748] <... pwrite64 resumed>) = 1 [pid 7785] munmap(0x7f716ab16000, 138412032 [ 134.594485][ T5067] ? btrfs_set_super+0x70/0x70 [ 134.594532][ T5067] generic_shutdown_super+0x161/0x3c0 [ 134.613720][ T5067] kill_anon_super+0x3a/0x60 [ 134.618327][ T5067] btrfs_kill_super+0x3b/0x50 [ 134.623047][ T5067] deactivate_locked_super+0xbc/0x1a0 [ 134.628462][ T5067] deactivate_super+0xde/0x100 [ 134.628537][ T7769] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 scanned by syz-executor383 (7769) [ 134.633312][ T5067] cleanup_mnt+0x222/0x450 [pid 7748] openat(AT_FDCWD, "memory.swap.current", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 7785] <... munmap resumed>) = 0 [pid 7748] <... openat resumed>) = 5 [pid 7748] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65191) = 65191 [ 134.650587][ T5067] task_work_run+0x14d/0x240 [ 134.656289][ T5067] ? task_work_cancel+0x30/0x30 [ 134.661253][ T5067] ptrace_notify+0x10c/0x130 [ 134.666623][ T5067] syscall_exit_to_user_mode_prepare+0x120/0x220 [ 134.673021][ T5067] syscall_exit_to_user_mode+0xd/0x60 [ 134.678427][ T5067] do_syscall_64+0x4b/0x110 [ 134.682990][ T5067] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 134.688920][ T5067] RIP: 0033:0x7f7172f56677 [ 134.693389][ T5067] Code: 07 00 48 83 c4 08 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 [ 134.713047][ T5067] RSP: 002b:00007ffe85c2eed8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a6 [ 134.721522][ T5067] RAX: 0000000000000000 RBX: 0000000000020373 RCX: 00007f7172f56677 [ 134.729517][ T5067] RDX: 0000000000000000 RSI: 000000000000000a RDI: 00007ffe85c2ef90 [ 134.737544][ T5067] RBP: 00007ffe85c2ef90 R08: 0000000000000000 R09: 0000000000000000 [ 134.745563][ T5067] R10: 00000000ffffffff R11: 0000000000000206 R12: 00007ffe85c30000 [pid 7785] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 7748] ftruncate(5, 43006 [pid 7785] <... openat resumed>) = 4 [pid 7748] <... ftruncate resumed>) = 0 [pid 7785] ioctl(4, LOOP_SET_FD, 3 [pid 7748] exit_group(0 [pid 7785] <... ioctl resumed>) = 0 [pid 7748] <... exit_group resumed>) = ? [pid 7748] +++ exited with 0 +++ [pid 7785] close(3 [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7748, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=39 /* 0.39 s */} --- [pid 7785] <... close resumed>) = 0 [pid 7785] mkdir("./bus", 0777) = 0 [pid 5065] umount2("./26", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5065] openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 7785] mount("/dev/loop3", "./bus", "btrfs", MS_NOEXEC, "autodefrag,autodefrag,space_cache=v1,max_inline=%,clear_cache,discard,noenospc_debug,barrier,thread_"... [pid 5065] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5065] getdents64(3, 0x555556d0d6f0 /* 4 entries */, 32768) = 104 [ 134.753629][ T5067] R13: 0000555556d0d6c0 R14: 431bde82d7b634db R15: 00007ffe85c30020 [ 134.761648][ T5067] [ 134.764677][ T5067] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 134.769715][ T7785] loop3: detected capacity change from 0 to 32768 [ 134.778346][ T5067] CPU: 0 PID: 5067 Comm: syz-executor383 Not tainted 6.6.0-syzkaller-15029-gbe3ca57cfb77 #0 [ 134.788420][ T5067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023 [ 134.798466][ T5067] Call Trace: [ 134.801736][ T5067] [ 134.804656][ T5067] dump_stack_lvl+0xd9/0x1b0 [ 134.809252][ T5067] panic+0x6dc/0x790 [ 134.813142][ T5067] ? panic_smp_self_stop+0xa0/0xa0 [ 134.818255][ T5067] ? show_trace_log_lvl+0x363/0x4f0 [ 134.823454][ T5067] ? check_panic_on_warn+0x1f/0xb0 [ 134.828560][ T5067] ? btrfs_put_block_group+0x2c9/0x330 [ 134.834023][ T5067] check_panic_on_warn+0xab/0xb0 [ 134.839007][ T5067] __warn+0xf2/0x380 [ 134.842898][ T5067] ? btrfs_put_block_group+0x2c9/0x330 [ 134.848355][ T5067] report_bug+0x3bc/0x580 [ 134.852681][ T5067] handle_bug+0x3c/0x70 [ 134.856835][ T5067] exc_invalid_op+0x17/0x40 [ 134.861332][ T5067] asm_exc_invalid_op+0x1a/0x20 [ 134.866182][ T5067] RIP: 0010:btrfs_put_block_group+0x2c9/0x330 [ 134.872252][ T5067] Code: 48 8d b8 e0 15 00 00 e8 f5 70 01 00 e9 b8 fe ff ff e8 db ca 43 fe e9 1f fe ff ff e8 d1 ca 43 fe e9 d7 fd ff ff e8 07 da ec fd <0f> 0b e9 61 fe ff ff e8 bb ca 43 fe e9 b5 fe ff ff e8 b1 ca 43 fe [ 134.891849][ T5067] RSP: 0018:ffffc90003a1fb48 EFLAGS: 00010293 [ 134.897909][ T5067] RAX: 0000000000000000 RBX: ffff888026356000 RCX: ffffffff839bc0d8 [ 134.905869][ T5067] RDX: ffff888061868000 RSI: ffffffff839bc279 RDI: 0000000000000007 [ 134.913827][ T5067] RBP: 000000000000b000 R08: 0000000000000007 R09: 0000000000000000 [ 134.921786][ T5067] R10: 000000000000b000 R11: 1ffff11004f89c32 R12: ffff888060c28000 [ 134.929742][ T5067] R13: 0000000000000001 R14: ffff888026356160 R15: ffff888026356000 [ 134.937707][ T5067] ? btrfs_put_block_group+0x128/0x330 [ 134.943172][ T5067] ? btrfs_put_block_group+0x2c9/0x330 [ 134.948628][ T5067] ? btrfs_put_block_group+0x2c9/0x330 [ 134.954082][ T5067] btrfs_free_block_groups+0x9f5/0x13d0 [ 134.959631][ T5067] ? free_root_pointers+0x7cd/0xa90 [ 134.964844][ T5067] close_ctree+0x8c4/0xdd0 [ 134.969258][ T5067] ? btrfs_cleanup_transaction.isra.0+0x1200/0x1200 [ 134.975840][ T5067] ? collect_domain_accesses+0x290/0x290 [ 134.981464][ T5067] ? __fsnotify_vfsmount_delete+0x20/0x20 [ 134.987174][ T5067] ? dispose_list+0x1e0/0x1e0 [ 134.991841][ T5067] ? fscrypt_destroy_keyring+0x1e/0x3d0 [ 134.997386][ T5067] ? btrfs_set_super+0x70/0x70 [ 135.002140][ T5067] generic_shutdown_super+0x161/0x3c0 [ 135.007504][ T5067] kill_anon_super+0x3a/0x60 [ 135.012084][ T5067] btrfs_kill_super+0x3b/0x50 [ 135.016749][ T5067] deactivate_locked_super+0xbc/0x1a0 [ 135.022113][ T5067] deactivate_super+0xde/0x100 [ 135.026868][ T5067] cleanup_mnt+0x222/0x450 [ 135.031285][ T5067] task_work_run+0x14d/0x240 [ 135.035875][ T5067] ? task_work_cancel+0x30/0x30 [ 135.040731][ T5067] ptrace_notify+0x10c/0x130 [ 135.045315][ T5067] syscall_exit_to_user_mode_prepare+0x120/0x220 [ 135.051635][ T5067] syscall_exit_to_user_mode+0xd/0x60 [ 135.057003][ T5067] do_syscall_64+0x4b/0x110 [ 135.061499][ T5067] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 135.067388][ T5067] RIP: 0033:0x7f7172f56677 [ 135.071791][ T5067] Code: 07 00 48 83 c4 08 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 [ 135.091393][ T5067] RSP: 002b:00007ffe85c2eed8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a6 [ 135.099794][ T5067] RAX: 0000000000000000 RBX: 0000000000020373 RCX: 00007f7172f56677 [ 135.107752][ T5067] RDX: 0000000000000000 RSI: 000000000000000a RDI: 00007ffe85c2ef90 [ 135.115709][ T5067] RBP: 00007ffe85c2ef90 R08: 0000000000000000 R09: 0000000000000000 [ 135.123669][ T5067] R10: 00000000ffffffff R11: 0000000000000206 R12: 00007ffe85c30000 [ 135.131629][ T5067] R13: 0000555556d0d6c0 R14: 431bde82d7b634db R15: 00007ffe85c30020 [ 135.139595][ T5067] [ 135.142845][ T5067] Kernel Offset: disabled [ 135.147231][ T5067] Rebooting in 86400 seconds..